[Oisf-users] af-packet and Linux Kernel version
Cooper F. Nelson
cnelson at ucsd.edu
Fri Nov 18 18:56:57 UTC 2016
You need a much bigger ring-size for 10G mode. I'm using 500000.
On 11/18/2016 7:33 AM, Jim Hranicky wrote:
> af-packet config from suricata.yaml:
>
> af-packet:
> - interface: ens5f0
> cluster-id: 99
> cluster-type: cluster_flow
> defrag: yes
> rollover: yes
> use-mmap: yes
> mmap-locked: yes
> ring-size: 4096
> buffer-size: 65536
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161118/6d0a902e/attachment-0002.sig>
More information about the Oisf-users
mailing list