Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Minor notes snort-3.0.0-a1

From: Y M <snort () outlook com>
Date: Sat, 13 Dec 2014 09:28:07 +0000
1. Difference in performance profiling configuration option when building snort with cmake vs. autotools:    cmake 
accepts enable-perfprofiling but not enable-perf-profiling    autotools accepts enable-perf-profiling but not 
enable-perfprofiling
2. When running snort, a fatal error may be generated:     FATAL: can't init /usr/local/snort/etc/snort.lua: 
/usr/local/snort/etc/snort.lua:22: module 'snort_config' not found:        no field package.preload['snort_config']     
   no file './snort_config.lua'    no file '/usr/local/share/luajit-2.0.3/snort_config.lua'        no file 
'/usr/local/share/lua/5.1/snort_config.lua'     no file '/usr/local/share/lua/5.1/snort_config/init.lua'        no file 
'./snort_config.so'     no file '/usr/local/lib/lua/5.1/snort_config.so'        no file 
'/usr/local/lib/lua/5.1/loadall.so'      Fatal Error, Quitting..
    snort_config.lua is not copied to /etc when installing snort. Manually copying snort_config.lua to /etc fixes the 
issue. 
3. Difference in dump_stats() when running with --shell and dump_stats() after running quit():        o")~ 
dump_stats()--------------------------------------------------Packet 
Statistics--------------------------------------------------daq                    pcaps: 
1--------------------------------------------------Module 
Statistics--------------------------------------------------Summary 
Statistics--------------------------------------------------process           local commands: 12o")~ 
o")~ quit()== stoppingo")~ -- [0] eth0--------------------------------------------------Packet 
Statistics--------------------------------------------------daq                    pcaps: 1                 received: 
118                 analyzed: 118                    allow: 118                     idle: 
2--------------------------------------------------codec                    total: 122           (100.000%)             
    discards: 18                 ( 14.754%)                      arp: 2                  (  1.639%)                     
 eth: 122                (100.000%)                    icmp4: 78                 ( 63.934%)                     ipv4: 
120                ( 98.361%)                      tcp: 36                 ( 29.508%)                      udp: 6       
           (  4.918%)--------------------------------------------------Module 
Statistics--------------------------------------------------back_orifice                  packets: 
3--------------------------------------------------binder                  packets: 8                 inspects: 
8--------------------------------------------------perf_monitor                  packets: 
100--------------------------------------------------port_scan_global                  packets: 
98--------------------------------------------------stream                tcp flows: 4                udp flows: 3      
         icmp flows: 1--------------------------------------------------stream_icmp                  created: 1         
        released: 1--------------------------------------------------stream_tcp                 sessions: 4             
    timeouts: 2            data trackers: 4         trackers created: 4        trackers released: 4              segs 
queued: 5            segs released: 5          client cleanups: 
4--------------------------------------------------stream_udp                 sessions: 3                  created: 3   
              released: 3--------------------------------------------------tcp       bad checksum (ip4): 
15--------------------------------------------------udp       bad checksum (ip4): 
3--------------------------------------------------Summary 
Statistics--------------------------------------------------detection                 analyzed: 
118--------------------------------------------------process           local commands: 
15--------------------------------------------------timing                  runtime: 00:02:49                  seconds: 
169.467279                  packets: 118                 pkts/sec: 0o")~   Snort exiting
Thanks.Yaser                                      
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: