[Snort-users] Snort endless loop in FreeBSD?

Fyodor fygrave at ...121...
Tue Nov 28 05:48:10 EST 2000

> 	I'm testing Snort in a fast ethernet with a lot of traffic.
> (About 60 Mbps average).
> 	The operating system is FreeBSD 4.1.1-STABLE and I am noticing
> some lockups in the program. Sometimes I see that the MySQL database
> is no longer updated, and the CPU eaten by the process jumps from about
> 70% to about 95%.
> 	How can I get a coredump to see where it is stuck? I have tried
> some signals and it doesn't dump.

 kill -11 <snortpid>

 or you can also do:

 gdb /path/to/snort/binary <pid>

 to attach to live process with debugger as well. You will need to compile
 snort with -ggdb switch (make clean; make CFLAGS=-ggdb) to make gdb output
 more informative/useful. We'd appreciate if you could post your findings, 
 so we could fix problems if there are any :)

PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1

More information about the Snort-users mailing list