[Oisf-users] Strange issue with Suricata 4.1.2 under FreeBSD 12
Özkan KIRIK
ozkan.kirik at gmail.com
Tue Jan 22 17:27:00 UTC 2019
Hello,
I have same issue with FreeBSD 12.0 RELEASE-p2.
I tried to use both ixl and igb NICs.
When I put netmap with ips mode, capture.kernel_drops is same with
capture.kernel_packets.
22/1/2019 -- 08:58:40 - <Perf> - (W#01-igb3) Kernel: Packets 53, dropped
53, bytes
22/1/2019 -- 08:58:40 - <Perf> - (W#02-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#03-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#04-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#05-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#06-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#07-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#08-igb3) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:40 - <Perf> - (W#01-igb3+) Kernel: Packets 0, dropped 0,
bytes 0
22/1/2019 -- 08:58:41 - <Info> - Alerts: 0
22/1/2019 -- 08:58:41 - <Perf> - ippair memory usage: 382144 bytes,
maximum: 167772
22/1/2019 -- 08:58:42 - <Perf> - host memory usage: 36614400 bytes,
maximum: 134217
22/1/2019 -- 08:58:42 - <Info> - cleaning up signature grouping
structure... comple
22/1/2019 -- 08:58:42 - <Notice> - Stats for 'igb3': pkts: 53, drop: 53
(100.00%),
22/1/2019 -- 08:58:42 - <Perf> - igb3: restoring tso offloading
22/1/2019 -- 08:58:42 - <Perf> - igb3: restoring lro offloading
22/1/2019 -- 08:58:42 - <Notice> - Stats for 'igb3+': pkts: 0, drop: 0
(nan%), inv
22/1/2019 -- 08:58:42 - <Perf> - Cleaning up Hyperscan global scratch
22/1/2019 -- 08:58:42 - <Perf> - Clearing Hyperscan database cache
I think problem is same
On Tue, Jan 22, 2019 at 7:05 PM Carlos Lopez <clopmz at outlook.com> wrote:
> More info about this, changing packet capture from netmap to pcap, all
> works ok. In theory, my ixgbe driver is supported for netmap:
>
> [1] 000.000024 [4184] netmap_init netmap: loaded module
> [1] ix0: netmap queues/slots: TX 8/2048, RX 8/2048
> [1] ix1: netmap queues/slots: TX 8/2048, RX 8/2048
> [1] ix2: netmap queues/slots: TX 8/2048, RX 8/2048
> [1] ix3: netmap queues/slots: TX 8/2048, RX 8/2048
>
> Any idea?
>
> Regards,
> C. L. Martinez
>
>
> ________________________________________
> From: Oisf-users <oisf-users-bounces at lists.openinfosecfoundation.org> on
> behalf of Carlos Lopez <clopmz at outlook.com>
> Sent: 21 January 2019 14:37
> To: oisf users
> Subject: [Oisf-users] Strange issue with Suricata 4.1.2 under FreeBSD 12
>
> Hi all,
>
> I have a strange issue with Suricata 4.1.2 under FreeBSD: suricata
> doesn't see traffic. Traffic is vlan's tagged. Using tcpdump with the
> options "-ttt -env -i ix1", I can see the traffic without problems.
>
> The option of net.bpf.zerocopy_enable=0 and I'm using netmap. Any idea why
> I can't see the traffic? I am completely lost..
>
>
>
> Regards,
> C. L. Martinez
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190122/3afbe541/attachment.html>
More information about the Oisf-users
mailing list