15/9/2019 -- 07:34:41 - - This is Suricata version 4.1.4 RELEASE 15/9/2019 -- 07:34:41 - - This is Suricata version 4.1.4 RELEASE 15/9/2019 -- 07:34:41 - - CPUs/cores online: 80 file 15/9/2019 -- 07:34:41 - - Adding interface enp94s0f1 from config file 15/9/2019 -- 07:34:41 - - luajit states preallocated: 128 15/9/2019 -- 07:34:41 - - 'default' server has 'request-body-minimal-inspect-size' set to 32446 and 'request-body-inspect-window' set to 3900 after randomization. 15/9/2019 -- 07:34:41 - - 'default' server has 'response-body-minimal-inspect-size' set to 41452 and 'response-body-inspect-window' set to 16411 after randomization. 15/9/2019 -- 07:34:41 - - HTTP memcap: 4294967296 15/9/2019 -- 07:34:41 - - HTTP memcap: 4294967296 /9/2019 -- 07:34:41 - - FTP memcap: 536870912 15/9/2019 -- 07:34:41 - - FTP memcap: 536870912 nd parser disabled for modbus protocol. 15/9/2019 -- 07:34:41 - - Protocol detection and parser disabled for DNP3. 15/9/2019 -- 07:34:41 - - AF_PACKET: Setting IPS mode 15/9/2019 -- 07:34:41 - - stats output device (regular) initialized: stats.log 15/9/2019 -- 07:34:41 - - Running in live mode, activating unix socket 15/9/2019 -- 07:34:47 - - 46 rule files processed. 20118 rules successfully loaded, 0 rules failed 15/9/2019 -- 07:34:47 - - Threshold config parsed: 0 rule(s) found 15/9/2019 -- 07:34:47 - - 20118 signatures processed. 1239 are IP-only rules, 6255 are inspecting packet payload, 14871 inspect application layer, 0 are decoder event only 15/9/2019 -- 07:39:12 - - AF_PACKET IPS mode activated enp94s0f0->enp94s0f1 15/9/2019 -- 07:39:12 - - af-packet will use '/etc/suricata/ebpf/xdp_filter.bpf' as XDP filter file 15/9/2019 -- 07:39:12 - - Going to use 20 thread(s) 15/9/2019 -- 07:39:13 - - AF_PACKET IPS mode activated enp94s0f1->enp94s0f0 15/9/2019 -- 07:39:13 - - af-packet will use '/etc/suricata/ebpf/xdp_filter.bpf' as XDP filter file 15/9/2019 -- 07:39:13 - - Going to use 20 thread(s) 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f1' 15/9/2019 -- 07:39:13 - - Found an MTU of 3000 for 'enp94s0f0' 15/9/2019 -- 07:39:13 - - Running in live mode, activating unix socket 15/9/2019 -- 07:39:13 - - Using unix socket file '/var/run/suricata/suricata-command.socket' 15/9/2019 -- 07:39:13 - - all 40 packet processing threads, 7 management threads initialized, engine started. 15/9/2019 -- 07:39:22 - - All AFP capture threads are running.