[Oisf-users] Suricata doesn't load with a dummy interface
Carlos Terrón Bueno
cterron at alienvault.com
Wed Apr 26 14:15:52 UTC 2017
I’m trying to use suricata with a dummy interface (I’m going to inject traffic over), so I load suricata with:
root at ufo:/etc/suricata/rules# suricata -c /etc/suricata/suricata.yaml -i dummy0
But fails
26/4/2017 -- 14:13:46 - <Notice> - This is Suricata version 3.2.1 RELEASE
26/4/2017 -- 14:14:10 - <Warning> - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to get feature via ioctl for 'dummy0': Operation not supported (95)
26/4/2017 -- 14:14:10 - <Warning> - [ERRCODE: SC_ERR_SYSCALL(50)] - Failure when trying to get feature via ioctl for 'dummy0': Operation not supported (95)
26/4/2017 -- 14:14:10 - <Notice> - all 2 packet processing threads, 4 management threads initialized, engine started.
26/4/2017 -- 14:14:10 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
26/4/2017 -- 14:14:10 - <Error> - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
26/4/2017 -- 14:14:10 - <Error> - [ERRCODE: SC_ERR_FATAL(171)] - thread W#01-dummy0 failed
I’m using the af-packet capture. Does this node work with a dummy interface?
Greetings
Carlos
More information about the Oisf-users
mailing list