Actions
Bug #7457
closed
snort use too much resource
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Snort
Target version:
-
Start date:
04/07/2017
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
first of all, As official wiki said, pfsense has removed layer7 packets filter feature after version 2.3 for the poor performance.
And for some layer7 detection, it recommend using snort. However, after having tried, I found that once start snort service, the cpu usage jumped from 1% to 50%,
and memory used jumped from 60M to 500M, while there is nearly no traffic at that time, it's a litte surprising, I think the snort layer7 detection is also broken, or there is something wrong with the kernel, it may need a fix rather than be removed directly, but I'm not so sure.
this is my cpu model:
Intel(R) Celeron(R) CPU G1840 @ 2.80GHz
2 CPUs: 1 package(s) x 2 core(s)
Updated by Kill Bill 
Updated by
Actions