|
OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
|
Thread Tools | Display Modes |
|
|||
Snort Daemon not running
Dear All,
I'm using OpenBSD 5.7 and had installed Snort from packages but there is errors displayed when i executed snort. This error was execute using default configuration where i even did not edit/change any configuration in snort. Quote:
Last edited by Peter_APIIT; 28th June 2015 at 07:28 AM. Reason: Added clarification of problem |
|
|||
You have not disclosed which flavor of OpenBSD is installed. Please provide the output of the command:
$ sysctl kern.version Providing the output of dmesg(8) gives us the same information. Assuming this is -release, have you installed archivers/xz as was suggested to you on misc@? http://marc.info/?t=143539318000002&r=1&w=2 Last edited by ocicat; 28th June 2015 at 10:25 AM. Reason: corrected grammar |
|
||||
Two step-by-step "How To" guides for Peter
How to post your dmesg online
Step 1. Put the dmesg in a file, or use the file created for you by OpenBSD during normal boot.
You have never replied (publicly) to any answers or follow-up questions you have received to questions you have posted on the misc@ mailing list, and based on this thread, it is not clear you have ever seen any of those replies to your questions. Step 1. Subscribe before you post. This way, you will receive Email even if a reply is sent only to the list, and not to you directly. There are two ways to subscribe to a list. You can send a structured Email to majordomo@, or you can use the majordomo Web portal. Both methods are described in www.openbsd.org/mail.html, the project's web page on mailing lists. Step 2. Communicate. Reply publicly to questions or guidance you receive publicly. It's considered impolite to ignore these attempts to help you.
People who ask questions of you are trying to help you. Answer as best you can. When they ask for a dmesg ... provide one. Better still, provide a dmesg before they ask ... so they don't have to request it of you. Last edited by jggimi; 28th June 2015 at 01:45 PM. Reason: formatting, one typo, some clarity |
|
|||
Problem solved after installed xz packages. Thanks you very much.
There is another problems. Problems: I cannot run snort in inline mode with daq afpacket with Snort 2.9.7 installed from packages. I had check the daq dir and there is no afpacket share library at /usr/local/lib/daq. How to enable the afpacket configuration ? Last edited by Peter_APIIT; 29th June 2015 at 01:40 PM. Reason: Added questions. |
|
|||
It is unclear from the lack of disclosed information whether you have mixed -current packages with a -release installation. As is discussed in Section 15.4.1 of the FAQ, mismatching packages to the base installation can lead to undefined behavior.
This practice is unsupported. Until you disclose the version information which has been repeatedly requested, the state of your system is unknown, & it is a waste of everyone's time (including your own...) to continually ignore this potential problem. Quote:
However, I will repeat that it is unclear from what little information has been presented thus far whether you are dealing with an unsupported configuration. Please provide the entire output of dmesg(8). Last edited by ocicat; 29th June 2015 at 03:07 PM. Reason: correct grammar... |
|
||||
Quote:
Quote:
$ pkg_info -q to confirm whether there is an out-of-sync condition that needs to be corrected.Peter, please use the step-by-step instructions I provided in this thread to copy/paste your dmesg and package list into a reply. If there is any confusion about any of the instructions, please ask. We need clear and unambiguous confirmation that you are running an undamaged system. I sent you a PM earlier today with steps to repair the system if it is damaged. --- To use Snort on this OS, you must properly configure the DAQ library.
If it appears we are not answering your questions or answering the wrong questions, it is because we are missing information which only you can provide. --- Application-specific questions about Snort should be directed to the support channels provided by Cisco Systems (who own the Snort software development company Sourcefire) and the Snort community: https://www.snort.org/faq/how-do-i-s...ns-about-snort Last edited by jggimi; 29th June 2015 at 05:34 PM. Reason: clarity on DAQ requirements, information gathering, and communication |
|
|||
First of all, it is a typo error that i'm mentioned mixed release base installation with current packages.
Let me clarify once again: OpenBSD 5.7 official release and installed snort-2.9.7.0 and xz-5.2.0 The Snort and xz packages are get from the official openbsd 5.7 packages mirror system and I'm did not installed those packages from port tree or tar sources. The above information was getting by issues pkg_info -qm command. Thanks for the clarification. Last edited by Peter_APIIT; 30th June 2015 at 12:31 PM. |
|
|||
Quote:
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Snort 2.9.1 improves protocol handling | J65nko | News | 0 | 30th August 2011 12:26 AM |
Question about Snort sensor placement | unixjingleman | OpenBSD Security | 1 | 1st June 2011 04:43 AM |
PF + SNORT on one machine | WeakSauceIII | OpenBSD Security | 5 | 30th July 2009 09:02 AM |
Best way to check if freebsd server is running a nameserver service/daemon | Yuka | FreeBSD General | 7 | 6th November 2008 01:26 AM |
snort install error | ijk | FreeBSD Installation and Upgrading | 1 | 11th August 2008 10:53 AM |