[Oisf-users] Question on combined protocols
Leonard Jacobs
ljacobs at netsecuris.com
Thu May 16 01:39:20 UTC 2013
I don't see Eric's response anymore. Are all of these messages archived someplace?
I remember seeing something on checking MTUs but I don't recall specifics. The MTU on both interfaces that are used with af-packet are set to 1500.
Is a MTU of 1500 ok?
-----Original Message-----
From: Victor Julien [mailto:lists at inliniac.net]
Sent: Wednesday, May 15, 2013 4:44 AM
To: Leonard Jacobs
Cc: oisf-users at openinfosecfoundation.org
Subject: Re: [Oisf-users] Question on combined protocols
On 05/14/2013 04:30 PM, Leonard Jacobs wrote:
> We get the following message in large amounts when the SSL VPN is used
> but usually different socket numbers only with af-packet IPS mode
> enabled. Is it indicative of the flow timeouts being too small?
>
> SC_ERR_INVALID_ACTION(142) Sending packet failed on Socket 8: Message
> too long Unable to release packet data
These are definitely not okay to have. As Eric said in another thread:
check if the MTU's are equal, if so, it's probably a bug in suri.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list