|
[4640] 19/12/2021 -- 12:16:37 - (suricata.c:1070) <Notice> (LogVersion) -- This is Suricata version 6.0.5-dev (87f04475a 2021-12-14) running in SYSTEM mode
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-cpu.c:178) <Info> (UtilCpuPrintSummary) -- CPUs/cores online: 16
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-device.c:327) <Config> (LiveBuildDeviceListCustom) -- Adding interface enp0s21 from config file
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-device.c:327) <Config> (LiveBuildDeviceListCustom) -- Adding interface enp0s22 from config file
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-device.c:327) <Config> (LiveBuildDeviceListCustom) -- Adding interface enp0s19 from config file
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-device.c:327) <Config> (LiveBuildDeviceListCustom) -- Adding interface enp0s20 from config file
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-htp.c:2446) <Config> (HTPConfigSetDefaultsPhase2) -- 'default' server has 'request-body-minimal-inspect-size' set to 32553 and 'request-body-inspect-window' set to 4213 after randomization.
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-htp.c:2464) <Config> (HTPConfigSetDefaultsPhase2) -- 'default' server has 'response-body-minimal-inspect-size' set to 39564 and 'response-body-inspect-window' set to 15741 after randomization.
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-smb.c:316) <Config> (RegisterSMBParsers) -- SMB stream depth: 0
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-modbus.c:1502) <Config> (RegisterModbusParsers) -- Modbus request flood protection level: 500
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-modbus.c:1513) <Config> (RegisterModbusParsers) -- Modbus stream depth: 0
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-enip.c:510) <Config> (RegisterENIPUDPParsers) -- Protocol detection and parser disabled for enip protocol.
|
|
[4640] 19/12/2021 -- 12:16:37 - (app-layer-dnp3.c:1623) <Config> (RegisterDNP3Parsers) -- Registering DNP3/tcp parsers.
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4640] 19/12/2021 -- 12:16:37 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4641] 19/12/2021 -- 12:16:37 - (host.c:256) <Config> (HostInitConfig) -- allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64
|
|
[4641] 19/12/2021 -- 12:16:37 - (host.c:281) <Config> (HostInitConfig) -- preallocated 1000 hosts of size 136
|
|
[4641] 19/12/2021 -- 12:16:37 - (host.c:283) <Config> (HostInitConfig) -- host memory usage: 398144 bytes, maximum: 33554432
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-coredump-config.c:149) <Config> (CoredumpLoadConfig) -- Core dump size set to unlimited.
|
|
[4641] 19/12/2021 -- 12:16:37 - (suricata.c:2380) <Info> (PostDeviceFinalizedSetup) -- AF_PACKET: Setting IPS mode
|
|
[4641] 19/12/2021 -- 12:16:37 - (defrag-hash.c:251) <Config> (DefragInitConfig) -- allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56
|
|
[4641] 19/12/2021 -- 12:16:37 - (defrag-hash.c:278) <Config> (DefragInitConfig) -- preallocated 65535 defrag trackers of size 160
|
|
[4641] 19/12/2021 -- 12:16:37 - (defrag-hash.c:285) <Config> (DefragInitConfig) -- defrag memory usage: 14155616 bytes, maximum: 33554432
|
|
[4641] 19/12/2021 -- 12:16:37 - (flow.c:636) <Config> (FlowInitConfig) -- flow size 328, memcap allows for 409200 flows. Per hash row in perfect conditions 6
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:398) <Config> (StreamTcpInitConfig) -- stream "prealloc-sessions": 2048 (per thread)
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:418) <Config> (StreamTcpInitConfig) -- stream "memcap": 67108864
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:424) <Config> (StreamTcpInitConfig) -- stream "midstream" session pickups: disabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:430) <Config> (StreamTcpInitConfig) -- stream "async-oneside": disabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:445) <Config> (StreamTcpInitConfig) -- stream "checksum-validation": enabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:473) <Config> (StreamTcpInitConfig) -- stream."inline": enabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:486) <Config> (StreamTcpInitConfig) -- stream "bypass": disabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:510) <Config> (StreamTcpInitConfig) -- stream "max-synack-queued": 5
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:531) <Config> (StreamTcpInitConfig) -- stream.reassembly "memcap": 268435456
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:550) <Config> (StreamTcpInitConfig) -- stream.reassembly "depth": 1048576
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:624) <Config> (StreamTcpInitConfig) -- stream.reassembly "toserver-chunk-size": 2612
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:626) <Config> (StreamTcpInitConfig) -- stream.reassembly "toclient-chunk-size": 2560
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp.c:639) <Config> (StreamTcpInitConfig) -- stream.reassembly.raw: enabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (stream-tcp-reassemble.c:377) <Config> (StreamTcpReassemblyConfig) -- stream.reassembly "segment-prealloc": 2048
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-logopenfile.c:596) <Info> (SCConfLogOpenGeneric) -- fast output device (regular) initialized: fast.log
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-logopenfile.c:596) <Info> (SCConfLogOpenGeneric) -- eve-log output device (regular) initialized: eve.json
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json.c:1246) <Config> (OutputJsonInitCtx) -- Enabling eve community_id logging.
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'alert'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'anomaly'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'http'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'dns'
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-dns.c:567) <Config> (JsonDnsParseVersion) -- eve-log dns version not set, defaulting to version 2
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-dns.c:567) <Config> (JsonDnsParseVersion) -- eve-log dns version not set, defaulting to version 2
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'tls'
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-ja3.c:268) <Warning> (Ja3IsDisabled) -- [ERRCODE: SC_WARN_JA3_DISABLED(309)] - JA3 is disabled, skipping fields
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-tls.c:550) <Warning> (OutputTlsInitCtx) -- [ERRCODE: SC_WARN_DUPLICATE_OUTPUT(296)] - Both 'certificate' and 'chain' contains the top certificate, so only one of them should be enabled at a time
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-tls.c:586) <Warning> (OutputTlsLogInitSub) -- [ERRCODE: SC_WARN_DUPLICATE_OUTPUT(296)] - Both 'certificate' and 'chain' contains the top certificate, so only one of them should be enabled at a time
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'files'
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-file.c:204) <Config> (FileForceHashParseCfg) -- forcing md5 calculation for logged or stored files
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'drop'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'smtp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-email-common.c:441) <Info> (OutputEmailInitConf) -- Going to log the md5 sum of email body
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-email-common.c:445) <Info> (OutputEmailInitConf) -- Going to log the md5 sum of email subject
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'dnp3'
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-dnp3.c:295) <Info> (OutputDNP3LogInitSub) -- DNP3 log sub-module initialized.
|
|
[4641] 19/12/2021 -- 12:16:37 - (output-json-dnp3.c:295) <Info> (OutputDNP3LogInitSub) -- DNP3 log sub-module initialized.
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'ftp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'rdp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'nfs'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'smb'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'tftp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'ikev2'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'dcerpc'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'krb5'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'snmp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'rfb'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'sip'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'dhcp'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'ssh'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'mqtt'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'stats'
|
|
[4641] 19/12/2021 -- 12:16:37 - (runmodes.c:641) <Config> (RunModeInitializeEveOutput) -- enabling 'eve-log' module 'flow'
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-logopenfile.c:596) <Info> (SCConfLogOpenGeneric) -- stats output device (regular) initialized: stats.log
|
|
[4641] 19/12/2021 -- 12:16:37 - (suricata.c:2202) <Config> (SetupDelayedDetect) -- Delayed detect disabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (util-conf.c:161) <Info> (ConfUnixSocketIsEnable) -- Running in live mode, activating unix socket
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine.c:2035) <Config> (DetectEngineCtxInitReal) -- pattern matchers: MPM: hs, SPM: hs
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine.c:2444) <Config> (DetectEngineCtxLoadConf) -- grouping: tcp-whitelist (default) 53, 80, 139, 443, 445, 1433, 3306, 3389, 6666, 6667, 8080
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine.c:2468) <Config> (DetectEngineCtxLoadConf) -- grouping: udp-whitelist (default) 53, 135, 5060
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine.c:2496) <Config> (DetectEngineCtxLoadConf) -- prefilter engines: MPM
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_uri
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_uri
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_uri
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_uri
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_request_line
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_client_body
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_response_line
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header_names
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header_names
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header_names
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_header_names
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept_enc
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept_enc
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept_lang
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_accept_lang
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_referer
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_referer
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_connection
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_connection
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_len
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_len
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_len
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_len
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_type
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_type
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_type
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_content_type
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http.server
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http.server
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http.location
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http.location
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_protocol
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_protocol
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_start
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_start
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_method
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_method
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_cookie
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_cookie
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_cookie
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_cookie
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file.magic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_user_agent
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_user_agent
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_host
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_host
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_host
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_raw_host
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_stat_msg
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_stat_code
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http_stat_code
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http2_header_name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http2_header_name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http2_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for http2_header
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dns_query
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dnp3_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dnp3_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.sni
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.cert_issuer
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.cert_subject
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.cert_serial
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.cert_fingerprint
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for tls.certs
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ja3.hash
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ja3.string
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ja3s.hash
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ja3s.string
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dce_stub_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dce_stub_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dce_stub_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for dce_stub_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for smb_named_pipe
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for smb_share
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.proto
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.proto
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh_software
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh_software
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.hassh
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.hassh.server
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.hassh.string
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for ssh.hassh.server.string
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for file_data
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for krb5_cname
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for krb5_sname
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.method
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.uri
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.protocol
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.protocol
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.method
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.stat_msg
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.request_line
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for sip.response_line
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for rfb.name
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for snmp.community
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for snmp.community
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.connect.clientid
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.connect.username
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.connect.password
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.connect.willtopic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.connect.willmessage
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.publish.topic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.publish.message
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.subscribe.topic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:249) <Perf> (DetectMpmInitializeAppMpms) -- using shared mpm ctx' for mqtt.unsubscribe.topic
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for icmpv4.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for tcp.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for udp.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for icmpv6.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for ipv4.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-mpm.c:417) <Perf> (DetectMpmInitializePktMpms) -- using shared mpm ctx' for ipv6.hdr
|
|
[4641] 19/12/2021 -- 12:16:37 - (reputation.c:604) <Config> (SRepInit) -- IP reputation disabled
|
|
[4641] 19/12/2021 -- 12:16:37 - (detect-engine-loader.c:251) <Config> (ProcessSigFiles) -- Loading rule file: /etc/suricata/rules/scirius.rules
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-loader.c:354) <Info> (SigLoadSignatures) -- 1 rule files processed. 11065 rules successfully loaded, 0 rules failed
|
|
[4641] 19/12/2021 -- 12:16:39 - (util-threshold-config.c:1073) <Info> (SCThresholdConfParseFile) -- Threshold config parsed: 0 rule(s) found
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-mpm.c:474) <Perf> (SetupBuiltinMpm) -- using shared mpm ctx' for tcp-packet
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-mpm.c:474) <Perf> (SetupBuiltinMpm) -- using shared mpm ctx' for tcp-stream
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-mpm.c:474) <Perf> (SetupBuiltinMpm) -- using shared mpm ctx' for udp-packet
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-mpm.c:474) <Perf> (SetupBuiltinMpm) -- using shared mpm ctx' for other-ip
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1415) <Info> (SigAddressPrepareStage1) -- 11065 signatures processed. 230 are IP-only rules, 2406 are inspecting packet payload, 8406 inspect application layer, 0 are decoder event only
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1421) <Config> (SigAddressPrepareStage1) -- building signature grouping structure, stage 1: preprocessing rules... complete
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'is_proto_irc' is checked but not set. Checked in 2002029 and 4 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.http.javaclient.vulnerable' is checked but not set. Checked in 2013036 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.http.javaclient' is checked but not set. Checked in 2017181 and 11 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.autoit.ua' is checked but not set. Checked in 2019165 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.ELFDownload' is checked but not set. Checked in 2019896 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.DocVBAProject' is checked but not set. Checked in 2020170 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.MSSQL' is checked but not set. Checked in 2020569 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.wininet.UA' is checked but not set. Checked in 2021312 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.MS.XMLHTTP.ip.request' is checked but not set. Checked in 2022050 and 1 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.MS.XMLHTTP.no.exe.request' is checked but not set. Checked in 2022053 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.MCOFF' is checked but not set. Checked in 2022303 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.MS.WinHttpRequest.no.exe.request' is checked but not set. Checked in 2022653 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.IE7.NoRef.NoCookie' is checked but not set. Checked in 2023671 and 9 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'min.gethttp' is checked but not set. Checked in 2023711 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.http.binary' is checked but not set. Checked in 2023741 and 4 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.armwget' is checked but not set. Checked in 2024242 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.smb.binary' is checked but not set. Checked in 2027402 and 4 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.Socks5.OnionReq' is checked but not set. Checked in 2027704 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.telnet.busybox' is checked but not set. Checked in 2023019 and 2 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.pdf.in.http' is checked but not set. Checked in 2017150 and 1 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.WinHttpRequest' is checked but not set. Checked in 2019823 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'exe.no.referer' is checked but not set. Checked in 2020500 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ETPRO.RTF' is checked but not set. Checked in 2020700 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'HTTP.UncompressedFlash' is checked but not set. Checked in 2023313 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'et.JavaArchiveOrClass' is checked but not set. Checked in 2017772 and 1 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-flowbits.c:588) <Warning> (DetectFlowbitsAnalyze) -- [ERRCODE: SC_WARN_FLOWBIT(306)] - flowbit 'ET.gocd.auth' is checked but not set. Checked in 2034333 and 0 other sigs
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1259) <Perf> (RulesGroupByPorts) -- TCP toserver: 41 port groups, 40 unique SGH's, 1 copies
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1259) <Perf> (RulesGroupByPorts) -- TCP toclient: 21 port groups, 20 unique SGH's, 1 copies
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1259) <Perf> (RulesGroupByPorts) -- UDP toserver: 41 port groups, 25 unique SGH's, 16 copies
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1259) <Perf> (RulesGroupByPorts) -- UDP toclient: 21 port groups, 15 unique SGH's, 6 copies
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1007) <Perf> (RulesGroupByProto) -- OTHER toserver: 254 proto groups, 2 unique SGH's, 252 copies
|
|
[4641] 19/12/2021 -- 12:16:39 - (detect-engine-build.c:1044) <Perf> (RulesGroupByProto) -- OTHER toclient: 254 proto groups, 0 unique SGH's, 254 copies
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-build.c:1789) <Perf> (SigAddressPrepareStage4) -- Unique rule groups: 102
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toserver TCP packet": 25
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toclient TCP packet": 16
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toserver TCP stream": 27
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toclient TCP stream": 17
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toserver UDP packet": 25
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "toclient UDP packet": 15
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1156) <Perf> (MpmStoreReportStats) -- Builtin MPM "other IP packet": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_uri (http)": 9
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_uri (http2)": 9
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_uri (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_uri (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_request_line (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_client_body (http)": 5
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_response_line (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_header (http)": 6
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_header (http)": 6
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_header (http2)": 6
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_header (http2)": 6
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_header_names (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_header_names (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_header_names (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_header_names (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept_enc (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept_enc (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept_lang (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_accept_lang (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_referer (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_referer (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_connection (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_connection (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_content_len (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_content_len (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_content_len (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_content_len (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_content_type (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_content_type (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_content_type (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_content_type (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http.server (http)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http.server (http2)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http.location (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http.location (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_protocol (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_protocol (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_start (http)": 4
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_start (http)": 4
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_header (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_raw_header (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_header (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_raw_header (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_method (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_method (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_cookie (http)": 3
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_cookie (http)": 3
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_cookie (http2)": 3
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_cookie (http2)": 3
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_user_agent (http)": 5
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_user_agent (http2)": 5
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_host (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_host (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_host (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_host (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_host (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver http_raw_host (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_stat_code (http)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient http_stat_code (http2)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver dns_query (dns)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver dns_query (dns)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver tls.sni (tls)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver tls.sni (tls)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient tls.cert_issuer (tls)": 2
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient tls.cert_subject (tls)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient tls.cert_serial (tls)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient tls.cert_fingerprint (tls)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver ssh.proto (ssh)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient ssh.proto (ssh)": 1
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver file_data (smtp)": 7
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient file_data (http)": 7
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver file_data (smb)": 7
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient file_data (smb)": 7
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toserver file_data (http2)": 7
|
|
[4641] 19/12/2021 -- 12:16:44 - (detect-engine-mpm.c:1163) <Perf> (MpmStoreReportStats) -- AppLayer MPM "toclient file_data (http2)": 7
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:276) <Info> (ParseAFPConfig) -- AF_PACKET IPS mode activated enp0s21->enp0s22
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:354) <Info> (ParseAFPConfig) -- Using ebpf based cluster mode for AF_PACKET (iface enp0s21)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:388) <Config> (ParseAFPConfig) -- af-packet will use '/usr/libexec/suricata/ebpf/lb.bpf' as eBPF load balancing file
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-ebpf.c:465) <Info> (EBPFLoadFile) -- Successfully loaded eBPF file '/usr/libexec/suricata/ebpf/lb.bpf' on 'enp0s21'
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:708) <Config> (ParseAFPConfig) -- enp0s21: enabling zero copy mode by using data release call
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-runmodes.c:264) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 16 thread(s)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:276) <Info> (ParseAFPConfig) -- AF_PACKET IPS mode activated enp0s22->enp0s21
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:354) <Info> (ParseAFPConfig) -- Using ebpf based cluster mode for AF_PACKET (iface enp0s22)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:388) <Config> (ParseAFPConfig) -- af-packet will use '/usr/libexec/suricata/ebpf/lb.bpf' as eBPF load balancing file
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-ebpf.c:465) <Info> (EBPFLoadFile) -- Successfully loaded eBPF file '/usr/libexec/suricata/ebpf/lb.bpf' on 'enp0s22'
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:708) <Config> (ParseAFPConfig) -- enp0s22: enabling zero copy mode by using data release call
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-runmodes.c:264) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 16 thread(s)
|
|
[4668] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4668] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4669] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4669] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4670] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4670] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4671] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4671] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4672] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4672] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4673] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4673] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4674] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4674] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4675] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4675] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4676] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4676] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4677] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4677] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4678] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4678] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4679] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4679] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4680] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4680] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4681] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4681] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4682] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4682] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4683] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s22'
|
|
[4683] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s21'
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:276) <Info> (ParseAFPConfig) -- AF_PACKET IPS mode activated enp0s19->enp0s20
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:354) <Info> (ParseAFPConfig) -- Using ebpf based cluster mode for AF_PACKET (iface enp0s19)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:388) <Config> (ParseAFPConfig) -- af-packet will use '/usr/libexec/suricata/ebpf/lb.bpf' as eBPF load balancing file
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-ebpf.c:465) <Info> (EBPFLoadFile) -- Successfully loaded eBPF file '/usr/libexec/suricata/ebpf/lb.bpf' on 'enp0s19'
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:708) <Config> (ParseAFPConfig) -- enp0s19: enabling zero copy mode by using data release call
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-runmodes.c:264) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 16 thread(s)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:276) <Info> (ParseAFPConfig) -- AF_PACKET IPS mode activated enp0s20->enp0s19
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:354) <Info> (ParseAFPConfig) -- Using ebpf based cluster mode for AF_PACKET (iface enp0s20)
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:388) <Config> (ParseAFPConfig) -- af-packet will use '/usr/libexec/suricata/ebpf/lb.bpf' as eBPF load balancing file
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-ebpf.c:465) <Info> (EBPFLoadFile) -- Successfully loaded eBPF file '/usr/libexec/suricata/ebpf/lb.bpf' on 'enp0s20'
|
|
[4641] 19/12/2021 -- 12:16:51 - (runmode-af-packet.c:708) <Config> (ParseAFPConfig) -- enp0s20: enabling zero copy mode by using data release call
|
|
[4641] 19/12/2021 -- 12:16:51 - (util-runmodes.c:264) <Info> (RunModeSetLiveCaptureWorkersForDevice) -- Going to use 16 thread(s)
|
|
[4700] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4700] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4701] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4701] 19/12/2021 -- 12:16:51 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4702] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4702] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4703] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4703] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4704] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4704] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4705] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4705] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4706] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4706] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4707] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4707] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4708] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4708] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4709] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4709] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4710] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4710] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4711] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4711] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4712] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4712] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4713] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4713] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4714] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4714] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4715] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s20'
|
|
[4715] 19/12/2021 -- 12:16:52 - (util-ioctl.c:111) <Info> (GetIfaceMTU) -- Found an MTU of 5000 for 'enp0s19'
|
|
[4641] 19/12/2021 -- 12:16:52 - (flow-manager.c:1014) <Config> (FlowManagerThreadSpawn) -- using 1 flow manager threads
|
|
[4641] 19/12/2021 -- 12:16:52 - (flow-manager.c:1217) <Config> (FlowRecyclerThreadSpawn) -- using 1 flow recycler threads
|
|
[4641] 19/12/2021 -- 12:16:52 - (util-conf.c:161) <Info> (ConfUnixSocketIsEnable) -- Running in live mode, activating unix socket
|
|
[4641] 19/12/2021 -- 12:16:52 - (unix-manager.c:132) <Info> (UnixNew) -- Using unix socket file '/var/run/suricata/suricata-command.socket'
|
|
[4641] 19/12/2021 -- 12:16:52 - (tm-threads.c:1976) <Notice> (TmThreadWaitOnThreadInit) -- all 64 packet processing threads, 4 management threads initialized, engine started.
|
|
[4652] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4652] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4652] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4653] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4653] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4653] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4654] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4654] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4654] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4655] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4655] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4655] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4656] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4656] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4656] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4657] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4657] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4657] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4658] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4658] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4658] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4659] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4659] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4659] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4660] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4660] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4660] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4661] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4661] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4661] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4662] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4662] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4662] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4663] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4663] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4663] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4664] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4664] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4664] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4665] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4665] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4665] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4666] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4666] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4666] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4667] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4667] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4667] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4668] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4668] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4668] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4669] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4669] 19/12/2021 -- 12:16:52 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4669] 19/12/2021 -- 12:16:52 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4670] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4670] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4670] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4671] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4671] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4671] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4672] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4672] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4672] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4673] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4673] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4673] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4674] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4674] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4674] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4675] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4675] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4675] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4676] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4676] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4676] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4677] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4677] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4677] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4678] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4678] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4678] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4679] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4679] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4679] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4680] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4680] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4680] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4681] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4681] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4681] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4682] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4682] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4682] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4683] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4683] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4683] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4684] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4684] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4684] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4685] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4685] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4685] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4686] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4686] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4686] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4687] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4687] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4687] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4688] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4688] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4688] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4689] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4689] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4689] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4690] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4690] 19/12/2021 -- 12:16:53 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4690] 19/12/2021 -- 12:16:53 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4691] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4691] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4691] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4692] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4692] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4692] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4693] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4693] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4693] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4694] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4694] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4694] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4695] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4695] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4695] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4696] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4696] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4696] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4697] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4697] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4697] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4698] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4698] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4698] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4699] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4699] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4699] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4700] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4700] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4700] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4701] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4701] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4701] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4702] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4702] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4702] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4703] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4703] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4703] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4704] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4704] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4704] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4705] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4705] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4705] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4706] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4706] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4706] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4707] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4707] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4707] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4708] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4708] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4708] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4709] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4709] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4709] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4710] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4710] 19/12/2021 -- 12:16:54 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4710] 19/12/2021 -- 12:16:54 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4711] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4711] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4711] 19/12/2021 -- 12:16:55 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4712] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4712] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4712] 19/12/2021 -- 12:16:55 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4713] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4713] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4713] 19/12/2021 -- 12:16:55 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4714] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4714] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4714] 19/12/2021 -- 12:16:55 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4715] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2185) <Perf> (AFPCreateSocket) -- Setting AF_PACKET socket buffer to 94535
|
|
[4715] 19/12/2021 -- 12:16:55 - (source-af-packet.c:2080) <Info> (SockFanoutSeteBPF) -- Activated eBPF on socket
|
|
[4715] 19/12/2021 -- 12:16:55 - (source-af-packet.c:1803) <Perf> (AFPComputeRingParams) -- AF_PACKET RX Ring params: block_size=32768 block_nr=8334 frame_size=5104 frame_nr=50004
|
|
[4715] 19/12/2021 -- 12:16:55 - (source-af-packet.c:555) <Info> (AFPPeersListReachedInc) -- All AFP capture threads are running.
|
|
[4708] 19/12/2021 -- 12:17:02 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 52: Message too long
|
|
[4692] 19/12/2021 -- 12:17:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:17:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:18:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:18:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:18:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:19:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:19:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:20:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:20:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:21:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:21:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:21:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:22:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:22:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4676] 19/12/2021 -- 12:24:07 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 20: Message too long
|
|
[4692] 19/12/2021 -- 12:24:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:24:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:25:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:25:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:26:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:26:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:27:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:27:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:28:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:28:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:29:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|
|
[4692] 19/12/2021 -- 12:29:14 - (source-af-packet.c:837) <Warning> (AFPWritePacket) -- [ERRCODE: SC_ERR_SOCKET(200)] - Sending packet failed on socket 68: Message too long
|