This enables active responses (snort will send TCP RST or ICMP unreachable/port) when dropping a session.
./configure --enable-active-response / -DACTIVE_RESPONSE
preprocessor stream5_global: \
max_active_responses <max_rsp>, \
min_response_seconds <min_sec>
<max_rsp> ::= (0..25)
<min_sec> ::= (1..300)
Active responses will be encoded based on the triggering packet. TTL will be set to the value captured at session pickup.