[Snort-users] receiving only ICMP packets and no alert are generated in snort 3

Masud Hasan (mashasan) mashasan at cisco.com
Mon Dec 17 11:13:39 EST 2018


Hi Banerjee,

Thanks for reporting those issues. We expect to release new ODP in January, which should have this issue fixed.

Thanks,
Masud

> On Dec 14, 2018, at 12:43 AM, Divyanshu Banerjee via Snort-users <snort-users at lists.snort.org> wrote:
> 
> I am receiving only ICMP packets,
> I have used port mirroring (SPAN) to transfer the packets to my snort machine 
> 
> this is the command using in snort 3
> ( sudo snort -c /usr/local/etc/snort/snort.lua -R /usr/local/etc/snort/rules/local.rules -R /usr/local/etc/snort/rules/snort3-community.rules -i eth0 -A alert_csv -s 65535 -k none -l /var/log/snort
> )
> 
> i have been receiving this message
> lua detector odp_client_QUIC.lua: error validating /usr/local/lib/odp/libs/DetectorCommon.lua:190: attempt to index global 'gDetector' (a nil value)
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
> 
> 	To unsubscribe, send an email to:
> 	snort-users-leave at lists.snort.org
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 
> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette



More information about the Snort-users mailing list