UDP traffic không hiện trên Base 1.4.5

Hệ thống
OS : Centos 5.5
Snort : 2.9.0.1
Barnyard2 : 1.9 beta1
Base : 1.4.5

Kiểm tra
-Chạy snort với lệnh debug ok
snort -c /etc/snort/snort.conf -i eth0

Code:

--== Initialization Complete ==--

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.0.1 GRE (Build 82) 
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/snort/snort-team
           Copyright (C) 1998-2010 Sourcefire, Inc., et al.
           Using libpcap version 1.1.1
           Using PCRE version: 6.6 06-Feb-2006
           Using ZLIB version: 1.2.3

           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version 1.12  <Build 18>
           Preprocessor Object: SF_DNS  Version 1.1  <Build 4>
           Preprocessor Object: SF_FTPTELNET  Version 1.2  <Build 13>
           Preprocessor Object: SF_DCERPC2  Version 1.0  <Build 3>
           Preprocessor Object: SF_SDF  Version 1.1  <Build 1>
           Preprocessor Object: SF_Dynamic_Example_Preprocessor  Version 1.0  <Build 1>
           Preprocessor Object: SF_SMTP  Version 1.1  <Build 9>
           Preprocessor Object: SF_SSH  Version 1.1  <Build 3>
           Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
Commencing packet processing (pid=7218)

Kiểm tra base
permision & owned
ls -l /etc/snort/snort.conf
Code:

-rw-r--r-- 1 root root 18559 Nov 18 17:10 /etc/snort/snort.conf

Code:

Log mysql
echo "SELECTecho "SELECT hostname FROM snort.sensor;" | mysql -u snort -p
>

kiểm Tra bằng 1 rule ICMP đã hiển thị alert trên Base
log tail
Code:

11/18-18:18:21.455781  [**] [1:408:5] ICMP Echo Reply [**] [Classification: Misc activity] [Priority: 3] {ICMP} 192.168.99.79 -> 192.168.99.207
11/18-18:18:22.455715  [**] [1:382:7] ICMP PING Windows [**] [Classification: Misc activity] [Priority: 3] {ICMP} 192.168.99.207 -> 192.168.99.79

Lỗi xảy ra không hiển thị UDP traffic trên Base

Mong cả nhà giúp đỡ !