What should be the limit of OpenBSD's BPF for running Snort effectively? I would like to use one OpenBSD box with a 4-port NIC. Using TCPDUMP, I see quite a few packets getting dropped (sometimes it is as much as 50%). Since Snort is the other sniffer, this will be used for IDS. Does Snort drop packets as much as TCPDUMP does?