[Oisf-users] AF-packet mode not working
Sergio Romero
SRomero at nexica.com
Wed Dec 21 08:41:42 UTC 2016
Hello Peter,
Can you guide me a little to fill a bug report?
I'm attaching the config with networks removed for your revision.
Regards,
Sergio
-----Mensaje original-----
De: Peter Manev [mailto:petermanev at gmail.com]
Enviado el: martes, 20 de diciembre de 2016 17:45
Para: Sergio Romero <SRomero at nexica.net>
CC: oisf-users at lists.openinfosecfoundation.org
Asunto: Re: [Oisf-users] AF-packet mode not working
On Tue, Dec 20, 2016 at 9:48 AM, Sergio Romero <SRomero at nexica.com> wrote:
> Hello Everyone,
>
>
>
> Upgrading to last 4.8 kernel do the trick and start OK, but still show
> the "System too old for tpacket v3 switching to v2"… what do this mean?
>
>
>
> 20/12/2016 -- 09:26:54 - <Info> - 37 rule files processed. 11803 rules
> successfully loaded, 0 rules failed
>
> 20/12/2016 -- 09:26:54 - <Info> - 11804 signatures processed. 1298 are
> IP-only rules, 4447 are inspecting packet payload, 7567 inspect
> application layer, 0 are decoder event only
>
> 20/12/2016 -- 09:26:56 - <Info> - Threshold config parsed: 0 rule(s)
> found
>
> 20/12/2016 -- 09:26:56 - <Info> - fast output device (regular) initialized:
> fast.log
>
> 20/12/2016 -- 09:26:56 - <Info> - eve-log output device (regular)
> initialized: eve.json
>
> 20/12/2016 -- 09:26:56 - <Info> - stats output device (regular) initialized:
> stats.log
>
> 20/12/2016 -- 09:26:56 - <Notice> - System too old for tpacket v3
> switching to v2
Can you please post a bug report?
If it is possible - could share your yaml config as well - mask out the nets - no problem.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: suricata.yaml.txt
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161221/281c568f/attachment-0002.txt>
More information about the Oisf-users
mailing list