Re: snort 3 + mikrotik

[Павлов Алексей Константинович <A.Pavlov () AVIA-CENTR RU>]

Thank's, it's realy works.

-----Original Message-----
From: Jason Hellenthal [mailto:jhellenthal () dataix net] 
Sent: Wednesday, March 28, 2018 1:53 PM
To: Павлов Алексей Константинович
Cc: Snort-users () lists snort org
Subject: Re: [Snort-users] snort 3 + mikrotik

Instead of “-“ try /dev/stdin instead ;-)

-- 

The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.





> On Mar 28, 2018, at 04:26, Павлов Алексей Константинович <A.Pavlov () AVIA-CENTR RU> wrote:
>
> Hi all,
>  
> I try configuration snort v3 to work with mikrotik traffic. For this I install trafr. But command ./trafr -s | snort 
> -c /etc/snort/snort.conf -l /var/log/snort/ -r - produced an error "Error getting stat on file: -: No such file or 
> directory (2) FATAL: Error getting pcaps." If I try command ./trafr -s | tcpdump -r - then traffic read from stdbin. 
> How me configuration snort to read traffic from stdbin?
>  
> Best regards
>  
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists snort org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>
> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette