"
I canged to IPS (divert), everything is fine. IPS works perfectly at max 25-30% at full bandwith! Filters everything that before.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: ISP bandwidth is cut in 1/3 due to Suricata Intrusion detection IPS Mode
May 05, 2026, 12:28:05 PM #2
Virtual private networks / Re: OpenVPN Instaces Road Warrior Setup - Keepalive necessary
April 14, 2026, 08:34:56 AM
It worked for me! Don't forget to apply, and then reconnect your client!
#3
General Discussion / Re: ISP bandwidth is cut in 1/3 due to Suricata Intrusion detection IPS Mode
March 30, 2026, 11:44:14 AM
I have the same problem. The firewall worked well in january with full performance (almost 1 gigabit), but after an update (I don't know which, because I didn't check the performance until march) it halved the performance at 100% cpu usage. Suricata processes eat up the cpu (/usr/local/bin/suricata -D --netmap --pidfile /var/run/suricata.pid -c /usr/local/etc/suricata/suricata.yaml{W#03-igc1^}). If I remove all the rules (and apply, restart), the cpu load remains the same when I run speedtest.
Pages1
