Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Poor performance using snort 2.8.x in inline mode

From: Jim McCullough <jim.mccullough () gmail com>
Date: Wed, 21 Jan 2009 05:07:39 -0500
Can you provide the following information for a bit better of an idea of
finding the bottleneck?  Also is this a stock RHEL kernel build and is
selinux enable?

lspci -v
lspci -v -n

uname -a

On Wed, Jan 21, 2009 at 3:50 AM, carlopmart <carlopmart () gmail com> wrote:


I think that the problem is with network. CPU is idle at 95%. Memory is
using at
50% and I use e1000 nics on this host.

Putting snort without inline mode (but using the same rules) throughput is
very
very acceptable (11 MB/s). I am testing it copying a 100MB file over snort
bridge ....


------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: