[Oisf-users] Suricata v2.1beta2 with geoip and high ram consumption
Peter Manev
petermanev at gmail.com
Tue Jan 6 13:56:06 UTC 2015
On Tue, Jan 6, 2015 at 2:54 PM, Jay M. <jskier at gmail.com> wrote:
> Correction, I meant inline IDS not IPS. I'll try that for science
> anyway. What I meant was I am doing out of band monitoring only with
> suricata, not using it as an inline IDS, so any blocking would be
> irrelevant.
>
> FYI, I'm up to 20 gigabytes of allocated ram this morning after
> turning on the timer to reload every two hours and testing some custom
> rules I did yesterday.
> --
> Jay
> jskier at gmail.com
>
>
Is that af_packet or pcap mode?
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list