Antwort: Re: [Snort-users] Are packets being dropped?

Jason Opperisano jopperisano at ...1342...
Fri Mar 2 09:33:22 EST 2001


so if i'm hearing everyone correctly, i should be able to send snort a -USR1
and have it dump its stats to syslog; i.e. kill -USR1 <SNORT_PID>, or kill
-30 <SNORT_PID>.

i am running snort 1.7 on openbsd 2.7 in daemon mode and i can't get this to
work.  here are the details:

# snort -V

-*> Snort! <*-
Version 1.7
By Martin Roesch (roesch at ...66..., www.snort.org)

# uname -a
OpenBSD obiwan 2.7 GENERIC#0 i386

i start snort thusly:

/usr/local/bin/snort -u snort -g snort -dDpv -i xl1 -l /var/log/snort -c
/etc/snort/snort.conf

if i do a kill -USR1 (or 30) on snort's PID and tail /var/log/messages,
there's no statistics.

what am I doing wrong?

-----Original Message-----
From: holger.bumke at ...1216... [mailto:holger.bumke at ...1216...]
Sent: Friday, March 02, 2001 7:54 AM
To: snort-users at lists.sourceforge.net
Subject: Antwort: RE: Antwort: Re: [Snort-users] Are packets being
dropped?




Just count them from left to right:
HUP=1
KILL=9
USR1=30

(10=BUS and 16=URG... ouch! =;^)

Regards,
   Holger





Jason Opperisano <jopperisano at ...1342...> am 02.03.2001 13:28:29

An:   "'snort-users at lists.sourceforge.net'"
<snort-users at lists.sourceforge.net>
Kopie:     (Blindkopie: Holger Bumke/nbg/DE)

Thema:    RE: Antwort: Re: [Snort-users] Are packets being dropped?




anyone got the magic number for openbsd?  kill -l only lists the following:

HUP INT QUIT ILL TRAP ABRT EMT FPE KILL BUS SEGV SYS PIPE ALRM TERM URG
STOP TSTP CONT CHLD TTIN TTOU IO XCPU XFSZ VTALRM PROF WINCH INFO USR1 USR2

10 isn't it; 16 actually kills the process (doh!)...

USR1 ain't it either...

thanks!





_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users




More information about the Snort-users mailing list