Snort mailing list archives
Re: Packet loss statistics
From: David Lambert <dlambert () demo legallock com>
Date: Mon, 4 Feb 2002 09:37:49 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 04 February 2002 08:27 am, Patrice.Arnal () alcatel fr wrote:
I use "killall snort -USR1"
Extract from snort manpage:
SIGUSR1
Causes the program to dump its current packet statistical
information to the cosole or syslogd(8) if in daemon mode.
This gives a report as follows:
Feb 4 09:36:12 demo snort:
===============================================================================
Feb 4 09:36:12 demo snort: Snort analyzed 1957352 out of 1957352 packets,
Feb 4 09:36:12 demo snort: dropping 0(0.000%) packets
Feb 4 09:36:12 demo snort: Breakdown by protocol: Action
Stats:
Feb 4 09:36:12 demo snort: TCP: 1605157 (82.007%) ALERTS: 155
Feb 4 09:36:12 demo snort: UDP: 200926 (10.265%) LOGGED: 155
Feb 4 09:36:12 demo snort: ICMP: 139305 (7.117%) PASSED: 0
Feb 4 09:36:12 demo snort: ARP: 11964 (0.611%)
Feb 4 09:36:12 demo snort: IPv6: 0 (0.000%)
Feb 4 09:36:12 demo snort: IPX: 0 (0.000%)
Feb 4 09:36:12 demo snort: OTHER: 0 (0.000%)
Feb 4 09:36:12 demo snort: DISCARD: 0 (0.000%)
Feb 4 09:36:12 demo snort:
===============================================================================
Feb 4 09:36:12 demo snort: Fragmentation Stats:
Feb 4 09:36:12 demo snort: Fragmented IP Packets: 0 (0.000%)
Feb 4 09:36:12 demo snort: Fragment Trackers: 0
Feb 4 09:36:12 demo snort: Rebuilt IP Packets: 0
Feb 4 09:36:12 demo snort: Frag elements used: 0
Feb 4 09:36:12 demo snort: Discarded(incomplete): 0
Feb 4 09:36:12 demo snort: Discarded(timeout): 0
Feb 4 09:36:12 demo snort: Frag2 memory faults: 0
Feb 4 09:36:12 demo snort:
===============================================================================
Feb 4 09:36:12 demo snort: TCP Stream Reassembly Stats:
Feb 4 09:36:12 demo snort: TCP Packets Used: 1605120 (82.005%)
Feb 4 09:36:12 demo snort: Stream Trackers: 65023
Feb 4 09:36:12 demo snort: Stream flushes: 12867
Feb 4 09:36:12 demo snort: Segments used: 18350
Feb 4 09:36:12 demo snort: Stream4 Memory Faults: 0
Hello I read about snort performances on various machines. Some are speaking of 1 to 10% packet missed by snort but they don't say where this figure comes from. I want to get an idea of packet loss on my system : a Solaris 5.8 sparc Ultra5 What command must I issue to have a rough figure of packets missed by snort ? Thanks Patrice ARNAL ALCANET France Site d'ILLKIRCH 1 Route du Dr Albert SCHWEITZER 67408 ILLKIRCH CEDEX _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8XqrNY/DxgpN5vvMRAt0iAJ9JuTMM4/uYVFNbrv0Cs9ziTBR80wCgtEht UvHg1PD+kEizVApnYdK67cM= =5kJV -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Packet loss statistics Patrice . Arnal (Feb 04)
- Re: Packet loss statistics David Lambert (Feb 04)
- Re: Packet loss statistics Matt Kettler (Feb 04)
- <Possible follow-ups>
- RE: Packet loss statistics Chip Kelly (Feb 04)