Snort mailing list archives
Minor notes snort-3.0.0-a1
From: Y M <snort () outlook com>
Date: Sat, 13 Dec 2014 09:28:07 +0000
1. Difference in performance profiling configuration option when building snort with cmake vs. autotools: cmake accepts enable-perfprofiling but not enable-perf-profiling autotools accepts enable-perf-profiling but not enable-perfprofiling 2. When running snort, a fatal error may be generated: FATAL: can't init /usr/local/snort/etc/snort.lua: /usr/local/snort/etc/snort.lua:22: module 'snort_config' not found: no field package.preload['snort_config'] no file './snort_config.lua' no file '/usr/local/share/luajit-2.0.3/snort_config.lua' no file '/usr/local/share/lua/5.1/snort_config.lua' no file '/usr/local/share/lua/5.1/snort_config/init.lua' no file './snort_config.so' no file '/usr/local/lib/lua/5.1/snort_config.so' no file '/usr/local/lib/lua/5.1/loadall.so' Fatal Error, Quitting.. snort_config.lua is not copied to /etc when installing snort. Manually copying snort_config.lua to /etc fixes the issue. 3. Difference in dump_stats() when running with --shell and dump_stats() after running quit(): o")~ dump_stats()--------------------------------------------------Packet Statistics--------------------------------------------------daq pcaps: 1--------------------------------------------------Module Statistics--------------------------------------------------Summary Statistics--------------------------------------------------process local commands: 12o")~ o")~ quit()== stoppingo")~ -- [0] eth0--------------------------------------------------Packet Statistics--------------------------------------------------daq pcaps: 1 received: 118 analyzed: 118 allow: 118 idle: 2--------------------------------------------------codec total: 122 (100.000%) discards: 18 ( 14.754%) arp: 2 ( 1.639%) eth: 122 (100.000%) icmp4: 78 ( 63.934%) ipv4: 120 ( 98.361%) tcp: 36 ( 29.508%) udp: 6 ( 4.918%)--------------------------------------------------Module Statistics--------------------------------------------------back_orifice packets: 3--------------------------------------------------binder packets: 8 inspects: 8--------------------------------------------------perf_monitor packets: 100--------------------------------------------------port_scan_global packets: 98--------------------------------------------------stream tcp flows: 4 udp flows: 3 icmp flows: 1--------------------------------------------------stream_icmp created: 1 released: 1--------------------------------------------------stream_tcp sessions: 4 timeouts: 2 data trackers: 4 trackers created: 4 trackers released: 4 segs queued: 5 segs released: 5 client cleanups: 4--------------------------------------------------stream_udp sessions: 3 created: 3 released: 3--------------------------------------------------tcp bad checksum (ip4): 15--------------------------------------------------udp bad checksum (ip4): 3--------------------------------------------------Summary Statistics--------------------------------------------------detection analyzed: 118--------------------------------------------------process local commands: 15--------------------------------------------------timing runtime: 00:02:49 seconds: 169.467279 packets: 118 pkts/sec: 0o")~ Snort exiting Thanks.Yaser
------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Minor notes snort-3.0.0-a1 Y M (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 15)
- Re: Minor notes snort-3.0.0-a1 Y M (Dec 15)
- Re: Minor notes snort-3.0.0-a1 Y M (Dec 13)
- Re: Minor notes snort-3.0.0-a1 Russ Combs (rucombs) (Dec 13)