Snort mailing list archives
Question about Snort Unix socket preprocessor
From: Yanyan Yang <toyyyang () yahoo com>
Date: Sat, 23 Aug 2003 20:48:21 -0700 (PDT)
Hello all, I know that Unix socket preprocessor is an experimental feature. I wrote a simple program to use this feature to let Snort send the alert to the socket (snort_alert) and another program to read the alerts from this socket. However, when the amount of alerts is very large (at least over thousands within a minute), recvfrom( ) function call returns -1 with errno 22 which is "Invalid argument" (I use select( ) to listen to a couple of sockets). But I checked that all the arguments passed to recvfrom are valid. Could anyone give me some help? I'd greatly appreciate any input! Yanyan, --------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software
Current thread:
- Question about Snort Unix socket preprocessor Yanyan Yang (Aug 23)