-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello all... On 06/10/2011 18:51, Nelo Belda wrote: > I have the same problem. > > Maybe it's a problem related with some kind of permissions because > if you run snort with root privileges (-u root, this is not a good > idea) it works fine. I can confirm Nelo's solution - I just hadn't even thought of it because I always run Snort with -u and -g and have done for years. I thought it might be just a simple ownership change to something in /dev but strace shows that snort/pfcount opens a direct socket which is obviously not allowed for uid > 0 I'm presuming this isn't something for the snort-users list - or is the problem that snort drops the privileges too early before the DAQ/PF_RING part? - -- Peter Bates Senior Computer Security Officer Phone: +44(0)2076792049 Information Services Division Internal Ext: 32049 University College London London WC1E 6BT -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOjvjCAAoJELhVoVpEMS6Rw9AIAKrBpV/8cVqcVYXAjMntPPuF a0u7e3X/ezfYQ4ytrwQPMqht0mjT9Y8whninQaAHTwi1La8YrbIuqoUTvXpY+NaB 3LBIQ4G0u/VvcTjEsPXeqgVMuyjD28P/CsYId7wGzL2mHWffliAN8B2sujgibVNy IYMIVTWgTGSsNDuxNfhP9L3fa/ttwwl1LpnQYfSvja7PzTU2GgCKGZjeKAkaL5GR HIaCGXm5uoDsl9sLrjs0sc8BB0S7Ml7vee9au8R1Zs7yXQ5n6JPiVb5hL2G0evUi B+WWRMKRmQzQByZxL3pRPxGJ6Kc4NQjVbcQpek4u+rV2RfR3oZwSQl+05YPflSg= =Um8+ -----END PGP SIGNATURE----- _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
