|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Notice: suricata: This is Suricata version 8.0.0-dev (d005fff7b 2023-11-24) running in SYSTEM mode
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: cpu: CPUs/cores online: 12
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: affinity: Found affinity definition for "management-cpu-set"
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: affinity: Found affinity definition for "receive-cpu-set"
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: affinity: Found affinity definition for "worker-cpu-set"
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: affinity: Using default prio 'medium' for set 'worker-cpu-set'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: device: Adding interface 0000:07:00.0 from config file
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: device: Adding interface 0000:08:00.0 from config file
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: suricata: Setting engine mode to IDS mode by default
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: exception-policy: master exception-policy set to: auto
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: app-layer.error-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: app-layer-htp: 'default' server has 'request-body-minimal-inspect-size' set to 33651 and 'request-body-inspect-window' set to 4115 after randomization.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: app-layer-htp: 'default' server has 'response-body-minimal-inspect-size' set to 42624 and 'response-body-inspect-window' set to 16155 after randomization.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: smb: read: max record size: 16777216, max queued chunks 64, max queued size 67108864
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: smb: write: max record size: 16777216, max queued chunks 64, max queued size 67108864
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: app-layer-enip: Protocol detection and parser disabled for enip protocol.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: app-layer-dnp3: Protocol detection and parser disabled for DNP3.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: suricata: Preparing unexpected signal handling
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: host: allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: host: preallocated 1000 hosts of size 136
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: host: host memory usage: 398144 bytes, maximum: 33554432
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: coredump-config: Core dump size set to unlimited.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: defrag.memcap-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: defrag-hash: allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: defrag-hash: preallocated 65535 defrag trackers of size 160
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: defrag-hash: defrag memory usage: 14155616 bytes, maximum: 33554432
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: flow.memcap-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: flow: flow size 296, memcap allows for 453438 flows. Per hash row in perfect conditions 6
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "prealloc-sessions": 2048 (per thread)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "memcap": 67108864
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "midstream" session pickups: disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "async-oneside": disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "checksum-validation": enabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: stream.memcap-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: stream.reassembly.memcap-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: exception-policy: stream.midstream-policy: ignore (defined via 'exception-policy' master switch)
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream."inline": disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "bypass": disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "max-syn-queued": 10
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream "max-synack-queued": 5
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.reassembly "memcap": 268435456
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.reassembly "depth": 1048576
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.reassembly "toserver-chunk-size": 2446
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.reassembly "toclient-chunk-size": 2458
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.reassembly.raw: enabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp: stream.liberal-timestamps: disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp-reassemble: stream.reassembly "segment-prealloc": 2048
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: stream-tcp-reassemble: stream.reassembly "max-regions": 8
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: conf: Running in live mode, activating unix socket
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: logopenfile: fast output device (regular) initialized: fast.log
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: logopenfile: eve-log output device (regular) initialized: eve.json
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'alert'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'frame'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'anomaly'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'http'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'dns'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'tls'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'files'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'smtp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'ftp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'rdp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'nfs'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'smb'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'tftp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'ike'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'dcerpc'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'krb5'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'bittorrent-dht'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'snmp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'rfb'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'sip'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'quic'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'dhcp'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'ssh'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'mqtt'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'http2'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'pgsql'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'stats'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: runmodes: enabling 'eve-log' module 'flow'
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: logopenfile: stats output device (regular) initialized: stats.log
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: landlock: Landlock is not enabled in configuration
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: suricata: Delayed detect disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: pattern matchers: MPM: hs, SPM: hs
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: grouping: tcp-whitelist (default) 53, 80, 139, 443, 445, 1433, 3306, 3389, 6666, 6667, 8080
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: grouping: udp-whitelist (default) 53, 135, 5060
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: prefilter engines: MPM
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: reputation: IP reputation disabled
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: Loading rule file: /var/lib/suricata/rules/local.rules
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303111 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303222 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303333 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303444 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303455 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303666 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303334 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect-parse: Rule with ID 303777 is bidirectional, but source and destination are the same, treating the rule as unidirectional
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect: 1 rule files processed. 12 rules successfully loaded, 0 rules failed
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: threshold-config: Threshold config parsed: 0 rule(s) found
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: detect: 12 signatures processed. 3 are IP-only rules, 4 are inspecting packet payload, 5 inspect application layer, 0 are decoder event only
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: detect: building signature grouping structure, stage 1: preprocessing rules... complete
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: TCP toserver: 1 port groups, 1 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: TCP toclient: 1 port groups, 1 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: UDP toserver: 1 port groups, 1 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: UDP toclient: 1 port groups, 1 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: OTHER toserver: 0 proto groups, 0 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: OTHER toclient: 0 proto groups, 0 unique SGH's, 0 copies
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Unique rule groups: 4
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toserver TCP packet": 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toclient TCP packet": 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toserver TCP stream": 1
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toclient TCP stream": 1
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toserver UDP packet": 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "toclient UDP packet": 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: Builtin MPM "other IP packet": 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: AppLayer MPM "toserver http_uri (http)": 2
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: AppLayer MPM "toserver http_uri (http2)": 2
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: detect: AppLayer MPM "toserver dns_query (dns)": 1
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: profiling-rulegroups: Registered 4 rulegroup profiling counters.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: profiling-keywords: Registered 284 keyword profiling counters.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: profiling-prefilter: Registered 3 prefilter profiling counters.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Perf: profiling-rules: Registered 12 rule profiling counters.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Notice: conf: unable to find interface default in DPDK config
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_STRIP - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_IPV4_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_UDP_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_TCP_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_TCP_LRO - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_QINQ_STRIP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_OUTER_IPV4_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_MACSEC_STRIP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_FILTER - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_EXTEND - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_SCATTER - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_TIMESTAMP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_SECURITY - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_KEEP_CRC - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_SCTP_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_OUTER_UDP_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_RSS_HASH - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: RTE_ETH_RX_OFFLOAD_BUFFER_SPLIT - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: RSS not supported
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: IP, TCP and UDP checksum validation offloaded
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: setting MTU to 1500
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: creating packet mbuf pool mempool_0000:07:00.0 of size 65535, cache size 257, mbuf size 2176
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: rx queue setup: queue:0 port:0 rx_desc:1024 tx_desc:1024 rx: hthresh: 0 pthresh 0 wthresh 0 free_thresh 0 drop_en 0 offloads 14
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Config: dpdk: 0000:07:00.0: tx queue setup: queue:0 port:0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Notice: conf: unable to find interface default in DPDK config
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: dpdk: 0000:07:00.0: DPDK TAP mode activated: 0000:07:00.0->0000:08:00.0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:28 Info: runmodes: 0000:07:00.0: creating 1 thread
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:28 Perf: threads: Setting prio 0 for thread "W#01-07:00.0" to cpu/core 2, thread id 16680
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:29 Notice: dpdk: 0000:07:00.0: unable to determine NIC's NUMA node, degraded performance can be expected
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Notice: conf: unable to find interface default in DPDK config
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_STRIP - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_IPV4_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_UDP_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_TCP_CKSUM - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_TCP_LRO - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_QINQ_STRIP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_OUTER_IPV4_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_MACSEC_STRIP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_FILTER - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_VLAN_EXTEND - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_SCATTER - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_TIMESTAMP - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_SECURITY - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_KEEP_CRC - available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_SCTP_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_OUTER_UDP_CKSUM - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_RSS_HASH - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: RTE_ETH_RX_OFFLOAD_BUFFER_SPLIT - NOT available
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: RSS not supported
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: IP, TCP and UDP checksum validation offloaded
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: setting MTU to 1500
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: creating packet mbuf pool mempool_0000:08:00.0 of size 65535, cache size 257, mbuf size 2176
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: rx queue setup: queue:0 port:1 rx_desc:1024 tx_desc:1024 rx: hthresh: 0 pthresh 0 wthresh 0 free_thresh 0 drop_en 0 offloads 14
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: dpdk: 0000:08:00.0: tx queue setup: queue:0 port:1
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Notice: conf: unable to find interface default in DPDK config
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Info: dpdk: 0000:08:00.0: DPDK TAP mode activated: 0000:08:00.0->0000:07:00.0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Info: runmodes: 0000:08:00.0: creating 1 thread
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:29 Perf: threads: Setting prio -2 for thread "W#01-08:00.0" to cpu/core 3, thread id 16681
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:29 Notice: dpdk: 0000:08:00.0: unable to determine NIC's NUMA node, degraded performance can be expected
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: flow-manager: using 1 flow manager threads
|
|
[16682 - FM#01] 2023-11-29 11:49:29 Perf: threads: Setting prio 0 for thread "FM#01", thread id 16682
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Config: flow-manager: using 1 flow recycler threads
|
|
[16683 - FR#01] 2023-11-29 11:49:29 Perf: threads: Setting prio 0 for thread "FR#01", thread id 16683
|
|
[16684 - CW] 2023-11-29 11:49:29 Perf: threads: Setting prio 0 for thread "CW", thread id 16684
|
|
[16685 - CS] 2023-11-29 11:49:29 Perf: threads: Setting prio 0 for thread "CS", thread id 16685
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Info: unix-manager: unix socket '/var/run/suricata/suricata-command.socket'
|
|
[16686 - US] 2023-11-29 11:49:29 Perf: threads: Setting prio 0 for thread "US", thread id 16686
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Notice: threads: Threads created -> W: 2 FM: 1 FR: 1 Engine started.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:29 Info: dpdk: 361 of 512 of hugepages are free - number of hugepages can be lowered to e.g. 174
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:31 Notice: suricata: Signal Received. Stopping engine.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:32 Info: suricata: time elapsed 4.059s
|
|
[16683 - FR#01] 2023-11-29 11:49:33 Perf: flow-manager: 0 flows processed
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:33 Perf: dpdk: Port 0 (0000:07:00.0) - rx_good_packets: 1
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:33 Perf: dpdk: Port 0 (0000:07:00.0) - rx_good_bytes: 64
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:33 Perf: dpdk: 0000:07:00.0: total RX stats: packets 1 bytes: 64 missed: 0 errors: 0 nombufs: 0
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:33 Perf: dpdk: 0000:07:00.0: total TX stats: packets 0 bytes: 0 errors: 0
|
|
[16680 - W#01-07:00.0] 2023-11-29 11:49:33 Perf: dpdk: (W#01-07:00.0) received packets 1
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:33 Perf: dpdk: Port 1 (0000:08:00.0) - tx_good_packets: 1
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:33 Perf: dpdk: Port 1 (0000:08:00.0) - tx_good_bytes: 60
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:33 Perf: dpdk: 0000:08:00.0: total RX stats: packets 0 bytes: 0 missed: 0 errors: 0 nombufs: 0
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:33 Perf: dpdk: 0000:08:00.0: total TX stats: packets 1 bytes: 60 errors: 0
|
|
[16681 - W#01-08:00.0] 2023-11-29 11:49:33 Perf: dpdk: (W#01-08:00.0) received packets 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Info: counters: Alerts: 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: ippair: ippair memory usage: 414144 bytes, maximum: 16777216
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling: Done dumping profiling data.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: host: host memory usage: 398144 bytes, maximum: 33554432
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling-rules: Dumping profiling data for 12 rules.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling-rules: Done dumping profiling data.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling-keywords: Done dumping keyword profiling data.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling-rulegroups: Done dumping rulegroup profiling data.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: profiling-prefilter: Done dumping prefilter profiling data.
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: dpdk: 0000:07:00.0: closing device
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Perf: dpdk: 0000:08:00.0: closing device
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Notice: device: 0000:07:00.0: packets: 1, drops: 0 (0.00%), invalid chksum: 0
|
|
[16652 - Suricata-Main] 2023-11-29 11:49:33 Notice: device: 0000:08:00.0: packets: 0, drops: 0 (0.00%), invalid chksum: 0
|