[Snort-devel] Snort-2.7 Beta1

Steven Sturges steve.sturges at ...402...
Thu Feb 1 22:14:27 EST 2007


Hi CS--

Try reducing both the time (300 is seconds) and packet count
parameters.  If you have a low bandwidth network link, it
might take a bit of time to accumulate 10k packets.

Cheers
-steve

CS Lee wrote:
> I have compiled snort-2.7beta1 from source on FreeBSD 6.2, here's my
> compile
> option -
> 
> ./configure --enable-stream4udp \
> --enable-dynamicplugin --enable-timestats \
> --enable-perfprofiling --enable-flexresp2 \
> --enable-react --enable-gre \
> --prefix=/usr/local/stow/snort-2.7b1 \
> --with-dnet-includes=/usr/local/include \
> --with-dnet-libraries=/usr/local/lib
> 
> Then regular make and make install. I uncomment this line in snort.conf -
> 
> preprocessor perfmonitor: time 300 file /nsm/ninja/snort.stats pktcnt 10000
> 
> Then I start to run snort and monitor the network interface in ids mode,
> however there's nothing at all in snort.stats.
> 
> ls -la /nsm/ninja/snort.stats
> -rw-r--r--  1 sguil  sguil  0 Feb  1 15:33 /nsm/ninja/snort.stats
> 
> BTW, I have no problem with snort 2.6.
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier.
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel





More information about the Snort-devel mailing list