[Snort-users] ERROR: OpenPcap() device em0 open
Matthew K. Lee
mattl at ...12405...
Fri Sep 10 07:57:01 EDT 2004
Thanks for your assistance.
From: prabu [mailto:prabu333 at ...8908...]
Sent: Thursday, September 09, 2004 11:06 PM
To: Matthew K. Lee; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] ERROR: OpenPcap() device em0 open
>router# /usr/local/bin/snort -c /usr/local/etc/snort.conf -i em0
>Running in IDS mode
>Log directory = /var/log/snort
>Initializing Network Interface em0
>ERROR: OpenPcap() device em0 open:
> (no devices found) /dev/bpf0: Device not configured
>Fatal Error, Quitting..
It seems that ur kernel jave not build with bpf support.So better enable
by following these steps;
The Berkeley Packet Filter (bpf) driver needs to be enabled before
programs that utilize it. Add this to your kernel config file and build
pseudo-device bpfilter # Berkeley Packet Filter
Secondly, after rebooting you will have to create the device node. This
be accomplished by a change to the /dev directory, followed by the
# sh MAKEDEV bpf0
>Is the problem related to GigE and libpcap, or have I done something
>else wrong during the compile? What can be done to fix the issue?
Not relavant to libpcap.It is because,ur kernel doesnot support bpf.
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.756 / Virus Database: 506 - Release Date: 9/8/2004
More information about the Snort-users