=============================================================================== Run time for packet processing was 23.62363 seconds Snort processed 29786 packets. Snort ran for 0 days 0 hours 0 minutes 23 seconds Pkts/sec: 1295 =============================================================================== Memory usage summary: Total non-mmapped bytes (arena): 177520640 Bytes in mapped regions (hblkhd): 13864960 Total allocated space (uordblks): 97386752 Total free space (fordblks): 80133888 Topmost releasable block (keepcost): 117072 =============================================================================== Packet I/O Totals: Received: 29785 Analyzed: 29786 (100.003%) Dropped: 0 ( 0.000%) Filtered: 0 ( 0.000%) Outstanding: 0 ( 0.000%) Injected: 2 =============================================================================== Breakdown by protocol (includes rebuilt packets): Eth: 29867 (100.000%) VLAN: 19 ( 0.064%) IP4: 29805 ( 99.792%) Frag: 0 ( 0.000%) ICMP: 86 ( 0.288%) UDP: 402 ( 1.346%) TCP: 29244 ( 97.914%) IP6: 0 ( 0.000%) IP6 Ext: 0 ( 0.000%) IP6 Opts: 0 ( 0.000%) Frag6: 0 ( 0.000%) ICMP6: 0 ( 0.000%) UDP6: 0 ( 0.000%) TCP6: 0 ( 0.000%) Teredo: 0 ( 0.000%) ICMP-IP: 0 ( 0.000%) IP4/IP4: 0 ( 0.000%) IP4/IP6: 0 ( 0.000%) IP6/IP4: 0 ( 0.000%) IP6/IP6: 0 ( 0.000%) GRE: 0 ( 0.000%) GRE Eth: 0 ( 0.000%) GRE VLAN: 0 ( 0.000%) GRE IP4: 0 ( 0.000%) GRE IP6: 0 ( 0.000%) GRE IP6 Ext: 0 ( 0.000%) GRE PPTP: 0 ( 0.000%) GRE ARP: 0 ( 0.000%) GRE IPX: 0 ( 0.000%) GRE Loop: 0 ( 0.000%) MPLS: 0 ( 0.000%) ARP: 37 ( 0.124%) IPX: 0 ( 0.000%) Eth Loop: 2 ( 0.007%) Eth Disc: 0 ( 0.000%) IP4 Disc: 57 ( 0.191%) IP6 Disc: 0 ( 0.000%) TCP Disc: 0 ( 0.000%) UDP Disc: 0 ( 0.000%) ICMP Disc: 0 ( 0.000%) All Discard: 57 ( 0.191%) Other: 39 ( 0.131%) Bad Chk Sum: 56 ( 0.187%) Bad TTL: 0 ( 0.000%) S5 G 1: 47 ( 0.157%) S5 G 2: 34 ( 0.114%) Total: 29867 =============================================================================== Action Stats: Alerts: 1 ( 0.003%) Logged: 1 ( 0.003%) Passed: 0 ( 0.000%) Limits: Match: 0 Queue: 0 Log: 0 Event: 0 Alert: 0 Verdicts: Allow: 19896 ( 66.799%) Block: 2 ( 0.007%) Replace: 0 ( 0.000%) Whitelist: 9887 ( 33.195%) Blacklist: 1 ( 0.003%) Ignore: 0 ( 0.000%) =============================================================================== Normalizer statistics: ip4::trim: 0 ip4::tos: 0 ip4::df: 0 ip4::rf: 0 ip4::ttl: 0 ip4::opts: 0 icmp4::echo: 0 ip6::ttl: 0 ip6::opts: 0 icmp6::echo: 0 tcp::syn_opt: 0 tcp::ts_ecr: 0 tcp::opt: 0 tcp::pad: 0 tcp::rsv: 0 tcp::ecn_pkt: 0 tcp::ns: 0 tcp::urg: 0 tcp::urp: 0 tcp::trim: 0 tcp::ecn_ssn: 0 tcp::ts_nop: 0 tcp::ips_data: 0 tcp::block: 0 =============================================================================== Stream5 statistics: Total sessions: 520 TCP sessions: 316 UDP sessions: 204 ICMP sessions: 0 IP sessions: 0 TCP Prunes: 0 UDP Prunes: 0 ICMP Prunes: 0 IP Prunes: 0 TCP StreamTrackers Created: 316 TCP StreamTrackers Deleted: 316 TCP Timeouts: 0 TCP Overlaps: 0 TCP Segments Queued: 10470 TCP Segments Released: 10470 TCP Rebuilt Packets: 1818 TCP Segments Used: 10363 TCP Discards: 13 TCP Gaps: 43 UDP Sessions Created: 204 UDP Sessions Deleted: 204 UDP Timeouts: 0 UDP Discards: 0 Events: 26 Internal Events: 0 TCP Port Filter Filtered: 0 Inspected: 0 Tracked: 19218 UDP Port Filter Filtered: 0 Inspected: 0 Tracked: 204 =============================================================================== HTTP Inspect - encodings (Note: stream-reassembled packets included): POST methods: 2 GET methods: 344 HTTP Request Headers extracted: 346 HTTP Request Cookies extracted: 286 Post parameters extracted: 2 HTTP response Headers extracted: 326 HTTP Response Cookies extracted: 29 Unicode: 0 Double unicode: 0 Non-ASCII representable: 0 Directory traversals: 0 Extra slashes ("//"): 6 Self-referencing paths ("./"): 0 HTTP Response Gzip packets extracted: 127 Gzip Compressed Data Processed: 624237.00 Gzip Decompressed Data Processed: 2207368.00 Total packets processed: 13259 =============================================================================== SMTP Preprocessor Statistics Total sessions : 12 Max concurrent sessions : 9 Base64 attachments decoded : 1 Total Base64 decoded bytes : 4053 Quoted-Printable attachments decoded : 8 Total Quoted decoded bytes : 50745 UU attachments decoded : 0 Total UU decoded bytes : 0 Non-Encoded MIME attachments extracted : 10 Total Non-Encoded MIME bytes extracted : 2697 =============================================================================== Reputation Preprocessor Statistics Total Memory Allocated: 584128 Number of packets whitelisted: 9887 ===============================================================================