[Oisf-users] Multiple detect thread
Victor Serbu
victorserbu2709 at gmail.com
Mon Mar 17 08:29:39 UTC 2014
Hi all,
I have tested suricata in the following setup:
PC1 ---- Server(suricata) --- PC2.
Interfaces of suricata server connected to PC1 and PC2 are part of a
bridge and suricata was configured in IPS mode using NFQ,
runmode=autofp and 6 detect threads.
Then we started an iperf session between PC1 and PC2 and observed that
one of Detect thread ocupy 100% core time. Does suricata can be
configured to use multiple thread of type detect to analyze a single
flow?
Thanks,
Victor
More information about the Oisf-users
mailing list