[Oisf-users] Tuning Suricata (2.0beta1) -- no rules and lots of packet loss

Cooper F. Nelson cnelson at ucsd.edu
Fri Aug 23 17:11:13 UTC 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>  suricata --build-info
> This is Suricata version 2.0beta1 RELEASE
> Features: PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK PCRE_JIT HAVE_NSS HAVE_LIBJANSSON
> 64-bits, Little-endian architecture
> GCC version 4.7.3, C version 199901
>   __GCC_HAVE_SYNC_COMPARE_AND_SWAP_1
>   __GCC_HAVE_SYNC_COMPARE_AND_SWAP_2
>   __GCC_HAVE_SYNC_COMPARE_AND_SWAP_4
>   __GCC_HAVE_SYNC_COMPARE_AND_SWAP_8
>   __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16
> compiled with -fstack-protector-all
> L1 cache line size (CLS)=64
> compiled with LibHTP v0.5.5, linked against LibHTP v0.5.5
> Suricata Configuration:
>   AF_PACKET support:                       yes
>   PF_RING support:                         no
>   NFQueue support:                         no
>   IPFW support:                            no
>   DAG enabled:                             no
>   Napatech enabled:                        no
>   Unix socket enabled:                     yes
> 
>   libnss support:                          yes
>   libnspr support:                         yes
>   libjansson support:                      yes
>   Prelude support:                         no
>   PCRE jit:                                yes
>   libluajit:                               no
>   libgeoip:                                no
>   Non-bundled htp:                         no
>   Old barnyard2 support:                   no
>   CUDA enabled:                            no
> 
>   Suricatasc install:                      yes
> 
>   Unit tests enabled:                      no
>   Debug output enabled:                    no
>   Debug validation enabled:                no
>   Profiling enabled:                       no
>   Profiling locks enabled:                 no
> 
> Generic build parameters:
>   Installation prefix (--prefix):          /usr
>   Configuration directory (--sysconfdir):  /etc/suricata/
>   Log directory (--localstatedir) :        /var/log/suricata/
> 
>   Host:                                    x86_64-unknown-linux-gnu
>   GCC binary:                              gcc
>   GCC Protect enabled:                     no
>   GCC march native enabled:                yes
>   GCC Profile enabled:                     no


On 8/23/2013 9:00 AM, Peter Manev wrote:
> 
> 
> BTW - are you using the correct htp version?
> What is the output of
> suricata --build-info
> ?
> 
> thanks
> 
> 


- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSF5exAAoJEKIFRYQsa8FWB3kH/R5tduaGVbvp02RNXOGU/hO6
LWmfCKfjredKWHMdchoJ8oLZKkrBSpBp+KSJmBIVUS/XoGSBXBhSaQ+BtZF078mf
s0DBo+Pn/Yw3h6XIic7icq/PrATYrrJhODX1MTsamq4gz51pHRipFmLnuVvoO3My
kdqAG+0qYM3LXPd+4HE6zu6Fz+5TNlZYhlBELLzuYJLD8230JsrW8kV0u1qaV68l
df7y4QGOkvCrdSPQaowDcxGNxOvkmbR5voQXrrylz7mA6z/E+bw656z9WhxvPRIY
OZfr9VvcYrbOnfGYtl8d/7JZl31GmvAlDAgs/34fXsBVlR8t9n4REtCGf0q5Bcw=
=xEAD
-----END PGP SIGNATURE-----

More information about the Oisf-users mailing list