Re: Memory leak

[Michel van Osenbruggen <michel () bit nl>]

Hi,

The memory leak seems to come from the preprocessor stream2.
If that is active leaking goes very fast. With this disabled I still
have some
leackage, but not that bad. It is enough though to make snort stop once
in a while.
These are the other preprocessors I got running:

preprocessor defrag
preprocessor http_decode: 80 -unicode -cginull
preprocessor rpc_decode: 111
preprocessor bo: -nobrute
preprocessor telnet_decode
preprocessor portscan: $INTERNAL 5 5 /var/log/snort/portscan.log
preprocessor portscan-ignorehosts: $DNS_SERVERS
preprocessor arpspoof

Yours sincerely,
Michel van Osenbruggen





Martin Roesch wrote:
> Hi Michel,
>      Can you tell us which preprocessors and output plugins you have
> loaded?  Those are the stateful elements of Snort, so if there's a leak
> it's likely in one of those.
>
>     -Marty
>
> Michel van Osenbruggen wrote:
> > Hi,
> >
> > It seems like snort 1.8 is leaking memory.
> > Has anyone the same experience ?
> >
> > I use snort with PostgreSQL logging by the way.
> >
> > Michel van Osenbruggen
> >
> > _______________________________________________
> > Snort-users mailing list
                
> > Go to this URL to change user options or unsubscribe:
> > http://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> --
> Martin Roesch
> roesch () sourcefire com
> http://www.sourcefire.com - http://www.snort.org

--                            __________________
Met vriendelijke groet,      /\ ___/          
Michel van Osenbruggen      /- \ _/  Business Internet Trends BV
MO1842-RIPE                /--- \/           __________________

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users