[Snort-users] Error trying to read in tcpdump file

Jason Lewis jlewis at ...1831...
Mon Jun 11 21:53:58 EDT 2001


        --== Initializing Snort ==--
TCPDUMP file reading mode.
Reading network traffic from "/home/jlewis/snort-0611 at ...2234..." file.
snaplen = 1514
ERROR: OpenPcap() FSM compilation failed:
        unknown data link type 0x71
PCAP command: (null)
Fatal Error, Quitting..

Here is the command I am using.

/usr/local/bin/snort -u snort -g snort -c /etc/snort/snort.conf -r
/home/jlewis/snort-0611 at ...2234...

What am I missing?  I am ftping this from a remote sensor to my db server
and trying to replay the file to populate the db.


Jason Lewis
http://www.packetnexus.com
It's not secure "Because they told me it was secure". The people at the
other end of the link know less about security than you do. And that's
scary.






More information about the Snort-users mailing list