returning! TCP..

[cc <cc () belfordhk com>]

Hi,

Recently, I've noticed that one of my snort'ing machines
is dumping to the stdout the following line:

returning!  TCP (2) IP (0) UDP (0)

Now, I've read from a previous thread that Mark that
the current snort.conf setup might be too CPU intensive.

I found that part of the code within detect.c, and
read the comment that by setting "config checksum_mode: none",
these lines would disappear(?).

Can someone point out the reason for these lines being dumped
to stdout?  I don't have any spp_portscan2/spp_conversation
lines set in the conf file.   Since this is a Celeron 1.7G
w/ 256MB RAM, I doubt the cpu can be beaten to the ground
by the aforementioned preprocessors?

Any clarifications appreciated, thanks!





-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users