[Snort-users] Why does snort on Linux report this?

Martin Roesch roesch at ...421...
Mon Nov 13 00:32:53 EST 2000


The Linux IP stack doesn't report lost packet stats.  This may be changing in
version 2.4 of Linux, but for now you just don't get them.  Try one of the
BSDs, they work just fine.

     -Marty

Jason Haar wrote:
> 
> When I run snort in non-daemon mode and shut it down with Ctrl-C, it reports
> 
> Snort received 43 packets.
> Packet loss statistics are unavailable under Linux.  Sorry!
> 
> What's missing in Linux that stops that working? Sounds to me like a bit of
> a hole. I mean, doesn't that mean that anyone using snort under Linux won't
> ever know if their system is dropping packets and therefore potentially
> missing attacks/etc?
> 
> --
> Cheers
> 
> Jason Haar
> 
> Unix/Special Projects, Trimble NZ
> Phone: +64 3 9635 377 Fax: +64 3 9635 417
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/snort-users

-- 
Martin Roesch
roesch at ...421...
http://www.snort.org



More information about the Snort-users mailing list