3. Snort memory usage. how much is needed?

Snort memory usage. how much is needed?

  • ?

    512mb ram
    PIII 733MHZ

    snort only runs a couple of hours at most, hovewer i rarerly got anything less then ~120mb of free ram

    eather snort2c or snort dies
    11080  ??  Ss    0:02.68 snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort -i fxp1 -A full -D
    11083  ??  Is    0:00.01 snort2c -w /var/db/whitelist -a /var/log/snort/alert

    i have now with both processes running about ~180mb mb free (freshly restarted)

    Mem: 163M Active, 87M Inact, 59M Wired, 60M Buf, 184M Free
    Swap: 1024M Total, 1024M Free

    At the most i see "promiscuess mode disabled" or some like it

    Only have 2 mem slots in the box and i dont have any 512 to insert.

    Is this related to lack of memory?

    /Fredde

    0
  • C

    How much snort needs depends on how you configure it.  I've certainly seen it, under certain configurations, consume well over 1 GB of RAM.

    0
  • ?

    Sounds like i need to get more memory then, and hope the snort crasing ends

    /F

    0
  • C

    I shoudl say that I've never (yet) seen snort crash due to a lack of RAM.  However, I've never run it for any length of time without at least 2 GB of RAM installed.

    0
  • G

    I'm running ac-sparsebands with about half of the rules enabled.  I'm using approx. 240 MB per interface.  This is on top of whatever else you're running.

    -GTM

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy