[Oisf-users] Suricata stops seeing packets, afpacket
Chris Fauerbach
chrisfauerbach at gmail.com
Fri Aug 11 13:39:47 UTC 2017
Good morning all! I’ve deployed Suricata 3.2.1 across a few dozen
CentOS 7 based sensors, and I see an occasional issue with sensors in a
virtual environment (may be a red herring).
After a period of time, Suricata stops getting packets from the af packet
interface.
The NIC still gets packets, confirmed with /proc/dev/net..
Has anyone seen this before?
It's rare, and I can't find any error messages in log files.
It takes a Suricata restart to start seeing packets again.
(moderator, sorry for the multiple emails, something was up with my
subscription)
---------------------
Chris Fauerbach <https://twitter.com/lawn4me>
https://fauie.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170811/bf99e4de/attachment.html>
More information about the Oisf-users
mailing list