My pfring-daq-module installation
]# make install
make[1]: Entering directory
`/usr/src/PF_RING-6.0.1/userland/snort/pfring-daq-module'
test -z "/usr/local/lib/daq" || /bin/mkdir -p "/usr/local/lib/daq"
/bin/sh ./libtool --mode=install /usr/bin/install -c daq_pfring.la
'/usr/local/lib/daq'
libtool: install: /usr/bin/install -c .libs/daq_pfring.so
/usr/local/lib/daq/daq_pfring.so
libtool: install: /usr/bin/install -c .libs/daq_pfring.lai
/usr/local/lib/daq/daq_pfring.la
libtool: finish:
PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/blad
eservices/bin:/root/bin:/sbin" ldconfig -n /usr/local/lib/daq
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/lib/daq
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
make[1]: Nothing to be done for `install-data-am'.
make[1]: Leaving directory
`/usr/src/PF_RING-6.0.1/userland/snort/pfring-daq-module'
Da: [email protected]
[mailto:[email protected]] Per conto di Alfredo
Cardigliano
Inviato: martedì 27 maggio 2014 19:19
A: [email protected]
Oggetto: Re: [Ntop-misc] R: DNA DAQ for SNORT
Did you install the pfring_dna daq module? It is not listed in your
/usr/local/lib/daq
Alfredo
On 27 May 2014, at 19:10, Maurizio Di Pietro (Esterna) <[email protected]>
wrote:
Now Im running a more simple command for a test. I had the same problem
/usr/local/bin/snort -c
/usr/src/PF_RING-6.0.1/userland/snort/snort-2.9.6.0/etc/snort.conf
--daq-dir /usr/local/lib/daq --pid-path=/tmp/snort0 --daq pfring_dna
--daq-mode passive -i dna0 -v e
ERROR: Can't find pfring_dna DAQ!
Fatal Error, Quitting..
I didn't understand
Below I wrote my configuration
]# lsmod
Module Size Used by
ixgbe 310387 0
pf_ring 436931 24
]# ifconfig
dna0 Link encap:Ethernet HWaddr EC:9E:CD:0D:F1:44
UP BROADCAST RUNNING MULTICAST MTU:9000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Memory:fb120000-fb140000
dna1 Link encap:Ethernet HWaddr EC:9E:CD:0D:F1:45
UP BROADCAST RUNNING MULTICAST MTU:9000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Memory:fb100000-fb120000
ls -la /usr/local/lib/daq/
totale 236
drwxr-xr-x 2 root root 4096 23 mag 15:32 .
drwxr-xr-x. 8 root root 4096 23 mag 15:30 ..
-rwxr-xr-x 1 root root 1000 23 mag 15:30 daq_afpacket.la
-rwxr-xr-x 1 root root 51455 23 mag 15:30 daq_afpacket.so
-rwxr-xr-x 1 root root 956 23 mag 15:30 daq_dump.la
-rwxr-xr-x 1 root root 25374 23 mag 15:30 daq_dump.so
-rwxr-xr-x 1 root root 976 23 mag 15:30 daq_ipfw.la
-rwxr-xr-x 1 root root 28191 23 mag 15:30 daq_ipfw.so
-rwxr-xr-x 1 root root 956 23 mag 15:30 daq_pcap.la
-rwxr-xr-x 1 root root 30084 23 mag 15:30 daq_pcap.so
-rwxr-xr-x 1 root root 963 23 mag 15:32 daq_pfring.la
-rwxr-xr-x 1 root root 66833 23 mag 15:32 daq_pfring.so
Thanks
Maurizio
Da: [email protected]
[mailto:[email protected]] Per conto di Alfredo
Cardigliano
Inviato: martedì 27 maggio 2014 18:35
A: [email protected]
Oggetto: Re: [Ntop-misc] DNA DAQ for SNORT
Hi Maurizio
daq-var clusterid is not supported by the pfring_dna daq, please also make
sure pf_ring is loaded and the dna0 interface is up. Please let us know.
Best Regards
Alfredo
On 27 May 2014, at 17:54, Maurizio Di Pietro (Esterna) <
<mailto:[email protected]> [email protected]> wrote:
Hello,
I'm working with snort and DAQ PRING 6.01 less DNA.
I ran more istance of snort with this command and it works well
/usr/local/bin/snort -c
/usr/src/PF_RING-6.0.1/userland/snort/snort-2.9.6.0/etc/snort.conf
--pid-path=/tmp/snort0 -i eth10 -l /tmp/snort0 --perfmon-file
/tmp/snort0/snort.stats --daq-dir /usr/local/lib/daq --daq pfring --daq-var
bindcpu=0 --daq-var clusterid=16
Now I'm trying to use the feature z-copy (DNA). So i compiled the ixgbe DNA
driver, i loaded it and tryed to run snort with this command
/usr/local/bin/snort -c
/usr/src/PF_RING-6.0.1/userland/snort/snort-2.9.6.0/etc/snort.conf
--pid-path=/tmp/snort0 -i dna0 -l /tmp/snort0 --perfmon-file
/tmp/snort0/snort.stats --daq-dir /usr/local/lib/daq --daq pfring_dna
--daq-var bindcpu=0 --daq-var clusterid=16
But I have this output
pfring DAQ configured to passive.
ERROR: Can't initialize DAQ pfring (-1) -
Fatal Error, Quitting..
Why?
1- Do i have a license for work with DNA DAQ?
2- must I use PF_RING_aware?
3- Do I make some mistakes?
pfcount and pfsend work well!
Thanks
Bye
_______________________________________________
Ntop-misc mailing list
<mailto:[email protected]> [email protected]
<http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________
Ntop-misc mailing list
<mailto:[email protected]> [email protected]
<http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
