| Search Site |
| Search Rules |
| Account |
| not registered? |
| can't login? |
| user preferences |
 |
 |
|
|||||||||||||||||||
Next: Stream5 TCP Configuration Up: Stream5 Previous: Anomaly Detection Contents
Stream5 Global Configuration
Global settings for the Stream5 preprocessor.
preprocessor stream5_global: [track_tcp <yes|no>], [max_tcp <number>], \
[memcap <number bytes>], \
[track_udp <yes|no>], [max_udp <number>], \
[track_icmp <yes|no>], [max_icmp <number>], \
[flush_on_alert], [show_rebuilt_packets]
| Option | Description |
|---|---|
| track_tcp <yes|no> | Track sessions for TCP. The default is "yes". |
| max_tcp <num sessions> | Maximum simultaneous TCP sessions tracked. The default is "256000", maximum is "1052672", minimum is "1". |
| memcap <num bytes> | Memcap for TCP packet storage. The default is "8388608" (8MB), maximum is "1073741824" (1GB), minimum is "32768" (32KB). |
| track_udp <yes|no> | Track sessions for UDP. The default is "yes". |
| max_udp <num sessions> | Maximum simultaneous UDP sessions tracked. The default is "128000", maximum is "1052672", minimum is "1". |
| track_icmp <yes|no> | Track sessions for ICMP. The default is "yes". |
| max_icmp <num sessions> | Maximum simultaneous ICMP sessions tracked. The default is "64000", maximum is "1052672", minimum is "1". |
| flush_on_alert | Backwards compatibilty. Flush a TCP stream when an alert is generated on that stream. The default is set to off. |
| show_rebuilt_packets | Print/display packet after rebuilt (for debugging). The default is set to off. |
Next: Stream5 TCP Configuration Up: Stream5 Previous: Anomaly Detection Contents Steven Sturges 2008-04-01
| site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved. |