Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I found this through Google. Look into it and check what they are mentioning.
Quote:
* Linux:
--------
With kernels 2.2.x and higher you may get `snort [pid] uses obsolete
(PF_INET, SOCK_PACKET)' warnings. This is because you use some older
implementation of libpcap library and you need an upgrade. The recent
version of libpcap could be found at www.tcpdump.org page. On linux
with kernels 2.2.x and higher you may also get feature to monitor
several interfaces down to network level (session + TCP + IP) if you
link your snort with the lattest version of libpcap which incorporates
Sebastian Krahmer's patch for interface 'any'.
What arguments did you give to snort when starting manually? And can you check if you have a startup script present in your /etc/rcX.d directory (where X is your runlevel).
What arguments did you give to snort when starting manually? And can you check if you have a startup script present in your /etc/rcX.d directory (where X is your runlevel).
...and if that doesn't show clues check your syslog for snort-related startup messages and see 'man snort' for "-T".
I give sudo snort in Konsole. There was no link to snort at any levels rcX.d. I created a link to /etc/init.d/snort in /etc/rc5.d. I will see it snort runs at startup now.
I changed it to root, I got an error stating /var/log/snort should be owned by snort. I changed the ownership to snort:root instead of snort:adm. The initial messages at boot are that Snort has started. But I get nothing when I enter ps -A . I just dont understand why it does not start. The messages that flash in the beginning are they stored in /var/log/messages or /var/log/dmesg. I continue to get this error
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.