[Oisf-users] (no subject)
Travel Factory S.r.l.
mc8647 at mclink.it
Mon Mar 24 10:08:06 UTC 2014
I post the configuration parameters that I think are useful to check.
There are 15 rules loaded at the moment so that Suricata doesn't spend
time on them.
max-pending-packets: 1024
af-packet:
- interface: eth7
threads: 8
cluster-id: 99
cluster-type: cluster_cpu
defrag: yes
use-mmap: yes
ring-size: 300000
defrag:
memcap: 2gb
hash-size: 65536
trackers: 65535
max-frags: 65535
prealloc: yes
timeout: 60
flow:
memcap: 2gb
hash-size: 65536
prealloc: 10000
emergency-recovery: 30
flow-timeouts:
tcp:
new: 6
established: 10
closed: 0
emergency-new: 2
emergency-established: 5
emergency-closed: 2
stream:
memcap: 2gb
max-sessions: 20000000
prealloc-sessions: 10000000
checksum-validation: no
inline: no
reassembly:
memcap: 2gb
depth: 128mb
toserver-chunk-size: 2560
toclient-chunk-size: 2560
More information about the Oisf-users
mailing list