Package Details: snort 3.1.83.0-1

Git Clone URL: https://aur.archlinux.org/snort.git (read-only, click to copy)
Package Base: snort
Description: A lightweight network IDS /IPS with OpenAppID support.
Upstream URL: https://www.snort.org
Licenses: GPL
Submitter: Snowman
Maintainer: robertfoster
Last Packager: robertfoster
Votes: 64
Popularity: 0.015878
First Submitted: 2012-11-16 17:33 (UTC)
Last Updated: 2024-03-27 15:07 (UTC)

Pinned Comments

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 Next › Last »

meAtArch commented on 2014-11-15 15:50 (UTC)

@oliverbk I experienced a similar problem as you did on 2014-10-31. For me "systemctl start snort" resulted in the error you describe. "systemctl start snort@wlan0" resulted in a file not found error. What solved the problem for me was a simple: cp /usr/lib/systemd/system/snort.service /usr/lib/systemd/system/snort@.service Honestly, I am not sure whether a "mv" instead of a "cp" would not be better, as starting the service without specifying a device will always result in this error (at least according to the content of /usr/lib/systemd/system/snort.service).

olivervbk commented on 2014-11-02 22:16 (UTC)

Had to create the default snort.conf directory: /usr/lib/snort_dynamicrules Snort error: ERROR: /etc/snort/snort.conf(253) Could not stat dynamic module path "/usr/lib/snort_dynamicrules": No such file or directory.

olivervbk commented on 2014-10-31 02:11 (UTC)

Cant get snort@wlan0 to work. Anyone know the problem? [oliver@hecatonchires snort]$ sudo systemctl start snort@wlan0 Failed to start snort@wlan0.service: Unit snort@wlan0.service failed to load: No such file or directory. [oliver@hecatonchires snort]$ sudo systemctl start snort Job for snort.service failed. See 'systemctl status snort.service' and 'journalctl -xn' for details. [oliver@hecatonchires snort]$ systemctl status snort.service ● snort.service - Snort IDS system listening on '%I' Loaded: loaded (/usr/lib/systemd/system/snort.service; disabled) Active: failed (Result: resources) Oct 31 00:05:03 hecatonchires systemd[1]: Stopped Snort IDS system listening on '%I'. Oct 31 00:05:05 hecatonchires systemd[1]: Starting Snort IDS system listening on '%I'... Oct 31 00:05:05 hecatonchires systemd[1]: snort.service failed to run 'start-pre' task: Operation not supported Oct 31 00:05:05 hecatonchires systemd[1]: Failed to start Snort IDS system listening on '%I'. Oct 31 00:05:49 hecatonchires systemd[1]: Starting Snort IDS system listening on '%I'... Oct 31 00:05:49 hecatonchires systemd[1]: snort.service failed to run 'start-pre' task: Operation not supported Oct 31 00:05:49 hecatonchires systemd[1]: Failed to start Snort IDS system listening on '%I'. Oct 31 00:09:08 hecatonchires systemd[1]: Starting Snort IDS system listening on '%I'... Oct 31 00:09:08 hecatonchires systemd[1]: snort.service failed to run 'start-pre' task: Operation not supported Oct 31 00:09:08 hecatonchires systemd[1]: Failed to start Snort IDS system listening on '%I'. [oliver@hecatonchires snort]$ This works: sudo snort --daq-dir /usr/lib/daq/ -i wlan0

olivervbk commented on 2014-10-31 01:41 (UTC)

emerging.rules.tar.gz md5sum changed to 52fb27a0b8151cc2b906fd58ce12fb46

cosmicnut commented on 2014-07-20 10:30 (UTC)

this package is a little broken. snort have changed their site layout so you need to change PKGBUILD to the source location source=("http://www.snort.org/downloads/snort/${pkgname}-${pkgver}.tar.gz" "http://rules.emergingthreats.net/open/${pkgname}-2.9.0/emerging.rules.ta$ 'snort.service') The change seems to be at the latest build so you need to up the version to 2.9.6.2 witt the MD5 of 2a0e89a48260e45f932af94c0ebb330e no other versions seem to be on line

malosasha commented on 2014-05-12 13:05 (UTC)

hi the snort installation is broken : the emerging rule have been updated upstream and the md5 need to be edited from f25631a4942d7e0bb9937c883f42e87a to b0116a4ddfa92afb759d92c14f13dd20

lakechfoma commented on 2014-02-22 17:50 (UTC)

GI_Jack, I am not sure the exact cause of the problem but I do know you can specify the directory explicitly when you run snort like so: snort -v --daq-dir /usr/lib/daq

GI_Jack commented on 2014-02-21 00:52 (UTC)

ugg # snort -v Running in packet dump mode --== Initializing Snort ==-- Initializing Output Plugins! ERROR: Can't find pcap DAQ! Fatal Error, Quitting.. #strace snort -v .... open("/dev/usbmon1", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/usbmon/1t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usbmon/1t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/dev/usbmon2", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/usbmon/2t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usbmon/2t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/dev/usbmon3", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/usbmon/3t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usbmon/3t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/dev/usbmon4", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/usbmon/4t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usbmon/4t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/dev/usbmon5", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usb/usbmon/5t", O_RDONLY) = -1 ENOENT (No such file or directory) open("/sys/kernel/debug/usbmon/5t", O_RDONLY) = -1 ENOENT (No such file or directory) ... # snort --daq-list No available DAQ modules (try adding directories with --daq-dir). # ls -l /usr/lib/daq total 60 -rwxr-xr-x 1 root root 18664 Dec 22 15:56 daq_afpacket.so -rwxr-xr-x 1 root root 10488 Dec 22 15:56 daq_dump.so -rwxr-xr-x 1 root root 10520 Dec 22 15:56 daq_ipfw.so -rwxr-xr-x 1 root root 14560 Dec 22 15:56 daq_pcap.so any clue?

« First ‹ Previous 1 2 3 4 5 6 7 8 9 10 Next › Last »