Snort - out of swap space
Just upgraded to pfSense 1.2.2 and added the snort package.
Downloaded rules and emergingthreat rules and started.
Get this in the pfsense system log:
kernel:swap_pager: out of swap space
kernel: swap_pager_getswapspace(16): failed
kernel: pid 5669 (snort), uid 0, was killed: out of swap space
I have 256 MB ram, running sparseband setting. Swap usage is at 13% (not snort running).
Do I need to add more RAM or is my swap to small? How could I check my swap size?
Nevermind, I succeded in adding a new disk and making it a swap partition.
ColdFusion last edited by
You need more Ram plain and simple. A Gig is recommended.
Cry Havok last edited by
Snort is a memory hog, the more rules you add (and the more complex they are) the more it becomes so. Add as much memory as you can, at least 1 GB as CF says, but I'd recommend 2 GB+.
Yeah I noticed. Now have 512 MB RAM, and 3 GB swap partition. snort uses 1.3 GB.
Will increase if I see a need. Will try running in this conf for a while.
Shouldn't be much of an impact for surfing :P