[Oisf-users] Fwd: Unblock whatsapp

[Владислав Дубов]

Thank you.  The router box has the following configuration

Intel(R) Xeon(TM) CPU 2.80GHz
2 CPUs: 1 package(s) x 2 hardware threads
AES-NI CPU Crypto: No
Memory 1997 MiB

Is it adequate for our needs?

We have now switched SURICATA altogether.  We are not experiencing any
network problems at all.



пт, 17 янв. 2020 г. в 00:18, James Moe <jimoe at sohnen-moe.com>:

> On 2020-01-15 1:15 PM, Владислав Дубов wrote:
>
> > Thank you.  195.68.154.66 is our pfSense router, which hosts Suricata and
> > connects our LAN to the outside WAN.
> >
>   Ah. That's helpful.
>   I also wanted the IP address for whatsapp.com for your locale.
>
>   Looking at the log, at 10:56:07 a lot of DNS requests are listed,
> followed by
> some email, then a large amount of traffic between 94.124.195.19 and
> 195.68.154.75. It continues throughout the day.
>
> > When the 'messy' things start, I cannot even open the Whatsapp home page
> in my
> > browser.
> >
>   How much memory does the router have?
>   How much free RAM is available when Suricata is running? If the router is
> swapping to disk, that slows processing to teletype speeds.
>   What is the CPU usage when Suricata is running? Suricata is quite
> demanding of
> CPU resources.
>
>   Please try disabling the SURICATA rules. In disable.conf add:
> # Disable all SURICATA rules
> re:SURICATA
>
> --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> Think.
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20200117/61f5aac3/attachment.html>