[Snort-users] snort2.6 BPF issue?
JHally at ...5637...
Thu Nov 16 14:37:13 EST 2006
I'm having an issue attempting to get the log_packets.sh script from squil
capturing traffic with 2.6. Essentially whats happening is if I use a BPF
filter to capture traffic, but whether I use the log_packets.sh script or
fire off snort manually using the syntax below I see no traffic at all
either logging to file or printing to screen:
/usr/local/snort2.6/bin/snort -v -i eth1 net 10.0.0.0/8
/usr/local/snort2.6/bin/snort -v -I eth1
Rifles through tons of traffic.
Is BPF filters broken?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users