[Snort-users] can't log send out packets

Joel Esler jesler at ...1935...
Sat Dec 24 11:28:25 EST 2011

If you run snort -vde on the proper interface, do you are all 8 go past on the screen without analyzation? (-c). 

Joel Esler

On Dec 22, 2011, at 6:51 AM, "hzmiaowang" <hzmiaowang at ...15456...> wrote:

> hi:
>    I install snort 2.9.1 on win7 notebook. There are two network card in my computer.One is wireless,the other is ethernet card. when i enable  wireless netcard,i can get income packets and send packets in mysql database.but when i swich to ethernet netcard ,i can only get income packets,can't get sent packets. so i can only get 4 rows when i use
> alert icmp any any -> any any  (content:"abcd";sid:10007777)   in snort.conf with  ethernet netcad
> from WIN7 ping other IP. while get 8 rows with wireless netcard.
> I install  snort 2.9.1 on another computer with only one netcard. It  work right.(8 rows with ping)
> I want use Snort to log all sql command when i use WIN7 to manager remote ORACLE database.
> when i use   snort -vde -c d:\snort\etc\snort.conf (with ethernet card)
> I can see 8  ping  packets,but why ony 4 income packets be loged?
> thanks lot ,sorry for poor english 
> ------------------------------------------------------------------------------
> Write once. Port to many.
> Get the SDK and tools to simplify cross-platform app development. Create 
> new or port existing apps to sell to consumers worldwide. Explore the 
> Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
> http://p.sf.net/sfu/intel-appdev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

More information about the Snort-users mailing list