[Snort-users] Barnyard "Invalid packet length" error
Brian.Wolf at ...12180...
Wed Aug 4 13:30:36 EDT 2004
I'm trying to get barnyard working with snort, but it always fails with
an "Invalid packet length" error. My setup is:
RedHat Enterprise AS 3
mysql 12.22 Distrib 4.0.18
Snort, barnyard, and mysql were all built from source and are running on
the same machine.
Snort output config:
output alert_unified: filename snort.binalert, limit 128
output log_unified: filename snort.binlog, limit 128
Snort command line:
/usr/local/snort/bin/snort -i eth0 -D -X -o -c
/usr/local/snort/snort.conf -l /usr/local/snort/log
config hostname: localhost
config interface: lo
config filter: not port 22
output log_acid_db: mysql, database snort, server
localhost, user snort, password <passwd>, detail full
Barnyard command line:
-d /usr/local/snort/log \
-f snort.binlog \
Barnyard Version 0.2.0 (Build 32)
Opened spool file
ERROR: Invalid packet length: 299008
Fatal Error, Quitting..
The number listed as the invalid packet length changes from run to run.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users