[Snort-users] Getting an error using -r

Ken Pickering kjp8v at ...4512...
Wed Jan 9 09:49:03 EST 2002


I'm currently using snort 1.8.3 BUILD 88 on a RedHat Linux 7.1 box.

When I excute the command "snort -d -l /root/darpa/1998-6/temp/ -r
/root/darpa/1998-6/mon/tcpdump", everything works fine.

When I change the logging directory to /d2/alerts/1998-6/temp where d2 is
a bigger HD (directories are valid, etc), I get a message that states:

ERROR: OpenLogFile() =>
fopen(/d2/alerts/1998-6/temp/XXX.XX.XXX.XX/TCP:1025-21) log file: Invalid
argument
Fatal Error: Quitting

where the XX's are an IP address.

The permissions on the two directories are the same (755). Anything I
might be doing wrong?

-Ken Pickering





More information about the Snort-users mailing list