[Oisf-users] HTTP and DNS alert and captures not working
Cooper F. Nelson
cnelson at ucsd.edu
Sun Jun 26 21:51:27 UTC 2016
Ok I'll try that tomorrow.
On 6/26/2016 2:41 PM, Peter Manev wrote:
> @Cooper - If i am not wrong you are on kernel > 4.2 and using
> af-packet. There is a bug in the kernel with regards to symmetric flow
> hashing for afpacket/suricata. As a test it would be much appreciated
> if you can please try kernel 4.2 or lower and see if it makes any
> difference for you?
>
> @Ceaser - do you have your NIC offloading disabled? (ethtool -k eth0)
>
> Thank you
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160626/36e328d4/attachment-0002.sig>
More information about the Oisf-users
mailing list