Project

General

Profile

Actions
Copy link

Bug #2489

closed

suricata with pf_ring - Segmentation Fault (core dumped)

Added by Ron Smith about 6 years ago. Updated about 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

I am running suricata with pf_ring on 10gbps network i was able to capture 50-60% packets while pfcount capture 100% packets. And after 30min suricata through core dump error. Any help would be appreciated.

cmd -> suricata --pfring-int=ens192 --pfring-cluster-id=99 --pfring-cluster-type=cluster_flow -l /root/alpha/logs/

Files

Download all files
Screenshot from 2018-04-15 11-15-39.png (91.7 KB) Screenshot from 2018-04-15 11-15-39.png Packet Capture Stats Ron Smith, 04/15/2018 09:24 AM
Screenshot from 2018-04-15 12-04-03.png (166 KB) Screenshot from 2018-04-15 12-04-03.png Segmentation Fault (core dumped) Ron Smith, 04/15/2018 09:24 AM
suricata_build_info.txt (3.05 KB) suricata_build_info.txt Suricata Build Info Ron Smith, 04/15/2018 09:24 AM
suricata.yaml (66.4 KB) suricata.yaml Suricata YAML File Ron Smith, 04/15/2018 09:24 AM
Actions
Copy link
 #1

Updated by Peter Manev about 6 years ago

A core file would be very useful for debugging the real cause of the segfault.
Would you be able to share the info from such a core file? (if needed)You can find here - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs some more info as to how to compile Suricata to get a useful core information.

Actions
Copy link
 #2

Updated by Andreas Herz almost 6 years ago

  • Assignee set to Anonymous
  • Priority changed from High to Normal
  • Target version set to TBD
Actions
Copy link
 #3

Updated by Victor Julien about 5 years ago

  • Status changed from New to Closed
  • Assignee deleted (Anonymous)
  • Target version deleted (TBD)
Actions
Copy link

Also available in: Atom PDF