[Oisf-users] What does it means??
Peter Manev
petermanev at gmail.com
Wed Oct 9 14:05:44 UTC 2013
>>>>>
>>>>>> Do you have TCP checksums enabled in yaml?
>>>>>
>>>>> Nop, as you suggested some time ago :).
>>>>
>>>> aha :)
>>>> So (if I remember correctly) - some time ago we managed to fix this
>>>> issue with the drops. So what happened in between :) ?
>>>>
>>>
>>> This is a different host monitoring different network, and with
>>> different problems :)) ... Previous installation goes well after some
>>> tunning in SPAN port configuration .... But I use this previous
>>> suricata.yaml config as base for this installation ...
>>
>> And does this installation need some tuning in SPAN port
>> configuration a well ? or you are past that stage?
>>
>
> No, it doesn't. In this installation I use an OpenBSD host to redirect
> all traffic to this suricata sensor ..
Ok,
Have you checked the OpenBSD host port/nic that redirect(mirrors?) the
traffic for potential problems/drops and such?
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list