3

I am trying to install Bro on my machine running Ubuntu 16.04 and I am facing the following problem on bro start. It has multiple errors and kindly assist on how to resolve them.

[BroControl] > start
starting bro (was crashed) ...
bro terminated immediately after starting; check output with "diag"
[BroControl] > diag
[bro]

Bro 2.4.1
Linux 4.4.0-36-generic


==== No reporter.log

==== stderr.log
    fatal error: problem with interface eth0 (eth0: SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: No such device)

==== stdout.log
max memory size         (kbytes, -m) unlimited
data seg size           (kbytes, -d) unlimited
virtual memory          (kbytes, -v) unlimited
core file size          (blocks, -c) unlimited

==== .cmdline
-i eth0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto

==== .env_vars
PATH=/usr/bin:/usr/share/broctl/scripts:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
BROPATH=/var/spool/bro/installed-scripts-do-not-touch/site::/var/spool/bro/installed-scripts-do-not-touch/auto:/usr/share/bro:/usr/share/bro/policy:/usr/share/bro/site
CLUSTER_NODE=

==== .status
TERMINATED [atexit]

==== No prof.log

==== No packet_filter.log

==== No loaded_scripts.log

My ifconfig shows up this : 

root@anuvrattiku-Inspiron-13-7368:/etc# ifconfig -a
lo        Link encap:Local Loopback  
      inet addr:127.0.0.1  Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNING  MTU:65536  Metric:1
      RX packets:6594 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6594 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1 
      RX bytes:950826 (950.8 KB)  TX bytes:950826 (950.8 KB)

wlp1s0    Link encap:Ethernet  HWaddr 68:07:15:23:f2:f8  
      inet addr:10.250.39.91  Bcast:10.250.255.255  Mask:255.255.0.0
      inet6 addr: fe80::274a:2cde:a0c8:1131/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
      RX packets:271804 errors:0 dropped:0 overruns:0 frame:0
      TX packets:49076 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000 
      RX bytes:342567344 (342.5 MB)  TX bytes:6733501 (6.7 MB)

Any help would be appreciated.

Anuvrat Tiku
  • 1,616
  • 2
  • 17
  • 25
  • I think this belongs on http://askubuntu.com – J. Allan Sep 08 '16 at 19:29
  • It looks like your machine doesn't have an interface `eth0`, which is assumed to the default. You need to configure BroControl with your network interface correctly. – mavam Sep 10 '16 at 19:01

2 Answers2

1

you're gonna need to check the bro config files mainly "/usr/local/bro/etc/node.cfg" and modify the hostname and the interface variables

based on the diag results it's showing "==== .cmdline -i eth0 -U .status -p broctl " which means it's using the default configs. thus. all what you need to make it work is just to change the interface to wlp1s0

be aware that's you're gonna need to make more configurations to start using it.

Abdalla Mohamed
  • 11
  • 1
-1

run sudo nano /usr/local/bro/etc/networks.cfg on your interface change it from eth0 to wlp1s0

Adonis
  • 4,670
  • 3
  • 37
  • 57
siyanda
  • 31
  • 1