[Oisf-users] A question about using suricata as an IPS
carlopmart
carlopmart at gmail.com
Fri Apr 1 15:01:20 UTC 2011
On 04/01/2011 04:46 PM, Brant Wells wrote:
> Hey Carl,
>
> The way I have done it in the past is to set the interface that Suricata
> uses in the suricata.yaml or using the -i ethx command line...
>
> In your case, it would look something like:
>
> /usr/local/bin/suricata -c
> /data/config/etc/suricata-inet/suricata.yaml -D --pidfile
> /var/run/suricata-inet.pid -q 0 -i ipsif0
>
> Hope that helps!
> ~Brant
>
>
I have tried, but suricata returns me this error:
+ /bin/bash -c 'ulimit -S -c 0 >/dev/null 2>&1 ; /usr/local/bin/suricata
-c /data/config/etc/suricata-inet/suricata.yaml -D --pidfile
/var/run/suricata-inet.pid -q 0 -i ipsif0'
[10716] 1/4/2011 -- 17:01:04 - (suricata.c:440) <Info> (main) -- This is
Suricata version 1.1beta1
[10716] 1/4/2011 -- 17:01:04 - (suricata.c:635) <Error> (main) --
[ERRCODE: SC_ERR_MULTIPLE_RUN_MODE(124)] - more than one run mode has
been specified
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list