[Oisf-users] Suricata v2.1beta2 with geoip and high ram consumption
Jay M.
jskier at gmail.com
Wed Dec 31 15:13:50 UTC 2014
I've been playing around a little with a geoip rule and noticed only
when the sole one is enabled, ram is gobbled up quickly (about an
hour) and eats into the swap with 16 gigs of ram.
So, I've added more RAM to the VM, from 16 to 24 gigs, I'll see what
that does (up to 15 gigs allocated after starting 40 minutes ago).
It does not appear to be dropping packets and the rule is working, as
well as the ETPRO set. I'm wondering if others using geo rules are
also seeing this behavior? I'm not ready to call it a memory leak just
yet...
Additionally, running 64-bit, ArchLinux 3.17.6 kernel.
--
Jay
jskier at gmail.com
More information about the Oisf-users
mailing list