[Snort-users] ERROR: OpenPcap() device em0 open
prabu333 at ...8908...
Thu Sep 9 21:07:23 EDT 2004
>router# /usr/local/bin/snort -c /usr/local/etc/snort.conf -i em0
>Running in IDS mode
>Log directory = /var/log/snort
>Initializing Network Interface em0
>ERROR: OpenPcap() device em0 open:
> (no devices found) /dev/bpf0: Device not configured
>Fatal Error, Quitting..
It seems that ur kernel jave not build with bpf support.So better enable it
by following these steps;
The Berkeley Packet Filter (bpf) driver needs to be enabled before running
programs that utilize it. Add this to your kernel config file and build a
pseudo-device bpfilter # Berkeley Packet Filter
Secondly, after rebooting you will have to create the device node. This can
be accomplished by a change to the /dev directory, followed by the execution
# sh MAKEDEV bpf0
>Is the problem related to GigE and libpcap, or have I done something
>else wrong during the compile? What can be done to fix the issue?
Not relavant to libpcap.It is because,ur kernel doesnot support bpf.
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.756 / Virus Database: 506 - Release Date: 9/8/2004
More information about the Snort-users