Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: freebsd/snort 2.9.0.3 daq: how do I verify it is using the ram?

From: Russ Combs <rcombs () sourcefire com>
Date: Mon, 31 Jan 2011 10:50:41 -0500
The patch should also bump the version number.

With that there is no need to --disable-static-daq.  If you give Snort the
path to the newer dynamic flavor that is the version that will be used.
You can verify that by comparing the output of these commands:

./snort --daq pcap --daq-list
./snort --daq pcap --daq-list --daq-dir <path to patched dynamic lib>

On Sun, Jan 30, 2011 at 3:43 PM, Michael Scheidell <
michael.scheidell () secnap com> wrote:




On 1/30/11 3:30 PM, Michael Altizer wrote:

There is, however, a legitimate (and a tad embarrassing) bug in the current
PCAP DAQ module where it is not properly parsing the "buffer_size" DAQ
variable.  I'll be entering a bug on the Sourcefire side to fix this, thanks
for uncovering it.  If you want to fix it locally, you can use the attached
patch and rebuild the PCAP DAQ module.

thanks I will.. and luckily (or, whatever) I did a -disable-static-daq..
for testing.. and it will just use dynamic.

I am working with dean on cleaning up the snort 2.9.0.3 ports files for
freebsd, so, anything that helps, let me know.


--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300

*| *SECNAP Network Security Corporation


   - Certified SNORT Integrator
   - 2008-9 Hot Company Award Winner, World Executive Alliance
   - Five-Star Partner Program 2009, VARBusiness
   - Best in Email Security,2010: Network Products Guide
   - King of Spam Filters, SC Magazine 2008


 ------------------------------

This email has been scanned and certified safe by SpammerTrap®.
For Information please see http://www.secnap.com/products/spammertrap/
------------------------------



------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better
price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires
February 28th, so secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: