[Oisf-users] [Osif-users] suricata 4.0.5 af-packet mode not bridging packet
kavi perumal
kaviperumal22 at gmail.com
Thu Oct 25 09:58:02 UTC 2018
Hi All,
I am using suricata 4.0.5 in a docker envt. running suricata in af-packet
based IPS mode.
suricata is not bridging packets.
Topology:
[eth0]--------suricata--------[br0] (br0.11 {192.168.1.1)
When i try to ping from external VM to IP 192.168.1.1 i am able to see the
packets at eth0 but not able to see the packets on br0.
Can you please let me know am i doing something wrong? (or) how to check
whether suricata is dropping packet/not?
suricata.yaml:
af-packet:
- interface: eth0
threads: 1
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: br0
buffer-size: 64535
use-mmap: yes
- interface: br0
threads: 1
cluster-id: 97
defrag: yes
cluster-type: cluster_flow
copy-mode: ips
copy-iface: eth0
buffer-size: 64535
use-mmap: yes
Regards
-Kavi Perumal G.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20181025/ce2ec326/attachment.html>
More information about the Oisf-users
mailing list