1
Intrusion Detection and Prevention / Re: Netmap api 14
« on: June 01, 2022, 08:12:25 pm »Use the development version.. it has suricata-devel package with the v14 API.
Cheers,
Franco
Thanks Franco!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
Thanks Franco!
2
Intrusion Detection and Prevention / Netmap api 14
« on: May 15, 2022, 04:50:57 pm »
Hi,
Looking for some1 to briefly explain how to enable this function in the current version/options available.
In Opnsense 21.7.5, suricata - netmap api 14 was enabled and together with rss this ran great for me.
After 21.7.6 netmap api 14 was disabled because of issues.
When Opnsense 22.1 was released, i managed to use suricata version from 22.1beta2 archive, which in return gave me netmap api 14 together with rss, and the threads opened the way i wanted, according to my rss queues. I kept this package locked until the latest update.
Later Opnsense versions and the suricata 6.0.5 pkg do not have this function enabled. Because the beta archive has been removed, restoring this function is not easy anymore without the right knowledge, regarding building your own packaged.
I am wondering if any1 can give me a brief explanation on how to get this working again.
If some1 could point me in the right direction this would be great:D.
I also suspect there might be more people who like to test this function and are facing the same issue.
Some guidance would be appreciated.
Any1?
Looking for some1 to briefly explain how to enable this function in the current version/options available.
In Opnsense 21.7.5, suricata - netmap api 14 was enabled and together with rss this ran great for me.
After 21.7.6 netmap api 14 was disabled because of issues.
When Opnsense 22.1 was released, i managed to use suricata version from 22.1beta2 archive, which in return gave me netmap api 14 together with rss, and the threads opened the way i wanted, according to my rss queues. I kept this package locked until the latest update.
Later Opnsense versions and the suricata 6.0.5 pkg do not have this function enabled. Because the beta archive has been removed, restoring this function is not easy anymore without the right knowledge, regarding building your own packaged.
I am wondering if any1 can give me a brief explanation on how to get this working again.
If some1 could point me in the right direction this would be great:D.
I also suspect there might be more people who like to test this function and are facing the same issue.
Some guidance would be appreciated.
Any1?
3
21.7 Legacy Series / Re: Interfaces randomly go down/unroutable
« on: November 28, 2021, 01:22:19 pm »Yep. I have Suricata on LAN side interfaces.
After upgrade to 21.7.6 i was facing issues where some interfaces became unreachable, also via setting a static ip. Gateway did not respond at all, dhcp did seem to reach the server. verified by the log. But thats was all. There seemed to be, something stuck.
I noticed this on my management interface.
After removing the management interface from suricata it worked again.
After putting the interface back in the config, it worked like it did before, but did not survive a reboot.
Yesterday i removed all rules from suricata and disabled suricata for ids/ips.
After downloading all rules and enabling ids/ips my issue has been solved!
4
21.7 Legacy Series / Re: Interfaces randomly go down/unroutable
« on: November 27, 2021, 01:18:38 pm »
Hey guys, just reading up on this. I just reverted to. Been having issues with interfaces this way to, after upgrading to 21.7.6.
Did you guys perhaps have suricata running on those interfaces? My issues seem to be resolved when i disable suricata or taking the interface out of the config.
I was experiencing this on the lan side btw, since i dont have suricata on wan side. My lagg interface seems to be doing just fine with suricata enabled.
Sidenote: rss enabled. intel i210.
I suspect this issue to have something to do with.
Suricata 6.0.4 with an additional change for the Netmap API version 14. not sure
Did you guys perhaps have suricata running on those interfaces? My issues seem to be resolved when i disable suricata or taking the interface out of the config.
I was experiencing this on the lan side btw, since i dont have suricata on wan side. My lagg interface seems to be doing just fine with suricata enabled.
Sidenote: rss enabled. intel i210.
I suspect this issue to have something to do with.
Suricata 6.0.4 with an additional change for the Netmap API version 14. not sure
Pages: [1]