[Oisf-users] How to discover Dropped packets
Filippo Carletti
filippo.carletti at gmail.com
Thu Oct 27 21:57:44 UTC 2016
> So what you could start with is to check if you run into the same part
> as I did. I added output to make sure that's the section of the code
> where my dropped packets ran into.
To be sure I've understood: I'll need to rebuild Suricata with
–enable-debug and run with SC_LOG_LEVEL=Debug
SC_LOG_OP_FILTER=”stream” suricata...
Or no filter at all?
> It would be also helpful if you can reproduce the issue with a dedicated
> traffic so we could look into that. I also assume that it's no
> load/performance issue?
I'll try to find a traffic pattern.
I'd rule out performance issues, my ADSL link is a 7/1mbit. :-(
Do you think that mid stream pickup not making a difference means that
all traffic goes to Suricata (i.e. no iptables problem with nfqueue
rules)?
--
Ciao,
Filippo
More information about the Oisf-users
mailing list