Reload shmem preprocessor entries

[Eugenio Pérez <eupm90 () gmail com>]

Hi everyone.

I'm experience a problem. I have a snort installation with reload,
reputation preprocessor and shared mem enabled in ./configure.

When I change zone.info, and I send a reload signal, should snort reload
reputation shared memory (the writer one, instance 0)? My experience is
that is not reloading it.

On the other hand, I've tried to reload the shared memory with
snort_control. However, it freezes forever. If I exec it under 'strace', I
found that it freeze in a read() op:

strace /opt/rb/bin/snort_control /opt/rb/etc/snort/0/cs/instance-0 1361
...
connect(3, {sa_family=AF_FILE,
path="/etc/snort/0/cs/instance-0/SNORT.sock"}, 110) = 0
write(3,
"\0\1\5R\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4110)
= 4110
read(3,

And this happens for all 136* commands. How is the proper way to reload the
reputation rules?

Thanks in advance.

------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!