[Snort-users] command line options...

waldo kitty wkitty42 at ...14940...
Fri Sep 24 17:56:06 EDT 2010

On 9/24/2010 11:21, Russ Combs wrote:
> On Thu, Sep 23, 2010 at 9:44 PM, waldo kitty <wkitty42 at ...14940...
> <mailto:wkitty42 at ...14940...>> wrote:
>     On 9/23/2010 20:22, Russ Combs wrote:
>      >
>      > On Thu, Sep 23, 2010 at 5:34 PM, waldo kitty wrote:
>      >
>      >     On 9/23/2010 16:22, Jefferson, Shawn wrote:
>      > > It's definitely in the config.log in the directory where you ran
>      >     configure/make if you still have that around.
>      >
>      >     yes, actually, i do still have that on the devel box with its
>      >     "unique" build environment... thanks to you and others who have
>      >     responded... i was hoping that there was a command line option
>      >     so that those who get/use pre-compiled versions of snort would
>      >     have a method of listing them...
>      >
>      > You can also run:
>      >
>      > pkg-config --cflags snort
>     i don't have pkg-config available in my environment...
> http://pkgconfig.freedesktop.org/releases/

dunno about this... the environment i work in is a very stripped firewall 
distribution... even the development stuff is very stripped with just enough of 
the necessary stuff to build its own tool chain, compile its apps/libs and 
create its installation ISOs... while adding stuff to it is "fairly" trivial, it 
doesn't always work but that depends on what that stuff is...

thanks for the pointer, though... i may come in handy one day...

>      > etc.  If snort.pc is in an unusual place, set this:
>     however, i do have this snort.pc file and was looking at it earlier... i can say
>     that it is much easier to read in raw format than config.log ;)
>     so, can you or anyone else say what the defaults are in snort if none of the
>     "VRT recommended compile options" are used?
> ./configure --help should hint at which are enabled / disabled.  For example:
>    --enable-ipv6            Enable IPv6 support
>    --disable-corefiles      Prevent Snort from generating core files
> indicate that ip6 is disabled by default and corefiles are enabled by default.

nonononono... i was speaking of what snort gets compiled with as default when no 
--enable-blah stuff is specified... /that's/ what i consider "default"... having 
to add --enable-blah stuff is customized ;)

> However, that being just help text, you are better off examining configure.log
> or snort.pc for the definitive answer.

yes... but it shows what is passed... not what the base defaults are without 
--enable-blah stuff...

anyway, back to trying to figure out why we now have three snort processes when 
we used to only have one... we're testing these compile time options...


previously, there were no --enable-blah options passed... the memory footprint 
usage is also a bit more than we had before but we'll get to that as we move 
thru our testing and digging ;)

More information about the Snort-users mailing list