[Oisf-users] Suricata+Netmap IPS stops passing packets after approx 10 seconds
Andreas Herz
andi at geekosphere.org
Tue Sep 6 20:29:01 UTC 2016
On 03/09/16 at 18:30, Brandon Reeves wrote:
> We have got suricata+netmap working in IPS mode. Once we bring it up,
> we can ping through the device as if it wasnt there. However, within a
> few seconds of receiving traffic, all packets stop passing across
> suricata. This means that all traffic outbound + inbound also stop.
> All we have to do is restart suricata and the issue repeats. We have
> tried multiple versions of FreeBSD as well as suricata and the same
> issue appears. We have done little to tune the default suricata.yaml
> since we have been combating this issue other than configuring the
> interfaces. We have also used the default suricata.yaml from 3.0 and
> 3.1.1.
>
> [...]
>
> Please advise on how I can troubleshoot this issue
How do you run suricata?
Do you see any related messages from the system within the logs?
We're getting more and more FreeBSD users, so I hope someone familiar
with FreeBSD and suricata might step in.
--
Andreas Herz
More information about the Oisf-users
mailing list