Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snort 99%cpu..not hanging

From: Jonathan <rakocy () cs wisc edu>
Date: Sun, 30 Jun 2002 10:05:37 -0500 (CDT)
Hello,

After long hours of configuring BSD and psql, everything seems to be going
good.  Wrong, I check top and this is what I see. 
PID USERNAME PRI NICE  SIZE   RES STATE WAIT     TIME    CPU COMMAND
7433 root     64   0  1608K 2516K  run  -        8:23    99.56% snort

Ouch! I can't figure it out.  Snort is logging fine as far as I can
tell. Tailing the alert file produces expected output.  The db dumps lots
of rows.  Then I looked at other options for output and saw that the
kernel was dropping about 70% of packets. 
 
var HOME_NET is set to any.  I've seen some discussion about
explicitly specifying these.  I tried doing this like so 
xyz.abc.0.0/16.  No change. 

Anyone have any suggestions?

Kind regards,

~Jonathan

CSL 




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: