Bug #3309
Updated by Victor Julien over 4 years ago
In cases where XDP bypass in HW is involved onvolved some stats.log/"event_type":"stats" counter do not update: <pre> { "bypassed": { "local_pkts": 140956250834, "local_pkts_delta": 22963708, "local_bytes": 170520745374787, "local_bytes_delta": 23925430477, "local_capture_pkts": 1354799053, "local_capture_pkts_delta": 2005, "local_capture_bytes": 1547695772780, "local_capture_bytes_delta": 2256820, "closed": 2642245, "closed_delta": 12, "pkts": 0, "pkts_delta": 0, "bytes": 0, "bytes_delta": 0 } } </pre> <pre> suricata --build-info This is Suricata version 5.0.0-dev (64a789bbf 2019-10-18) Features: PCAP_SET_BUFF AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK PCRE_JIT HAVE_NSS HAVE_LUA HAVE_LUAJIT HAVE_LIBJANSSON TLS MAGIC RUST SIMD support: SSE_4_2 SSE_4_1 SSE_3 Atomic intrinsics: 1 2 4 8 16 byte(s) 64-bits, Little-endian architecture GCC version 4.2.1 Compatible Clang 7.0.1 (tags/RELEASE_701/final), C version 199901 compiled with _FORTIFY_SOURCE=0 L1 cache line size (CLS)=64 thread local storage method: __thread compiled with LibHTP v0.5.31, linked against LibHTP v0.5.31 Suricata Configuration: AF_PACKET support: yes eBPF support: yes XDP support: yes PF_RING support: no NFQueue support: no NFLOG support: no IPFW support: no Netmap support: no DAG enabled: no Napatech enabled: no WinDivert enabled: no Unix socket enabled: yes Detection enabled: yes Libmagic support: yes libnss support: yes libnspr support: yes libjansson support: yes hiredis support: no hiredis async with libevent: no Prelude support: no PCRE jit: yes LUA support: yes, through luajit libluajit: yes GeoIP2 support: yes Non-bundled htp: no Old barnyard2 support: no Hyperscan support: yes Libnet support: yes liblz4 support: yes Rust support: yes Rust strict mode: yes Rust compiler path: /root/.cargo/bin/rustc Rust compiler version: rustc 1.38.0 (625451e37 2019-09-23) Cargo path: /root/.cargo/bin/cargo Cargo version: cargo 1.38.0 (23ef9a4ef 2019-08-20) Python support: yes Python path: /usr/bin/python3 Python distutils yes Python yaml no Install suricatactl: yes Install suricatasc: yes Install suricata-update: not bundled Profiling enabled: no Profiling locks enabled: no Development settings: Coccinelle / spatch: no Unit tests enabled: no Debug output enabled: no Debug validation enabled: no Generic build parameters: Installation prefix: /usr Configuration directory: /etc/suricata/ Log directory: /var/log/suricata/ --prefix /usr --sysconfdir /etc --localstatedir /var --datarootdir /usr/share Host: x86_64-pc-linux-gnu Compiler: clang (exec name) / clang (real) GCC Protect enabled: no GCC march native enabled: yes GCC Profile enabled: no Position Independent Executable enabled: no CFLAGS -g -O2 -march=native -I${srcdir}/../rust/gen/c-headers PCAP_CFLAGS -I/usr/include SECCFLAGS </pre>