All three methods described in this article work only when the host running Snort, and the hosts whose logs or other packets the Snort host needs to sniff, are on the same LAN segment. On a shared (hub-based) LAN segment this means all the hosts must be connected to the same hub or to hubs that are interconnected with crossover cables or “stacking” cables. On a switched LAN segment, this means all the hosts either must be connected to the same switch or to switches that are interconnected with “stacking” cables or with their respective “uplink” ports.
In short, these methods do not work for hosts attached to different LAN segments or routed networks.