Hi,
I keep getting "Snort bus error (core dumped)" whenever I try to run
Snort on my Fire V210.
Google led me to this:
http://www.monkey.org/openbsd/archive/ports/0307/msg00041.html
which states that there's something wrong with the way Snort handles
misaligned/aligned access and libpcap.
I'm no Snort expert and have just started with it however, is there a
fix yet for this?
My setup runs multiple vlans over an LACP trunk and is also used as
router/gateway/firewall/NAT.
I have tried multiple ways of starting Snort:
/usr/local/bin/snort -p -i trunk0 -u root -g wheel -c /etc/snort/snort.conf
but all result in the same ending:
--== Initialization Complete ==--
,,_ -*> Snort! <*-
o" )~ Version 2.8.6 IPv6 (Build 38)
'''' By Martin Roesch & The Snort Team:
http://www.snort.org/snort/snort-team
Copyright (C) 1998-2010 Sourcefire, Inc., et al.
Using PCRE version: 8.30 2012-02-04
Rules Engine: SF_SNORT_DETECTION_ENGINE Version 1.12 <Build 18>
Preprocessor Object: SF_SSLPP (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_SSH (IPV6) Version 1.1 <Build 3>
Preprocessor Object: SF_SMTP (IPV6) Version 1.1 <Build 9>
Preprocessor Object: SF_SDF (IPV6) Version 1.1 <Build 1>
Preprocessor Object: SF_FTPTELNET (IPV6) Version 1.2 <Build 13>
Preprocessor Object: SF_DNS (IPV6) Version 1.1 <Build 4>
Preprocessor Object: SF_DCERPC (IPV6) Version 1.1 <Build 5>
Preprocessor Object: SF_DCERPC2 (IPV6) Version 1.0 <Build 3>
Not Using PCAP_FRAMES
Bus error (core dumped)
I built Snort directly from Ports using: make install clean on OpenBSD 5.2
Can anyone help me fix the issue if there is one?
Regards,
Kaya
