Snort mailing list archives
Re: snort3: Active: active.device is mandatory
From: Meridoff via Snort-devel <snort-devel () lists snort org>
Date: Tue, 15 Oct 2019 14:11:26 +0300
Currently if I not cofigured active {}, using defaults for example I have
such thing in log:
" FATAL ERROR: Active response: can't open "
вт, 15 окт. 2019 г. в 14:08, Meridoff <oagvozd () gmail com>:
Hello, if I not configured active.device we have in Active::open (char
*dev) :
* if ( dev && strcasecmp(dev, "ip") )*
* {*
* s_link = eth_open(dev);*
*...*
So here we trying to eth_open for empty device.
May be change for that if no device specifed - we using "ip":
For example:
* if ( dev && strlen(dev) && strcasecmp(dev, "ip") )*
* {*
* s_link = eth_open(dev);*
...
_______________________________________________ Snort-devel mailing list Snort-devel () lists snort org https://lists.snort.org/mailman/listinfo/snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- snort3: Active: active.device is mandatory Meridoff via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Meridoff via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Russ Combs (rucombs) via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Meridoff via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Meridoff via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Russ Combs (rucombs) via Snort-devel (Oct 15)
- Re: snort3: Active: active.device is mandatory Meridoff via Snort-devel (Oct 15)