[Snort-devel] Core

Erek Adams erek at ...105...
Tue Nov 6 16:46:03 EST 2001


On Tue, 6 Nov 2001, Steve Boals wrote:

> Red Hat 7.1,  x86
>
> Basic rulesets
> snort -c -A fast
>
> (gdb) where
> #0  ubi_btFind (RootPtr=0x19, FindMe=0x8a36148) at ubi_BinTree.c:866
> #1  0x08074130 in ubi_sptFind (RootPtr=0x19, FindMe=0x8a36148)
>     at ubi_SplayTree.c:458
> #2  0x0807770b in StoreStreamPkt (ssn=0x8a36148, p=0xbffff320,
>     pkt_seq=2707737169) at spp_stream4.c:2581
> #3  0x08075a3a in ReassembleStream4 (p=0xbffff320) at spp_stream4.c:1078
> #4  0x08056db2 in Preprocess (p=0xbffff320) at rules.c:3426
> #5  0x0804c17f in ProcessPacket (user=0x0, pkthdr=0xbffff810,
>     pkt=0x4032e682 "") at snort.c:534
> #6  0x0807a0a6 in packet_ring_recv () at eval.c:41
> #7  0x0807a3cf in pcap_read () at eval.c:41
> #8  0x0807b07f in pcap_loop () at eval.c:41
> #9  0x0804d573 in InterfaceThread (arg=0x0) at snort.c:1561
> #10 0x0804c04f in main (argc=5, argv=0xbffffa6c) at snort.c:467
> #11 0x401b9177 in __libc_start_main (main=0x804b9d0 <main>, argc=5,
>     ubp_av=0xbffffa6c, init=0x804ab80 <_init>, fini=0x80b6440 <_fini>,
>     rtld_fini=0x4000e184 <_dl_fini>, stack_end=0xbffffa5c)
>     at ../sysdeps/generic/libc-start.c:129

One thing that would be rather helpful:  What version of Snort? :)  If it's
not 1.8.2, then I would suggest an upgrade to the latest version, as it fixes
many little oddities.

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





More information about the Snort-devel mailing list