Neil Dickey wrote:
>
> Edwin Chiu <Edwin.Chiue-wares.com> wrote asking:
>
> >Checked the archives, didn't really see any resolution on this issue...
> >
> >Snort 1.7, libpcap 0.6.2, kernel 2.4.4
                             ^^^^^^^^^^^^
I'm running Linux.

> >Tried this:
> >[rootorion bin]# ./snort -i any -c ../etc/snort.conf
> ^^^
> [ ... ]
> >
> >Anything I can do, or should I try out snort 1.8 beta?
>
> You don't specify, but I'm guessing you're running some flavor of unix.
>
> What you're instructing Snort to do on your command line is to open an
> interface named "any", and it can't find it. Normally in unix interface
> names look something like "le0" or "hme0" ( I run Solaris. ). Find out
> what the interface you wish to monitor is called and substitute its name
> for "any" in your command line.

I'm aware of this, but I was under the impression that libpcap and/or
snort could listen to all interfaces with the "-i any" flag, like
tcpdump.

Regards,
Edwin

_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]