[Oisf-users] max-pending-packets maxing out at 65,000
Josh White
josh at securemind.org
Sat Dec 10 06:35:10 UTC 2011
I appear to be hitting a ceiling of 65,000 packets when setting
max-pending-packets. If I set it to anything higher, even "66,000" Suricata
fails to start.
---
suricata -c /etc/suricata/suricata.yaml -i eth0
[3037] 10/12/2011 -- 01:29:11 - (suricata.c:649) <Info> (main) -- This is
Suricata version 1.1 (rev )
[3037] 10/12/2011 -- 01:29:11 - (util-cpu.c:171) <Info>
(UtilCpuPrintSummary) -- CPUs/cores online: 24
[3037] 10/12/2011 -- 01:29:11 - (util-ioctl.c:85) <Info> (GetIfaceMTU) --
Failure when trying to get MTU via ioctl: 19
[3037] 10/12/2011 -- 01:29:11 - (detect-pcre.c:128) <Info>
(DetectPcreRegister) -- Using PCRE match-limit setting of: 3500
[3037] 10/12/2011 -- 01:29:11 - (detect-pcre.c:138) <Info>
(DetectPcreRegister) -- Using PCRE match-limit-recursion setting of: 1500
---
Can anyone tell me why? Is this a hard set limit?
Thanks,
- Josh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111210/229b3fe0/attachment-0002.html>
More information about the Oisf-users
mailing list