[Oisf-users] Suricata on VALE Switch

Shawn Venti smventi944 at gmail.com
Tue Aug 22 03:03:55 UTC 2017


Thank you Tom and Michael for your replies.

Tom would you be willing to share your modifications so I could give it a try?

Shawn
> On Aug 21, 2017, at 6:18 PM, Tom DeCanio <decanio.tom at gmail.com> wrote:
> 
> I've got some modifications to suricata that supports netmap pipes, which don't work with the versions of code from the OISF. I haven't gotten this to Victor yet.
> 
> If you have issues with vale this version should work with vale as well.
> 
> Tom
> 
> 
> On Mon, Aug 21, 2017, 1:30 PM Michael Shirk <shirkdog.bsd at gmail.com <mailto:shirkdog.bsd at gmail.com>> wrote:
> The assumption without any evidence or testing is that it would work fine. On FreeBSD there have been some new presentations on the use of netmap/vale to support network monitoring of this type.
> 
> 
> 
> --
> Michael Shirk
> Daemon Security, Inc.
> https://www.daemon-security.com <https://www.daemon-security.com/>
> 
> On Aug 21, 2017 1:18 PM, "Shawn Venti" <smventi944 at gmail.com <mailto:smventi944 at gmail.com>> wrote:
> Hello,
> 
> Has anyone had experience with running a Suricata instance with Netmap mode but connected to a virtual port on a VALE switch opposed to a physical NIC?
> 
> Thank You
> 
> Shawn
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org <mailto:oisf-users at openinfosecfoundation.org>
> Site: http://suricata-ids.org <http://suricata-ids.org/> | Support: http://suricata-ids.org/support/ <http://suricata-ids.org/support/>
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users <https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users>
> 
> Conference: https://suricon.net <https://suricon.net/>
> Trainings: https://suricata-ids.org/training/ <https://suricata-ids.org/training/>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org <mailto:oisf-users at openinfosecfoundation.org>
> Site: http://suricata-ids.org <http://suricata-ids.org/> | Support: http://suricata-ids.org/support/ <http://suricata-ids.org/support/>
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users <https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users>
> 
> Conference: https://suricon.net <https://suricon.net/>
> Trainings: https://suricata-ids.org/training/ <https://suricata-ids.org/training/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170821/1e9ec0c7/attachment-0002.html>


More information about the Oisf-users mailing list