barnyard2-1.10 major problem

["Lawrence R. Hughes, Sr." <lhughes () safemedia com>]

Hi,

We have discovered that barnyard2-1.10 (all builds) has a major problem where it will only pass one (1) packet 
per-alert to the database and discards any further packets reported by snort 2.9.3.1!

We have been in touch with the author of barnyard2 and they can not offer any solutions and are working on a complete 
re-write of spooler.c for the release 2.2 of barnyard2.

Has anyone patched spooler.c to get around this problem?

The problem does not appear to be a new one as we saw the same results in barnyard2-1.8
We have verified snort's unified2 output log, which does indeed have additional packets carrying the same event_id...

Any help would be great in getting a work-around patch for spooler.c

Thanks,
Larry

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!