[Oisf-users] FreeBSD NETMAP guide
Cloherty, Sean E
scloherty at mitre.org
Thu Mar 10 12:29:47 UTC 2016
. . . and I can't be the only one hoping for the same for CentOS...
-----Original Message-----
From: Oisf-users [mailto:oisf-users-bounces at lists.openinfosecfoundation.org] On Behalf Of elof2 at sentor.se
Sent: Thursday, March 10, 2016 06:48 AM
To: oisf-users at lists.openinfosecfoundation.org
Subject: [Oisf-users] FreeBSD NETMAP guide
Hi all, especially FreeBSD users.
In the docs directory there's an old textfile for FreeBSD 8.
I would greatly appreciate if the FreeBSD users merged together an updated textfile with hints, tips and tricks for FreeBSD 10.x/11.x, with the new NETMAP support.
Examples of topics I'd like:
What hardware (NICs) is known to work good?
rc.conf
- give examples and explain that e.g. options "-lro" and "monitor" should be used (for IDS mode)
What tweaks to put in /etc/sysctl.conf (and /boot/loader.conf???).
- net.bpf.zerocopy_enable=1 ?
- net.bpf.maxbufsize= huge numer? How large? 15% of total RAM?
- kern.ipc.maxsockbuf? kern.threads.max_threads_per_proc? dev.ix.0.fc=0?
- etc
What config/tweaks to put in suricata.yaml
- specifically for NETMAP
- Mapping CPUs to queues
- recommended runmode
- etc
If you people can feed me your thoughts and experiences, I'm happy to
put together a new textfile (FreeBSD.NETMAP.txt) for the docs dir.
It's time to show the world that linux+PF-RING isn't the only way to go.
/Elof
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net
More information about the Oisf-users
mailing list