Snort mailing list archives

Previous By Date Next
Previous By Thread Next

really needing help

From: Dorian ROSSE via Snort-users <snort-users () lists snort org>
Date: Sun, 19 May 2019 18:26:40 +0000
Hello,


I don’t success to go more far which the test mode of snort for installing,

I copy past what I have set up if you have a usefull repair or advice I will take 😊

preprocessor stream5_global: \
        [track_tcp yes], [max_tcp 1048576], \
        [memcap 1073741824], \
        [track_udp yes], [max_udp 1048576], \
        [track_icmp yes], [max_icmp 1048576], \
        [track_ip yes], [max_ip 1048576], \
        [flush_on_alert yes], [show_rebuilt_packets yes], \
        [prune_log_max 1073741824], [disabled], \
        [enable_ha yes]

preprocessor stream5_ha: [min_session_lifetime 65535], \
        [min_sync_interval 65535], [startup_input_file snort-ha-mess-startup.log], \
        [runtime_output_file snort-ha-mess-in-works], [use_side_channel yes]

preprocessor stream5_tcp: \
        [log_asymmetric_traffic yes], \
        [bind_to 192.168.1.1], \
        [timeout 86400], [policy first], \
        [overlap_limit 255], [max_window 1073725440], \
        [require_3whs [86400]], [detect_anomalies yes], \
        [check_session_hijacking yes], [use_static_footprint_sizes off], \
        [dont_store_large_packets off], [dont_reassemble_async both], \
        [max_queued_bytes 1073741824], [max_queued_segs 1073741824], \
        [small_segments 2048 bytes 2048 [ignore_ports number [number]*]],  \
        [ports both all|65535|!number [number]* [!number]*>], \
        [protocol both all [service name]*>], \
        [ignore_any_rules], [flush_factor <number segs>]

preprocessor stream5_udp: [timeout 86400], \
        [ignore_any_rules off]

preprocessor stream5_icmp: [timeout 86400]

preprocessor stream5_ip: [timeout 86400]



Thank you in advance to help me,

Regards.


Dorian ROSSE.


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Previous By Date Next
Previous By Thread Next

Current thread: