Snort Memory Usage
My pfsense box is a celeron 2.4 Ghz with 4GB of 1333mhz memory , At most there are 4 devices browsing the net or streaming music.
I have 1 snort inteface running on the Wan side . All Emerging and Oinkmaster rule sets are enabled.
Under IF Settings i have chosen to Block offenders by source with kill states enabled. Memory perfomance is set at AC
All Preprocessors are enabled . Http server flow depth is set to -1 because i am yet learn how to write any extensive suppresion or white lists that will enable practical usage of http browsing without blocking every second webpage…
Just wondering if it is normal to have sustained memory usage of 60 -70% when idles
From my experience, yes this is normal. Use AC-BNFA for memory performance.