Snort mailing list archives
Re: Snort inline test works but Snort inline doesn't work...
From: Dorian ROSSE via Snort-users <snort-users () lists snort org>
Date: Wed, 15 May 2019 16:47:19 +0000
I went just to push Snort -Q then :
snort -Q
Enabling inline operation
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
ERROR: pcap DAQ does not support inline.
Fatal Error, Quitting..
Now Snort inline test :
When I launch this : snort --enable-inline-test
Snort scan the networks
now try to set up NFQ but It should ready as the ./configure in daq shows :
snort --daq nfq [--daq-var device=enp5s0][--daq-var proto=ipv6][--daq-var queue=0]
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
Snort BPF option: [--daq-var device=enp5s0][--daq-var proto=ipv6][--daq-var queue=0]
nfq DAQ configured to passive.
ERROR: Can't set DAQ BPF filter to '[--daq-var device=enp5s0][--daq-var proto=ipv6][--daq-var queue=0]'
(nfq_daq_set_filter: failed to compile bpf '[--daq-var device=enp5s0][--daq-var proto=ipv6][--daq-var queue=0]')!
Fatal Error, Quitting..
I installed bcc from iovisor It is a BPF programs in C… C#... C++
But for repair Snort I don’t know how to repair,
Thank you in advance to repair the snort,
Regards.
Dorian ROSSE.
Provenance : Courrier<https://go.microsoft.com/fwlink/?LinkId=550986> pour Windows 10
________________________________
De : Joel Esler (jesler) <jesler () cisco com>
Envoyé : Wednesday, May 15, 2019 5:37:53 PM
À : Dorian ROSSE
Cc : snort-users () lists snort org
Objet : Re: [Snort-users] Snort inline test works but Snort inline doesn't work...
Hello Dorian,
It would help us immensely if you could provide some type of log or error that you are seeing.
--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com
On May 14, 2019, at 1:44 PM, Dorian ROSSE via Snort-users <snort-users () lists snort org<mailto:snort-users () lists
snort org>> wrote:
Hello everybody,
Snort inline test works but Snort inline doesn't work...
Thank you in advance to explain how to repair that,
Regards.
Dorian Rosse.
Télécharger Outlook pour Android<https://aka.ms/ghei36>
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org<mailto:Snort-users () lists snort org>
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users
To unsubscribe, send an email to:
snort-users-leave () lists snort org
Please visit http://blog.snort.org to stay current on all the latest Snort news!
Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort inline test works but Snort inline doesn't work... Dorian ROSSE via Snort-users (May 14)
- Re: Snort inline test works but Snort inline doesn't work... Joel Esler (jesler) via Snort-users (May 15)
- Re: Snort inline test works but Snort inline doesn't work... Dorian ROSSE via Snort-users (May 17)
- Re: Snort inline test works but Snort inline doesn't work... Joel Esler (jesler) via Snort-users (May 15)