[Snort-users] command line options...
wkitty42 at ...14940...
Fri Sep 24 17:56:06 EDT 2010
On 9/24/2010 11:21, Russ Combs wrote:
> On Thu, Sep 23, 2010 at 9:44 PM, waldo kitty <wkitty42 at ...14940...
> <mailto:wkitty42 at ...14940...>> wrote:
> On 9/23/2010 20:22, Russ Combs wrote:
> > On Thu, Sep 23, 2010 at 5:34 PM, waldo kitty wrote:
> > On 9/23/2010 16:22, Jefferson, Shawn wrote:
> > > It's definitely in the config.log in the directory where you ran
> > configure/make if you still have that around.
> > yes, actually, i do still have that on the devel box with its
> > "unique" build environment... thanks to you and others who have
> > responded... i was hoping that there was a command line option
> > so that those who get/use pre-compiled versions of snort would
> > have a method of listing them...
> > You can also run:
> > pkg-config --cflags snort
> i don't have pkg-config available in my environment...
dunno about this... the environment i work in is a very stripped firewall
distribution... even the development stuff is very stripped with just enough of
the necessary stuff to build its own tool chain, compile its apps/libs and
create its installation ISOs... while adding stuff to it is "fairly" trivial, it
doesn't always work but that depends on what that stuff is...
thanks for the pointer, though... i may come in handy one day...
> > etc. If snort.pc is in an unusual place, set this:
> however, i do have this snort.pc file and was looking at it earlier... i can say
> that it is much easier to read in raw format than config.log ;)
> so, can you or anyone else say what the defaults are in snort if none of the
> "VRT recommended compile options" are used?
> ./configure --help should hint at which are enabled / disabled. For example:
> --enable-ipv6 Enable IPv6 support
> --disable-corefiles Prevent Snort from generating core files
> indicate that ip6 is disabled by default and corefiles are enabled by default.
nonononono... i was speaking of what snort gets compiled with as default when no
--enable-blah stuff is specified... /that's/ what i consider "default"... having
to add --enable-blah stuff is customized ;)
> However, that being just help text, you are better off examining configure.log
> or snort.pc for the definitive answer.
yes... but it shows what is passed... not what the base defaults are without
anyway, back to trying to figure out why we now have three snort processes when
we used to only have one... we're testing these compile time options...
previously, there were no --enable-blah options passed... the memory footprint
usage is also a bit more than we had before but we'll get to that as we move
thru our testing and digging ;)
More information about the Snort-users