[root@localhost snort-2.1.3]# snort -c /etc/snort/snort.conf
Running in IDS mode
Log directory = /var/log/snort
 
Initializing Network Interface eth0
 
        --== Initializing Snort ==--
Initializing Output Plugins!
Decoding Ethernet on interface eth0
Initializing Preprocessors!
Initializing Plug-ins!
Parsing Rules file /etc/snort/snort.conf
 
+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
,-----------[Flow Config]----------------------
| Stats Interval:  0
| Hash Method:     2
| Memcap:          10485760
| Rows  :          4099
| Overhead Bytes:  16400(%0.16)
`----------------------------------------------
No arguments to frag2 directive, setting defaults to:
    Fragment timeout: 60 seconds
    Fragment memory cap: 4194304 bytes
    Fragment min_ttl:   0
    Fragment ttl_limit: 5
    Fragment Problems: 0
    Self preservation threshold: 500
    Self preservation period: 90
    Suspend threshold: 1000
    Suspend period: 30
Stream4 config:
    Stateful inspection: ACTIVE
    Session statistics: INACTIVE
    Session timeout: 30 seconds
    Session memory cap: 8388608 bytes
    State alerts: INACTIVE
    Evasion alerts: INACTIVE
    Scan alerts: INACTIVE
    Log Flushed Streams: INACTIVE
    MinTTL: 1
    TTL Limit: 5
    Async Link: 0
    State Protection: 0
    Self preservation threshold: 50
    Self preservation period: 90
    Suspend threshold: 200
    Suspend period: 30
Stream4_reassemble config:
    Server reassembly: INACTIVE
    Client reassembly: ACTIVE
    Reassembler alerts: ACTIVE
    Zero out flushed packets: INACTIVE
    flush_data_diff_size: 500
    Ports: 21 23 25 53 80 110 111 143 513 1433
    Emergency Ports: 21 23 25 53 80 110 111 143 513 1433
rpc_decode arguments:
    Ports to decode RPC on: 111 32771
    alert_fragments: INACTIVE
    alert_large_fragments: ACTIVE
    alert_incomplete: ACTIVE
    alert_multiple_requests: ACTIVE
telnet_decode arguments:
    Ports to decode telnet on: 21 23 25 119
1679 Snort rules read...
1679 Option Chains linked into 156 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++
 
 
+-----------------------[thresholding-config]----------------------------------
| memory-cap : 1048576 bytes
+-----------------------[thresholding-global]----------------------------------
| none
+-----------------------[thresholding-local]-----------------------------------
| gen-id=1      sig-id=2275       type=Threshold tracking=dst count=5   seconds=60
+-----------------------[suppression]------------------------------------------
-------------------------------------------------------------------------------
Rule application order: ->activation->dynamic->alert->pass->log
 
        --== Initialization Complete ==--
 
-*> Snort! <*-
Version 2.1.3 (Build 27)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
 
 
===============================================================================
Snort analyzed 339 out of 339 packets, dropping 0(0.000%) packets
 
Breakdown by protocol:                Action Stats:
    TCP: 289        (85.251%)         ALERTS: 0
    UDP: 20         (5.900%)          LOGGED: 0
   ICMP: 14         (4.130%)          PASSED: 0
    ARP: 14         (4.130%)
  EAPOL: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 2          (0.590%)
DISCARD: 0          (0.000%)
===============================================================================
Wireless Stats:
Breakdown by type:
    Management Packets: 0          (0.000%)
    Control Packets:    0          (0.000%)
    Data Packets:       0          (0.000%)
===============================================================================
Fragmentation Stats:
Fragmented IP Packets: 0          (0.000%)
    Fragment Trackers: 0
   Rebuilt IP Packets: 0
   Frag elements used: 0
Discarded(incomplete): 0
   Discarded(timeout): 0
  Frag2 memory faults: 0
===============================================================================
TCP Stream Reassembly Stats:
        TCP Packets Used: 288        (84.956%)
         Stream Trackers: 29
          Stream flushes: 1
           Segments used: 8
   Stream4 Memory Faults: 0
===============================================================================
Final Flow Statistics
,----[ FLOWCACHE STATS ]----------
Memcap: 10485760 Overhead Bytes 16400 used(%0.216408)/blocks (22692/45) Overhead blocks: 1 Could Hold: (73326)
IPV4 count: 44 frees: 0 low_time: 1086273032, high_time: 1086273037, diff: 0h:00:05s
    finds: 323 reversed: 136(%42.105263)
    find_sucess: 279 find_fail: 44 percent_success: (%86.377709) new_flows: 44
 Protocol: 1 (%4.334365) finds: 14  reversed: 7(%50.000000)
  find_sucess: 11 find_fail: 3 percent_success: (%78.571429) new_flows: 3
 Protocol: 6 (%89.473684) finds: 289  reversed: 129(%44.636678)
  find_sucess: 260 find_fail: 29 percent_success: (%89.965398) new_flows: 29
 Protocol: 17 (%6.191950) finds: 20  reversed: 0(%0.000000)
  find_sucess: 8 find_fail: 12 percent_success: (%40.000000) new_flows: 12