[Oisf-users] Suricata don't operate in Inline mode(-q option) on Fedora 14 box
Victor Julien
victor at inliniac.net
Thu Apr 14 14:49:59 UTC 2011
On 04/14/2011 11:01 AM, 김윤기 wrote:
> suricata -c /etc/suricata/suricata.yaml -i eth0 -q 0
>
> But I have Following Error
> ----------------------------------------------------------------------------------------------------------------------------
> [4997] 14/4/2011 -- 17:48:58 - (suricata.c:551) <Info> (main) -- This is
> Suricata version 1.1beta2 (rev d9e5413)
> [4997] 14/4/2011 -- 17:48:58 - (suricata.c:816) <Error> (main) -- [ERRCODE:
> SC_ERR_MULTIPLE_RUN_MODE(124)] - more than one run mode has been specified
>
> But without -q option It's OK(disable inline)
> suricata -c /etc/suricata/suricata.yaml -i eth0
>
> What's wrong?
You're mixing inline mode (-q 0) with passive ids mode (-i eth0). Just
use -q 0 and it will read packets from iptables.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list