[Oisf-users] suricata ids+ips in one process
Sergey Naumov
sknaumov at gmail.com
Thu Dec 1 07:08:19 UTC 2011
Hello.
I would like to ask whether suricata can be started as ids + ips in one process?
I am trying to start it with:
suricata -c /suricata.yaml -q666 --pfring
Without --pfring it works, but if I specify --pfring (and I have empty
pfring: section in suricata.yaml delibirately), suricata exits.
The reason is to save memory, because tree of signatures is huge and
consumes a lot of memory even in case of one suricata process.
Thanks in advance,
Sergey Naumov.
More information about the Oisf-users
mailing list