Re: barnyard2-1.10 major problem

[beenph <beenph () gmail com>]

On Wed, Oct 24, 2012 at 12:03 PM, Lawrence R. Hughes, Sr.
<lhughes () safemedia com> wrote:
> Here is our reponse to Firnsy:
Ok but this was actually an e-mail i wrote, so mabey thats where the
confusion comes from.

> ----- Original Message ----- From: "Lawrence R. Hughes, Sr."
> <lhughes () safemedia com>
> To: "firnsy" <firnsy () securixlive com>
> Cc: "safwat fahmy" <safwat.fahmy () safemedia com>
> Sent: Monday, October 22, 2012 12:08 PM
> Subject: Re: barnyard2-1.10 build 310
>
>
> > Hi Firnsy,
> >
> > Not sure what you wanted me to do with u2_anon (packaged as a windows zip
> > w/src code)
> > Can't compile windows srource code.

For your information u2_anon is written for *nix, github default
download file is zip.
But you wont need it.

> > We made the change you suggested (Increase CACHED_EVENTS_MAX )
> >
> > This did not help!!
> >
> > I am attaching the org. snort unified2 file and you will see one event
> > with
> > 2 packets,
> > however by2 only inserted the first packet and this happened after we
> > modified by2 as you suggested.

add  --alert-on-each-packet-in-stream in your barnyard2 command line
and it will work as expected.

-elz

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!