| Main Archive Page > Month Archives > snort-users archives |
[Snort-users] Two problems
From: Tica <ticagugino_at_nospam>Date: Mon Nov 19 2007 - 15:46:40 GMT
To: snort-users@lists.sourceforge.net
Hi Guys,
I'm having some problems here trying to configure snort. I'm using the latest version 2.8.0.
The first problem is... Snort is not logging to syslog... I already search to the list archives, also I read the FAQs... but I can't find the solution.
This is the command line I'm using to start snort:
/usr/local/bin/snort /usr/local/snort/etc/snort.conf.eth0 -i eth0 -p -s -o
-d -e -I -K ascii -F /usr/local/snort/etc/exclude.conf -l
/var/log/snort/eth0 -D
The config file snort.conf.eth0 have "output alert_syslog: LOG_AUTH LOG_ALERT" too...
The second problem is a little more annoying... If I strip out the "-F
/usr/local/snort/etc/exclude.conf" from snort command line, I get this
error:
Initializing Network Interface eth0
ERROR: OpenPcap() FSM compilation failed:
parse error
PCAP command: /usr/local/snort/etc/snort.conf.eth0
Thanks in advance for your help!!
Best Regards, -- Tica ;-)
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users