No TCP alerts, only UDP and ICMP

[Y M <snort () outlook com>]

I have a Snort sensor that sees all traffic (TCP, UDP, ICMP) but alerts on UDP and ICMP only and not TCP.

I verified that the interface is getting TCP packets through tcpdump and also verified that Snort processes TCP packets 
by running Snort in verbose mode (-v) as well as the statistics from Snort when it stops. However, no TCP alerts get 
generated when running Snort to dump the packets (-b) or the usual unified2 output. 

The ruleset (generated with PulledPork) has many TCP rules plus several custom ones. Has anyone faced a similar 
situation?

Thanks.
YM

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!