-------------------------------------------------- o")~ Snort++ 3.0.0-247 -------------------------------------------------- Loading /usr/local/snort/etc/snort/snort.lua: ssh pop binder stream_tcp gtp_inspect dce_http_proxy stream_icmp normalizer ftp_server stream_udp search_engine dce_smb file_log daq ips rpc_decode modbus latency wizard reputation Processing blacklist file /usr/local/snort/etc/snort/../../intel/ip-blacklist Reputation entries loaded: 1382, invalid: 0, re-defined: 0 (from file /usr/local/snort/etc/snort/../../intel/ip-blacklist) Processing whitelist file /usr/local/snort/etc/snort/../../intel/ip-whitelist Reputation entries loaded: 0, invalid: 0, re-defined: 0 (from file /usr/local/snort/etc/snort/../../intel/ip-whitelist) appid file_id ftp_data smtp back_orifice port_scan dce_http_server dce_tcp telnet ssl sip classifications http2_inspect http_inspect stream_user stream_ip dnp3 ftp_client stream references arp_spoof dns dce_udp imap stream_file Finished /usr/local/snort/etc/snort/snort.lua. Loading builtin: Finished builtin. Loading rules: Loading /usr/local/snort/etc/snort/../../rules/local.rules: Finished /usr/local/snort/etc/snort/../../rules/local.rules. Finished rules. -------------------------------------------------- rule counts total rules loaded: 473 text rules: 2 builtin rules: 471 option chains: 473 chain headers: 2 -------------------------------------------------- port rule counts tcp udp icmp ip any 472 0 1 0 total 472 0 1 0 -------------------------------------------------- netmap DAQ configured to inline. Commencing packet processing ++ [0] em1:em2 [em2] nr_tx_slots: 1024 nr_rx_slots: 1024 nr_tx_rings: 1 [TX Ring 0] buf_ofs = 7299072 num_slots = 1024 nr_buf_size = 2048 flags = 0x0 nr_rx_rings: 1 [RX Ring 0] buf_ofs = 7372800 num_slots = 1024 nr_buf_size = 2048 flags = 0x0 memsize: 343019520 index: 1 [em1] nr_tx_slots: 1024 nr_rx_slots: 1024 nr_tx_rings: 1 [TX Ring 0] buf_ofs = 7151616 num_slots = 1024 nr_buf_size = 2048 flags = 0x0 nr_rx_rings: 1 [RX Ring 0] buf_ofs = 7225344 num_slots = 1024 nr_buf_size = 2048 flags = 0x0 memsize: 343019520 index: 0 ** caught int signal == stopping Netmap instance em2 (1) blocked 0 times on TX while forwarding. Netmap instance em1 (0) blocked 0 times on TX while forwarding. -- [0] em1:em2 -------------------------------------------------- Packet Statistics -------------------------------------------------- daq received: 16 analyzed: 16 allow: 16 idle: 13 rx_bytes: 960 -------------------------------------------------- codec total: 16 (100.000%) arp: 16 (100.000%) eth: 16 (100.000%) -------------------------------------------------- Module Statistics -------------------------------------------------- detection analyzed: 16 -------------------------------------------------- arp_spoof packets: 16 -------------------------------------------------- latency total_packets: 16 total_usecs: 145 max_usecs: 12 -------------------------------------------------- Summary Statistics -------------------------------------------------- process signals: 1 -------------------------------------------------- timing runtime: 00:00:19 seconds: 19.989106 packets: 16 pkts/sec: 0 o")~ Snort exiting