[Snort-users] snort2.6 BPF issue?

John Hally JHally at ...5637...
Thu Nov 16 14:37:13 EST 2006


Hello all,

I'm having an issue attempting to get the log_packets.sh script from squil
capturing traffic with 2.6.  Essentially whats happening is if I use a BPF
filter to capture traffic, but whether I use the log_packets.sh script or
fire off snort manually using the syntax below I see no traffic at all
either logging to file or printing to screen:


/usr/local/snort2.6/bin/snort -v -i eth1 net 10.0.0.0/8

While:

/usr/local/snort2.6/bin/snort -v -I eth1

Rifles through tons of traffic.

Is BPF filters broken?




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20061116/0e9c7abd/attachment.html>


More information about the Snort-users mailing list