[Oisf-users] Suricata with multiple NICs
Eric Leblond
eric at regit.org
Tue Nov 22 14:05:12 UTC 2011
Hello,
On Tue, 2011-11-22 at 13:59 +0000, Peter Bates wrote:
> Hello all
>
> I've been reading the Suricata documents and
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml
> - to try and get a handle on the different modes of operation Suricata
> supports.
>
> I have a host with 4 NICs and 8 CPU cores - in a perfect world it
> would be nice to have different netblocks split onto the different
> NICs and for Suricata to process traffic from them all.
Good to hear, we're working on achieving a perfect world ;)
> Is this possible with one of the different modes (I'm using AF_PACKET
> at the moment with one NIC) - or does it involve running multiple
> instances?
Yes, you can listen to multiple interfaces with all existing modes. For
information about the syntax, see:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Upgrading_Suricata_10_to_Suricata_11
BR,
--
Eric Leblond
Blog: http://home.regit.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111122/2d5d8d63/attachment.sig>
More information about the Oisf-users
mailing list