[Oisf-devel] Management over AF_Packet Bridge NICs
Eric Leblond
eric at regit.org
Tue Aug 30 06:43:29 UTC 2016
Hello,
On Tue, 2016-08-30 at 16:35 +1000, Stephen Watson wrote:
> I’ve got half a dozen Suricata boxes running. Previously I have
> been able to run 2 NICs for the AF_Packet bridge and still SSH in on
> port 22 for administration using one of those NICs.
>
> I just setup a new box, this one on Centos 7 (other are Centos 5.5 to
> 6.4) and I cannot SSH into the NICs used for AF_packet while Suricata
> is running.
>
> Also from console I see Suricata can’t access the internet outbound
> either when suricate is running.
>
> I’ve tried lots of stuff but it won’t budge. Any ideas on opening
> up the AF_packet interface so they are available while suricate is
> running ?
It is not supposed to happen. At least on Vanilla kernel. What is the
state of the interfaces before and after you start Suricata (ip l l, ip
a l). And which Suricata are you using ?
++
--
Eric Leblond <eric at regit.org>
More information about the Oisf-devel
mailing list