[Oisf-users] Strange issue with Suricata 4.1.2 under FreeBSD 12

Peter Manev petermanev at gmail.com
Tue Jan 29 12:30:43 UTC 2019 

On Thu, Jan 24, 2019 at 7:01 PM Carlos Lopez <clopmz at outlook.com> wrote:
>
> Please any input this? Is netmap ready for Suricata?
>

I have sent some suggestions  based on your private config sharing.
Would you please follow up here with the results

You also mentioned you switched to CentOS with afp.(FYI for the audience).

Thank you


> Regards,
> C. L. Martinez
>
> On 22/01/2019, 17:04, "Carlos Lopez" <clopmz at outlook.com> wrote:
>
>     More info about this, changing packet capture from netmap to pcap, all works ok. In theory, my ixgbe driver is supported for netmap:
>
>     [1] 000.000024 [4184] netmap_init               netmap: loaded module
>     [1] ix0: netmap queues/slots: TX 8/2048, RX 8/2048
>     [1] ix1: netmap queues/slots: TX 8/2048, RX 8/2048
>     [1] ix2: netmap queues/slots: TX 8/2048, RX 8/2048
>     [1] ix3: netmap queues/slots: TX 8/2048, RX 8/2048
>
>     Any idea?
>
>     Regards,
>     C. L. Martinez
>
>
>     ________________________________________
>     From: Oisf-users <oisf-users-bounces at lists.openinfosecfoundation.org> on behalf of Carlos Lopez <clopmz at outlook.com>
>     Sent: 21 January 2019 14:37
>     To: oisf users
>     Subject: [Oisf-users] Strange issue with Suricata 4.1.2 under FreeBSD 12
>
>     Hi all,
>
>      I have a strange issue with Suricata 4.1.2 under FreeBSD: suricata doesn't see traffic. Traffic is vlan's tagged. Using tcpdump with the options "-ttt -env -i ix1", I can see the traffic without problems.
>
>     The option of net.bpf.zerocopy_enable=0 and I'm using netmap. Any idea why I can't see the traffic? I am completely lost..
>
>
>
>     Regards,
>     C. L. Martinez
>     _______________________________________________
>     Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>     Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>     List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>     Conference: https://suricon.net
>     Trainings: https://suricata-ids.org/training/
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/



-- 
Regards,
Peter Manev

More information about the Oisf-users mailing list