Project

General

Profile

Actions
Copy link

Bug #5580

closed

dpdk: IDS vs IPS confusion

Added by Victor Julien about 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Lukas Sismis
Target version:
7.0.0-rc1
Affected Versions:
Effort:
Difficulty:
Label:

Description

DPDK is in IPS, but it isn't reflected in No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only'

[3654270] 18/10/2022 -- 05:15:55 - (suricata.c:1091) <Notice> (LogVersion) -- This is Suricata version 7.0.0-dev (859b5a35e 2022-10-15) running in SYSTEM mode
[3654270] 18/10/2022 -- 05:15:55 - (util-cpu.c:178) <Info> (UtilCpuPrintSummary) -- CPUs/cores online: 8
[3654270] 18/10/2022 -- 05:15:55 - (util-device.c:265) <Info> (LiveSafeDeviceName) -- Shortening device name to: 0000..00.0
[3654270] 18/10/2022 -- 05:15:55 - (util-device.c:265) <Info> (LiveSafeDeviceName) -- Shortening device name to: 0000..00.1
[3654270] 18/10/2022 -- 05:15:55 - (suricata.c:2505) <Info> (PostConfLoadedSetupHostMode) -- No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only'
...
[3654270] 18/10/2022 -- 05:15:55 - (runmode-dpdk.c:633) <Info> (ConfigSetCopyIfaceSettings) -- DPDK IPS mode activated between 0000:03:00.0 and 0000:03:00.1
[3654270] 18/10/2022 -- 05:15:55 - (runmode-dpdk.c:1045) <Info> (DeviceConfigureQueues) -- Creating a packet mbuf pool mempool_0000:03:00.0 of size 65535, cache size 257, mbuf size 2176
[3654270] 18/10/2022 -- 05:15:55 - (runmode-dpdk.c:633) <Info> (ConfigSetCopyIfaceSettings) -- DPDK IPS mode activated between 0000:03:00.1 and 0000:03:00.0
[3654270] 18/10/2022 -- 05:15:55 - (util-runmodes.c:263) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 8 thread(s) for device 0000:03:00.0
[3654270] 18/10/2022 -- 05:15:56 - (runmode-dpdk.c:633) <Info> (ConfigSetCopyIfaceSettings) -- DPDK IPS mode activated between 0000:03:00.1 and 0000:03:00.0
[3654270] 18/10/2022 -- 05:15:56 - (runmode-dpdk.c:1045) <Info> (DeviceConfigureQueues) -- Creating a packet mbuf pool mempool_0000:03:00.1 of size 65535, cache size 257, mbuf size 2176
[3654270] 18/10/2022 -- 05:15:56 - (runmode-dpdk.c:633) <Info> (ConfigSetCopyIfaceSettings) -- DPDK IPS mode activated between 0000:03:00.0 and 0000:03:00.1
[3654270] 18/10/2022 -- 05:15:56 - (util-runmodes.c:263) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 8 thread(s) for device 0000:03:00.1
[3654270] 18/10/2022 -- 05:15:56 - (tm-threads.c:1927) <Notice> (TmThreadWaitOnThreadInit) -- Threads created -> W: 16 FM: 1 FR: 1   Engine started.

Config is minimal, just a dpdk + eve-log section.

Actions
Copy link

Also available in: Atom PDF