Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Kernel Dropping Packets

From: sEc nErD <umkcguy1978 () yahoo com>
Date: Wed, 9 Mar 2005 08:57:55 -0800 (PST)
Hi ALL,
I stopped my snort ,Whenevr i use tcp dump on the
sniffing interfaces to write tot he console kernel
drops 90% of the packets ,
but when i do tcp dump to write to a file whatever ti
sniffs it kernel drops zero packets.

Since writing to file requires less cpu usage and
kernel doesnt drop anything ,i am assuming my pcap is
just working fine....but when we write tot he
console...the cpu cannot process info from pcap as
fast....??

But my proccessor info and others dont give me any
resource crunch unless am interpreting them
wrong..please let me know what cud be the issue thanks
any help on that
below are outputs of meminfo,cpu info and top -c
#cat cpuinfo
processor       : 1
vendor_id       : GenuineIntel
cpu family      : 15
model           : 4
model name      : Intel(R) Pentium(R) 4 CPU 3.00GHz
stepping        : 1
cpu MHz         : 2996.236
cache size      : 1024 KB
physical id     : 0
siblings        : 2
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 5
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8
apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx
fxsr sse sse2 ss ht tm pbe pni monitor ds_cpl cid
bogomips        : 5980.16


#cat meminfo
cat meminfo
MemTotal:      1034584 kB
MemFree:        437504 kB
Buffers:        123512 kB
Cached:         222808 kB
SwapCached:          0 kB
Active:         336500 kB
Inactive:       172152 kB
HighTotal:           0 kB
HighFree:            0 kB
LowTotal:      1034584 kB
LowFree:        437504 kB
SwapTotal:     2040244 kB
SwapFree:      2040244 kB
Dirty:               4 kB
Writeback:           0 kB
Mapped:         155860 kB
Slab:            74228 kB
Committed_AS:   247860 kB
PageTables:       7340 kB
VmallocTotal:  3088376 

#top -c 
Cpu(s):  0.2% us,  0.0% sy,  0.0% ni, 99.8% id,  0.0%
wa,  0.0% hi,  0.0% si
Mem:   1034584k total,   597144k used,   437440k free,
  123512k buffers
Swap:  2040244k total,        0k used,  2040244k free,
  222808k cach




        
                
__________________________________ 
Celebrate Yahoo!'s 10th Birthday! 
Yahoo! Netrospective: 100 Moments of the Web 
http://birthday.yahoo.com/netrospective/


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: