Actions
Bug #1292
closed
AT
GL
Disabling VLAN tracking should affect cluster mode tuple selection
Bug #1292:
Disabling VLAN tracking should affect cluster mode tuple selection
Affected Versions:
Effort:
Difficulty:
Label:
Description
I was testing a case where mismatched VLAN tags caused flow tracking problems so I set vlan: use-for-tracking: false. However, this does not completely solve issue when using pf_ring for RX with more than 1 thread. The cluster_flow mode will still take VLAN tags into account due to using pf_ring's 6-tuple mode. This result in same flow ending on different RX thread which in turn seems to cause issues.
Setting cluster mode to cluster_per_flow_5_tuple in source-pfring.c line 480 fixes the issue. I think suricata should enforce using only cluster-modes which do not use VLAN tags when VLAN tracking is disabled from the configuration.
VJ Updated by Victor Julien over 11 years ago
- Status changed from New to Assigned
- Assignee set to Giuseppe Longo
- Target version set to TBD
GL Updated by Giuseppe Longo almost 11 years ago
This has been fixed throught through https://github.com/inliniac/suricata/pull/1178
VJ Updated by Victor Julien almost 11 years ago
- Status changed from Assigned to Closed
- Target version changed from TBD to 2.1beta2
Actions