Snort mailing list archives
Re: ERROR: can't find nfq DAQ
From: Amal Saeed <amal.saeed () simmons edu>
Date: Wed, 30 Nov 2016 15:05:04 -0500
So I just ran: *snort -i wlan0 -c /etc/snort/snort.conf -T* and Snort successfully validated my configuration. I've tried changing permission on my /var/log/snort directory, but it doesn't take the changes. On Wed, Nov 30, 2016 at 2:59 PM, Al Lewis (allewi) <allewi () cisco com> wrote:
The error is “ERROR: OpenAlertFile() => fopen() alert file /var/log/snort/alert: *Permission denied*" Doesn’t look like snort can write to your logging directory. *Albert Lewis* ENGINEER.SOFTWARE ENGINEERING SOURCE*fire*, Inc. now part of *Cisco* Email: allewi () cisco com From: Amal Saeed <amal.saeed () simmons edu> Date: Wednesday, November 30, 2016 at 2:51 PM To: 'snort-users' <snort-users () lists sourceforge net> Subject: [Snort-users] ERROR: can't find nfq DAQ Hello, I'm trying to run Snort in inline mode (-Q), but I kept running into this problem, where it says can't find nfq DAQ even though I see nfq listed in my --daq-list. I've tried troubleshooting with every source I found online, but now I get a different error. If I run: *snort --daq nfq -Q -c /etc/snort/snort.conf* I get: Log directory = /var/log/snort ERROR: OpenAlertFile() => fopen() alert file /var/log/snort/alert: Permission denied Fatal Error, Quitting.. If I run: *snort -T -c /etc/snort/snort.conf* I get: [ Number of patterns truncated to 20 bytes: 497 ] ERROR: Active response: can't open ip! Fatal Error, Quitting.. I have an IP address and I can ping myself/others and receive pings with no issue. Please advise on what I can do to resolve this, thank you! -- Amal Saeed Simmons College '17, B.S. Computer Science & Information Technology Secretary, 2017 Class Council Co-Vice President, Computer Science & Mathematics Liaison Technology Assistant, *Simmons Technology Support Center*
-- Amal Saeed Simmons College '17, B.S. Computer Science & Information Technology Secretary, 2017 Class Council Co-Vice President, Computer Science & Mathematics Liaison Technology Assistant, *Simmons Technology Support Center*
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Nov 30)
- Re: ERROR: can't find nfq DAQ Marcin Dulak (Nov 30)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ wkitty42 (Dec 01)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 08)
- Re: ERROR: can't find nfq DAQ Amal Saeed (Dec 01)
- Re: ERROR: can't find nfq DAQ Al Lewis (allewi) (Nov 30)