Support #3368
openSuricata Pkt processing
Description
I have seen suricata is doing pkt by pkt processing in each run mode(Recv,Decode,Verdict) , can suricata process the pkts in bulk mode like collect pkts from port and process those pkts and again Recv next bulk (conidering all modes running in single core)?
Updated by Victor Julien over 4 years ago
- Project changed from Suricata-Update to Suricata
- Assignee deleted (
Shivani Bhardwaj)
It is not possible right now. What kind of benefit do you expect?
Updated by Rahul Surya over 4 years ago
Just to check performance with single core without running all the increasing the memory constraints in yaml file.
Updated by Rahul Surya over 4 years ago
Hey,What the use of FLow locks in Code ,if we are using single core and sequential process of packet through all the modes Decode->Detect->output?
Updated by Andreas Herz about 2 years ago
- Tracker changed from Support to Optimization
Updated by Victor Julien over 1 year ago
Single mode means we have a single packet thread, but there are still other threads. Esp the flow manager will also access the flow the packet thread(s) may be working on.
Updated by Victor Julien over 1 year ago
- Tracker changed from Optimization to Support