[Snort-users] snort error reading tcpdump openbsd
oliver at ...6319...
Sat Jul 13 20:15:02 EDT 2002
I am an openbsd user and this article:
http://www.lucidic.net/whitepapers/manuzis-7-5-2002-1.html was of interest
to me. Yesterday I installed snort and acid and have been very pleased with
Anyway, I want to now sniff my pflogs and put them into mysql. The problem
is that when I type the following command:
/usr/local/bin/snort -r /var/log/pflog
I get the following error:
/usr/local/bin/snort cannot handle data link type 17
I can read pflog with tcpdump but not with snort. Is there another way
around this or am I doing something wrong.
More information about the Snort-users