OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: ppf on December 26, 2018, 11:54:47 am
-
Hi everyone,
I've switched to OPNsense a couple of weeks ago and i really like it so far but I have one "problem" that I can't seem to fix.
I have IPS mode enabled on all my interfaces without any issues but if i try to enable it for my LAN network, messages like the ones down below appear in my console:
kernel: 130.718843 [ 760] generic_netmap_dtor Restored native NA 0
kernel: 002.910772 [ 262] generic_find_num_queues called, in txq 0 rxq 0
kernel: 002.910757 [ 254] generic_find_num_desc called, in tx 1024 rx 1024
kernel: 002.910735 [ 760] generic_netmap_dtor Restored native NA 0
kernel: 002.910721 [ 262] generic_find_num_queues called, in txq 0 rxq 0
kernel: 002.910702 [ 254] generic_find_num_desc called, in tx 1024 rx 1024
I did some research but all the solutuions i could find don't seem to work or are outdated..
My setup:
Hardware:
2x Virtual NICs emulated E1000 [working]
1x Intel CT Desktop Intel 82574L (PCIe passtrough) [working]
1x Onboard LAN Intel 82574L (PCIe passtrough) [netmap messages]
Hardware offloading:
Everything disabled
IDS/IPS Settings:
Enabled: x
IPS mode: x
Promisc mode: x
Pattern matcher: Aho-Corasick
Oh and I do have two tagged VLANs (One of them is my LAN) on the NIC that causes these messages to appear.
Did anyone else encounter similar problems on a setup like this? And if so, what did you do to get rid of them?
Thanks in advance :)
-
This should only appear one time when starting IPS and is only an info
-
Yeah, that's what I've read too.
Just wanted to be sure because it seemed strange that everytime i turn my ips on i get 44 lines written to my console. Also these messages only appear if i turn it on for one specific interface.
So i can just ignore them and everything should be fine?
-
Yes
-
Alright, thanks. ;D