[Snort-users] FW: ERROR: OpenPcap

Michael Steele michaels at ...155...
Wed Jun 19 12:26:03 EDT 2002


Use Snort -W to get a list of adapters. Say you only have one adapter,
so it should show your adapter in location 1.  CD to your snort folder
and type Snort -v -i1 and that will allow snort to sniff on adapter 1.
After doing this you should see all kinds of traffic in the command
window, if not go to your browser and generate some traffic.

Let me know how things go.

 Michael Steele | System Engineer / Support Technician
 mailto:michaels at ...155...
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org

-----Original Message-----
From: Mike Balzotti [mailto:mike.balzotti at ...6139...] 
Sent: Wednesday, June 19, 2002 11:41 AM
To: michaels at ...155...
Subject: ERROR: OpenPcap

I am trying to install snort from your documentation. Upon testing to
make sure it is working I get an error.
The test I am running is 
Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache
Group\Apache\htdocs\logs -ix 
where is x = 1

The snort -v -x1 works fine as far as I can tell.

The error I get on the fist is as fallows

C:\Snort\Snort -c C:\snort\Snort.conf -l C:\Program Files\Apache
Group\Apache\htdocs\logs -ix 
log directory = C:\Program

Initializing Network Interface \
ERROR: OpenPcap() FSM compilation failed:
                parse error
PCAP command: Files\Apache Group\Apache\htdocs\logs -i2
Fatal Error, quitting..

Thanks for your help in this.

Mike Balzotti
Network Systems Technician II
World Wide Packets

More information about the Snort-users mailing list