Admin-Ahead Community
Linux => General Linux => Topic started by: arunlalpr on November 29, 2018, 02:37:00 am
-
When the interface is not eth0. We need to alter the installation snort configuration.
Error:
--------------------------------------
#snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i venet0
FATAL ERROR: Cannot decode data link type 113
--------------------------------------
We need skip the decoders by using "--enable-non-ether-decoders" during configuration will solve the issue.
--------------------------------------------
cd ~/snort_src
wget https://snort.org/downloads/snort/snort-2.9.8.0.tar.gz
tar -xvzf snort-2.9.8.0.tar.gz
cd snort-2.9.8.0
./configure --enable-sourcefire --enable-non-ether-decoders
make
sudo make install
----------------------------------------------
That it :)