[Snort-devel] 2GB maximum binary log file size...

C. Philip Wood cpw at ...86...
Mon Nov 19 08:40:04 EST 2001


Abe,

For what it's worth, on linux (2.4.3) I had to change libpcap/savefile.c
with the following at the beginning of the file:

  #ifdef linux
  #define _FILE_OFFSET_BITS 64
  #define _LARGEFILE64_SOURCE
  #endif

Recompile libpcap, and reload libpcap related applications.

Voila, 70 Gibabyte tcpdump file with snaplen of 68 bytes in 24 hours.

Later,

Phil




More information about the Snort-devel mailing list