Project

General

Profile

Actions
Copy link

Feature #3306

open

Support AF_XDP capture method

Added by Eric Leblond almost 2 years ago. Updated almost 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Eric Leblond
Target version:
TBD
Effort:
medium
Difficulty:
high
Label:

Description

A new capture method has been recently introduced in Linux. Named AF_XDP, it allows to capture the traffic with a kernel bypass. This limit the cost of the capture in term of CPU cycle.

Related issues

Related to Task #3288: Suricon 2019 brainstormNewVictor JulienActions
Related to Task #4097: Suricon 2020 brainstormNewVictor JulienActions
Actions
Copy link
 #1

Updated by Eric Leblond almost 2 years ago

Beginning of implementation using libbpf: https://github.com/regit/suricata/tree/af-xdp-v2

Actions
Copy link
 #2

Updated by Eric Leblond almost 2 years ago

  • Parent task set to #3288
Actions
Copy link
 #3

Updated by Victor Julien almost 2 years ago

  • Status changed from New to Assigned
  • Assignee set to Eric Leblond
  • Target version set to TBD

Set target to TBD as we are waiting for the kernel to provide us with timestamp support.

Actions
Copy link
 #4

Updated by Victor Julien almost 2 years ago

  • Parent task deleted (#3288)
Actions
Copy link
 #5

Updated by Victor Julien almost 2 years ago

  • Related to Task #3288: Suricon 2019 brainstorm added
Actions
Copy link
 #6

Updated by Victor Julien 11 months ago

  • Related to Task #4097: Suricon 2020 brainstorm added
Actions
Copy link

Also available in: Atom PDF