[Snort-devel] Binary (pcap) Logging Limited to 128M
twease at ...402...
Fri Jun 13 15:24:20 EDT 2008
In your log_tcpdump configuration, the second argument specifies the
output log_tcpdump: tcpdump.log 1G
Modifiers 'K', 'M' and 'G' can be used to express the number in
kilobytes, megabytes and gigabytes respectively.
Bamm Visscher wrote:
> I don't see a way to override this other than modifying the value at
> compile time. Is that on purpose and if so, why?
> #define DEFAULT_LIMIT (128*M_BYTES)
More information about the Snort-devel