[ale] A snort newbie question
Jonathan Rickman
jonathan at xcorps.net
Wed Aug 22 09:25:43 EDT 2001
On Wed, 22 Aug 2001, James CE Johnson wrote:
> # snort -Afull -i eth1 -c snort.conf -p
>
> And get this:
>
> Log directory =
That's odd...never seen that before.
> [!] ERROR snort.conf (47): Bad value in variable definition!
> Make sure you don't have a "$" in the var name
> Fatal Error, Quitting..
Have you tried letting it pick it's own IF by not using the -i flag. I
suspect it will pick eth0 first but you could always re-alias the
interfaces, or just swap the cables and addresses.
snort -A full -c [insert path]/snort.conf -D -p
Always works for me, but eth0 is the external on all of my machines.
Build 74 is pretty new, so it could be a bug.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list