Netlabel doesn't work on Security Onion (Linux)

Question

Netlabel doesn't work on Security Onion (Linux)

Reg1nleifr opened this issue 5 years ago · comments

Hey Phil,
I've been cross compiling your project for the latest Security Onion version (16.04.5.6).
Netcap seems to work fine, however netlabel doesn't work at all. So far I haven't had time to investigate any further however I thought I'd let you know. Hopefully I'll be back with some useful information soon.

Thanks for your awesome project & BR
Reg1n

Phil · Answer 1 · Sat Feb 16 2019 05:25:16 GMT+0800 (China Standard Time)

Hi there,

thanks for reporting!

Please share some output and the commands you executed for reproducing the issue.

Note that netlabel calls suricata to obtain label information,
and currently the path for the configuration file is hardcoded:

https://github.com/dreadl0ck/netcap/blob/master/label/suricata.go#L104

Probably suricata wasn't installed or the configuration file was not at the specified path.

Cheers

Phil · Answer 2 · Wed Mar 27 2019 02:16:42 GMT+0800 (China Standard Time)

Closed due to age. Contact me by mail to reopen.