Snort mailing list archives
snort 2.9.0.3 bug? SIGUSR1 broken?
From: Michael Scheidell <michael.scheidell () secnap com>
Date: Fri, 28 Jan 2011 18:54:12 -0500
on snort since: 2001-01-02 mfr <roesch () md prestige net> fy <fygrave () tigerteam net>and up to and including 2.8.6.1, you could send snort a SIGUSR1 and it would dump packet stats to console/syslog
from man page: SIGUSR1Causes the program to dump its current packet statistical infor-
mation to the console or syslogd(8) if in daemon mode. I did this on 2.9.0.3 and got this:Jan 28 18:45:46 scanner2 snort[91717]: !!! Cannot reload attribute table - Attribute table is not configured !!! Jan 28 18:45:46 scanner2 snort[91719]: !!! Cannot reload attribute table - Attribute table is not configured !!!
'./configure' '--enable-flexresp3' '--with-libnet-include=/usr/local/include/libnet11' '--with-libnet-libraries=/usr/local/lib/libnet11' '--enable-dynamicplugin' '--with-mysql=no' '--with-odbc=no' '--with-postgresql=no' '--disable-prelude' '--enable-perfprofiling' '--enable-gre' '--enable-mpls' '--enable-targetbased' '--enable-decoder-preprocessor-rules' '--enable-zlib' '--enable-reload' '--enable-active-response' '--enable-normalizer' '--enable-react' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd7.3' 'build_alias=amd64-portbld-freebsd7.3' 'CC=cc' 'CFLAGS=-O2 -fno-strict-aliasing -pipe -march=nocona' 'LDFLAGS=' 'CPP=cpp' $ac_configure_extra_args --no-create --no-recursion
-- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 >*| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best in Email Security,2010: Network Products Guide * King of Spam Filters, SC Magazine 2008 ______________________________________________________________________This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 28)
- Message not available
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 28)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 28)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Russ Combs (Jan 28)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 28)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Altizer (Jan 28)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Joel Esler (Jan 29)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 29)
- Re: snort 2.9.0.3 bug? SIGUSR1 broken? Michael Scheidell (Jan 28)
- Message not available