<div dir="ltr"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-" style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></span><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">you would need to run:</span><br style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">suricata -c suricata.yaml -T --af-packet</span><br style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><span style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">as Suricata won't know what capture method you intend to use.</span></blockquote><div><br></div>You are right!<div><br></div><div><div><font size="1" face="monospace, monospace">network-sensor suricata # suricata -c suricata.yaml --af-packet -T | grep -v FLOWBIT</font></div><div><font size="1" face="monospace, monospace">[25210] 9/8/2018 -- 12:55:21 - (suricata.c:1900) <Info> (ParseCommandLine) -- Running suricata under test mode</font></div><div><font size="1" face="monospace, monospace">[25210] 9/8/2018 -- 12:55:21 - (suricata.c:1084) <Notice> (LogVersion) -- This is Suricata version 4.1.0-dev (rev a3caef7)</font></div><div><font size="1" face="monospace, monospace">[25210] 9/8/2018 -- 12:55:28 - (suricata.c:2986) <Notice> (main) -- Configuration provided was successfully loaded. Exiting.</font></div></div><div><br></div><div>Thanks very much,</div><div>Davide</div><div class="gmail_extra">-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div dir="ltr"><div dir="ltr"><table border="0" cellspacing="0" cellpadding="0" style="font-family:"Times New Roman";width:420px"><tbody><tr valign="top"><td><table border="0" cellspacing="0" cellpadding="0"><tbody><tr valign="top"><td style="text-align:initial;vertical-align:top;padding:0px 8px"><a href="http://www.certego.net/" target="_blank"><img width="96" height="96" src="http://www.certego.net/email/certego.png" alt="" style="border-radius:0px"></a></td><td style="text-align:initial;vertical-align:top;padding:4px 0px"><div style="padding-top:2px;color:rgb(0,172,237);font-weight:bold;font-stretch:normal;font-size:18px;line-height:normal;font-family:sans-serif;letter-spacing:1px">Davide Setti</div><div style="padding-top:2px;color:rgb(32,32,32);font-weight:bold;font-stretch:normal;font-size:14px;line-height:normal;font-family:sans-serif">R&D and Incident Response Team, Certego</div><div style="padding-top:6px"><a href="http://www.linkedin.com/company/certego" target="_blank"><img width="24" height="24" src="http://www.certego.net/email/linkedin.png" style="border-radius:0px;border:0px;width:24px;min-height:24px"></a> <a href="http://twitter.com/Certego_IRT" target="_blank"><img width="24" height="24" src="http://www.certego.net/email/twitter.png" style="border-radius:0px;border:0px;width:24px;min-height:24px"></a> <a href="http://github.com/certego" target="_blank"><img width="24" height="24" src="http://www.certego.net/email/github.png" style="border-radius:0px;border:0px;width:24px;min-height:24px"></a> <a href="http://www.youtube.com/CERTEGOsrl" target="_blank"><img width="24" height="24" src="http://www.certego.net/email/youtube.png" style="border-radius:0px;border:0px;width:24px;min-height:24px"></a> <a href="http://plus.google.com/117641917176532015312" target="_blank"><img width="24" height="24" src="http://www.certego.net/email/googleplus.png" style="border-radius:0px;border:0px;width:24px;min-height:24px"></a></div></td></tr></tbody></table></td></tr></tbody></table><div style="width:420px;text-align:justify;vertical-align:top;padding:8px 0px;color:rgb(224,224,224);font-stretch:normal;font-size:8px;line-height:normal;font-family:sans-serif">Use of the information within this document constitutes acceptance for use in an "as is" condition. There are no warranties with regard to this information; Certego has verified the data as thoroughly as possible. Any use of this information lies within the user's responsibility. In no event shall Certego be liable for any consequences or damages, including direct, indirect, incidental, consequential, loss of business profits or special damages, arising out of or in connection with the use or spread of this information.</div></div></div></div></div>
</div></div>