Project

General

Profile

Actions
Copy link

Bug #2066

closed

netmap/linux: can't capture packets in suricata-3.2

Added by jarwin jarwin123 about 7 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

[root@openstack-slave1 ~]# uname -r
3.10.0-123.el7.x86_64
[root@openstack-slave1 ~]# lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID:    CentOS
Description:    CentOS Linux release 7.0.1406 (Core) 
Release:    7.0.1406
Codename:    Core
[root@openstack-slave1 ~]# ifconfig p6p2
p6p2: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        inet6 fe80::92e2:baff:fe1a:999d  prefixlen 64  scopeid 0x20<link>
        ether 90:e2:ba:1a:99:9d  txqueuelen 1000  (Ethernet)
        RX packets 15416951  bytes 8789526257 (8.1 GiB)
        RX errors 0  dropped 26456499  overruns 0  frame 0
        TX packets 8  bytes 648 (648.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@openstack-slave1 ~]# ethtool -i p6p2
driver: ixgbe
version: 5.0.4
firmware-version: 0x18b30001
bus-info: 0000:04:00.1
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
[root@openstack-slave1 ~]# lsmod |grep netmap
netmap                144395  11 ixgbe

I debug suricata process
the stack is:

(gdb) info threads
  Id   Target Id         Frame 
  18   Thread 0x7f4a4f937700 (LWP 189545) "W#01-p6p2" 0x00007f4a5131de0d in poll () from /lib64/libc.so.6
  17   Thread 0x7f4a4f136700 (LWP 189547) "W#02-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  16   Thread 0x7f4a4e935700 (LWP 189548) "W#03-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  15   Thread 0x7f4a4e134700 (LWP 189549) "W#04-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  14   Thread 0x7f4a4d933700 (LWP 189550) "W#05-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  13   Thread 0x7f4a4d132700 (LWP 189551) "W#06-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  12   Thread 0x7f4a4c931700 (LWP 189552) "W#07-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  11   Thread 0x7f4a338de700 (LWP 189553) "W#08-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  10   Thread 0x7f4a330dd700 (LWP 189554) "W#09-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  9    Thread 0x7f4a328dc700 (LWP 189555) "W#10-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  8    Thread 0x7f4a320db700 (LWP 189556) "W#11-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  7    Thread 0x7f4a318da700 (LWP 189557) "W#12-p6p2" 0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  6    Thread 0x7f4a310d9700 (LWP 189558) "FM#01" 0x00007f4a51a7fab2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  5    Thread 0x7f4a308d8700 (LWP 189559) "FR#01" 0x00007f4a51a7fab2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  4    Thread 0x7f49fbfff700 (LWP 189560) "CW" 0x00007f4a51a7fab2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  3    Thread 0x7f49fb7fe700 (LWP 189561) "CS" 0x00007f4a51a7fab2 in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  2    Thread 0x7f49faffd700 (LWP 189562) "US" 0x00007f4a5131fb63 in select () from /lib64/libc.so.6
* 1    Thread 0x7f4a52b3f900 (LWP 189542) "Suricata-Main" 0x00007f4a512ef8ad in nanosleep () from /lib64/libc.so.6


(gdb) thread 10
[Switching to thread 10 (Thread 0x7f4a330dd700 (LWP 189554))]
#0  0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
(gdb) bt
#0  0x00007f4a51a7f705 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00000000006815f9 in PacketPoolWaitForN (n=0) at tmqh-packetpool.c:208
#2  0x0000000000614087 in NetmapRingRead (ring_id=8, ntv=0x7f4a0c26c8c0) at source-netmap.c:750
#3  ReceiveNetmapLoop (tv=0x38f75c0, data=0x7f4a0c26c8c0, slot=<optimized out>) at source-netmap.c:900
#4  0x0000000000686efa in TmThreadsSlotPktAcqLoop (td=0x38f75c0) at tm-threads.c:334
#5  0x00007f4a51a7bdf3 in start_thread () from /lib64/libpthread.so.0
#6  0x00007f4a513283dd in clone () from /lib64/libc.so.6

I found nm_ring_space() function return value is 0, the result is capture threads is locked.

Actions
Copy link
 #1

Updated by jarwin jarwin123 about 7 years ago

This is Suricata version 3.2.1 RELEASE

i use netmap's app ,it's can do work well

[root@openstack-slave1 pkt-gen]# ./pkt-gen -i p6p2 -f rx
847.416816 main [2567] interface is p6p2
847.416873 main [2690] running on 1 cpus (have 12)
847.417879 extract_ip_range [465] range is 10.0.0.1:1234 to 10.0.0.1:1234
847.417890 extract_ip_range [465] range is 10.1.0.1:1234 to 10.1.0.1:1234
847.417930 nm_open [901] p6p2 tx 0 .. 11 12 rx 0 .. 11 12
847.417936 nm_open [904] TX0 0x7f7caff10000 h 0 c 0 t 511
847.417942 nm_open [904] TX1 0x7f7caff22000 h 0 c 0 t 511
847.417947 nm_open [904] TX2 0x7f7caff34000 h 0 c 0 t 511
847.417951 nm_open [904] TX3 0x7f7caff46000 h 0 c 0 t 511
847.417956 nm_open [904] TX4 0x7f7caff58000 h 0 c 0 t 511
847.417962 nm_open [904] TX5 0x7f7caff6a000 h 0 c 0 t 511
847.417966 nm_open [904] TX6 0x7f7caff7c000 h 0 c 0 t 511
847.417971 nm_open [904] TX7 0x7f7caff8e000 h 0 c 0 t 511
847.417995 nm_open [904] TX8 0x7f7caffa0000 h 0 c 0 t 511
847.418000 nm_open [904] TX9 0x7f7caffb2000 h 0 c 0 t 511
847.418005 nm_open [904] TX10 0x7f7caffc4000 h 0 c 0 t 511
847.418009 nm_open [904] TX11 0x7f7caffd6000 h 0 c 0 t 511
847.418019 nm_open [904] TX12 0x7f7cafeee000 h 12 c 12 t 12
847.418024 nm_open [908] RX0 0x7f7caff07000 h 270 c 270 t 270
847.418028 nm_open [908] RX1 0x7f7caff19000 h 0 c 0 t 1
847.418036 nm_open [908] RX2 0x7f7caff2b000 h 0 c 0 t 1
847.418044 nm_open [908] RX3 0x7f7caff3d000 h 0 c 0 t 1
847.418049 nm_open [908] RX4 0x7f7caff4f000 h 0 c 0 t 1
847.418054 nm_open [908] RX5 0x7f7caff61000 h 0 c 0 t 1
847.418059 nm_open [908] RX6 0x7f7caff73000 h 0 c 0 t 1
847.418064 nm_open [908] RX7 0x7f7caff85000 h 0 c 0 t 1
847.418069 nm_open [908] RX8 0x7f7caff97000 h 0 c 0 t 1
847.418074 nm_open [908] RX9 0x7f7caffa9000 h 0 c 0 t 1
847.418079 nm_open [908] RX10 0x7f7caffbb000 h 0 c 0 t 1
847.418085 nm_open [908] RX11 0x7f7caffcd000 h 0 c 0 t 1
847.418091 nm_open [908] RX12 0x7f7cafeee000 h 12 c 12 t 12
847.418095 main [2786] mapped 334980KB at 0x7f7cafeee000
Receiving from netmap:p6p2: 12 queues, 1 threads and 1 cpus.
847.418124 start_threads [2250] Wait 2 secs for phy reset
849.418203 start_threads [2252] Ready...
849.418293 receiver_body [1645] reading from netmap:p6p2 fd 3 main_fd 3
850.419230 main_thread [2340] 3.936 Kpps (3.940 Kpkts 12.938 Mbps in 1000982 usec) 8.68 avg_batch 0 min_space
851.420272 main_thread [2340] 183.000 pps (183.000 pkts 372.072 Kbps in 1001042 usec) 1.03 avg_batch 510 min_space
852.421284 main_thread [2340] 149.000 pps (149.000 pkts 289.624 Kbps in 1001012 usec) 1.01 avg_batch 510 min_space
853.422335 main_thread [2340] 196.000 pps (196.000 pkts 387.864 Kbps in 1001050 usec) 1.02 avg_batch 510 min_space
854.423368 main_thread [2340] 174.000 pps (174.000 pkts 385.024 Kbps in 1001033 usec) 1.04 avg_batch 510 min_space
855.424439 main_thread [2340] 104.000 pps (104.000 pkts 175.360 Kbps in 1001071 usec) 1.03 avg_batch 510 min_space
856.425486 main_thread [2340] 91.000 pps (91.000 pkts 168.216 Kbps in 1001048 usec) 1.01 avg_batch 510 min_space
857.426542 main_thread [2340] 118.000 pps (118.000 pkts 195.840 Kbps in 1001056 usec) 1.04 avg_batch 509 min_space
858.427560 main_thread [2340] 123.000 pps (123.000 pkts 223.768 Kbps in 1001018 usec) 1.02 avg_batch 510 min_space
859.428613 main_thread [2340] 118.000 pps (118.000 pkts 165.888 Kbps in 1001053 usec) 1.03 avg_batch 510 min_space
860.429671 main_thread [2340] 141.000 pps (141.000 pkts 245.832 Kbps in 1001057 usec) 1.01 avg_batch 510 min_space
^C860.884088 sigint_h [520] received control-C on thread 0x7f7cc52fc740
860.884106 main_thread [2340] 154.000 pps (70.000 pkts 86.712 Kbps in 454435 usec) 1.01 avg_batch 510 min_space
861.885133 main_thread [2340] 1.000 pps (1.000 pkts 848.000 bps in 1001027 usec) 1.00 avg_batch 511 min_space
Received 5408 packets 1954435 bytes 1889 events 361 bytes each in 11.47 seconds.
Speed: 471.665 pps Bandwidth: 1.364 Mbps (raw 1.454 Mbps). Average batch: 2.86 pkts
Actions
Copy link
 #2

Updated by Victor Julien about 7 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Victor Julien about 7 years ago

  • Subject changed from netmap cann't capture packet in suricata-3.2stable to netmap/linux: can't capture packets in suricata-3.2
Actions
Copy link
 #4

Updated by Andreas Herz almost 7 years ago

  • Assignee set to Anonymous
  • Target version set to TBD
Actions
Copy link
 #5

Updated by jarwin jarwin123 over 6 years ago

have some update about this issue? thank you

Actions
Copy link
 #7

Updated by Andreas Herz about 5 years ago

  • Assignee set to Community Ticket
Actions
Copy link
 #8

Updated by Andreas Herz over 4 years ago

  • Status changed from New to Feedback

Did you have a chance to test this?

Actions
Copy link
 #9

Updated by Victor Julien over 4 years ago

  • Status changed from Feedback to Closed
  • Assignee deleted (Community Ticket)
  • Target version deleted (TBD)
Actions
Copy link

Also available in: Atom PDF