[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new question: state on firestorm ...

To: Gianni Tedesco <gianni@xxxxxxxxxx>
Subject: Re: new question: state on firestorm ...
From: rmkml <rmkml@xxxxxxxxxx>
Date: Thu, 20 Feb 2003 18:13:35 +0100
Cc: firestorm@xxxxxxxxxxxxxxxx
Delivered-to: mailing list firestorm@scaramanga.co.uk
Mailing-list: contact firestorm-help@scaramanga.co.uk; run by ezmlm
References: <3E54FE91.3DF03E66@wanadoo.fr> <1045759680.1116.388.camel@lemsip>
Sender: test

Gianni Tedesco wrote:

> On Thu, 2003-02-20 at 16:13, rmkml wrote:
> > Hi,
> >
> > How then I to have the stateful number in firestorm ?
> >
> > Possible with 'killall -USR1 firestorm' write information on log file
> > (or other) ?
>
> There is currently no way to collect these statistics (and also pcap
> dropped packets etc.) on the fly, you will just get the data when
> firestorm exits.

I is not this information if stop firestorm-nids : (pcap infos)
...
1045761837.215835 debug: BEGIN: 1045740307.372465
1045761837.215880 debug: END: 1045761837.215718
1045761837.215922 debug: ELAPSED: 21529.843253
1045761837.215970 info: exit: Firestorm exiting normally
1045761837.216009 info: alert: flushing logfiles
1045761837.249145 debug: logrotate: ./@3e54fe18.00031119.elog
1045761837.249639 info: loader: unloading all plugins
1045761837.266894 info: ipfrag: 0 reassembled packets, 0 reasm errors, 0
timeouts
1045761837.267010 info: ipfrag: 0 times out of memory, 0KB still used
1045761837.267057 info: tcpstream: max_concurrent=30 num_active=26
1045761837.267100 info: tcpstream: max_flows=24 num_flows=20
1045761837.267142 info: tcpstream: 488915 state errors out of 2336174 packets

1045761837.267185 info: tcpstream: 0 broadcasts, 0 ttl evasions, 8 timeouts
1045761837.290373 debug: cleanup: exit with code 0

>
>
> However it would be a relatively simple hack to add such functionality
> (neither USR1 nor USR2 signals are used for anything else right now).

sorry, I do not know C dev ...

>
>
> Of course these statistics may be important for tuning purposes so I'll
> stick it in the TODO file :]

Thanks.

>
>
> --
> // Gianni Tedesco (gianni at scaramanga dot co dot uk)
> lynx --source www.scaramanga.co.uk/gianni-at-ecsc.asc | gpg --import
> 8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
>
>   ------------------------------------------------------------------------
>                        Name: signature.asc
>    signature.asc       Type: application/pgp-signature
>                 Description: This is a digitally signed message part

Follow-Ups:
- Re: new question: state on firestorm ...
  - From: Gianni Tedesco

References:
- new question: state on firestorm ...
  - From: rmkml
- Re: new question: state on firestorm ...
  - From: Gianni Tedesco

Prev by Date: Re: Question about log in firestorm ...
Next by Date: Re: new question: state on firestorm ...
Previous by thread: Re: new question: state on firestorm ...
Next by thread: Re: new question: state on firestorm ...
Index(es):
- Date
- Thread