[Oisf-devel] RFC: Netmap support for Suricata (WIP)

Eric Leblond eric at regit.org
Wed May 8 09:56:00 UTC 2013


Le mardi 07 mai 2013 à 14:33 -0700, Tom DeCanio a écrit :
> Leonardo da Silva and I have been working on adding Netmap support to
> Suricata.

That's an excellent news ! I've been asked for netmap support 2 weeks
ago ;)

> The code here is still a work in progress.  The code has
> been based on the af-packet support for Suricata and is intended to provide
> functionality similar to that provided by af-packet.

Given what I have seen of netmap API in your code, this was a good
starting point.

> This will eventually support both IDS and IPS modes of operation as
> does af-packet.  Some testing of the current version of the code has
> been done on the IDS mode of operation.  IPS support is still a work
> in progress, at this point largely by making edits based on af-packet
> source code.  At this point IPS support is not expected to work.


> The code lives at https://github.com/decanio/suricata-np/tree/dev-netmap.
> At indicated this is still work in progress, but comments are welcome.

I've done a little reading of the source code. All is clean for me (at
least at the global level). I will look in details when the code will be

> Leonardo and I will follow up here as we continue to develop the code.

OK, can't wait for the update!


> Regards;
> Tom
> --------------------------------------------------------------------
> The information contained herein is for the exclusive use of the original recipient.  This information is granted for limited distribution within the recipient's organization for planning purposes only.  Further dissemination, whether private or public, is prohibited and may be covered under a non-disclosure agreement.
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate: http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20130508/8033018d/attachment.sig>

More information about the Oisf-devel mailing list