Bug #3158
closed'wrong thread' tracking inaccurate for bridging IPS modes
Description
When using IPS with AF_PACKET the worker threads are created per interface. So a connection/flow will be handled one interface for one side of the traffic and another interface for the opposing side. This means that by design different threads process a single flow.
The code should consider this when checking the 'wrong thread' logic.
AF_PACKET and NETMAP are affected.
Updated by Victor Julien about 5 years ago
- Related to Optimization #2725: stream/packet on wrong thread added
Updated by Andreas Herz about 5 years ago
- Assignee set to OISF Dev
- Target version set to TBD
Updated by Srini J about 5 years ago
Hi Team,
Any estimate as to when this might be fixed? We are using NETMAP IPS mode and are affected by this issue.
Thanks,
Sj
Updated by Victor Julien about 5 years ago
- Status changed from New to Closed
- Assignee changed from OISF Dev to Victor Julien
- Target version changed from TBD to 5.0rc1
Should be fixed in the git master:
https://github.com/OISF/suricata/pull/4188
https://github.com/OISF/suricata/pull/4188/commits/7cabb025ea530cc97b033cbca55e87053a32fd00
Updated by Srini J about 5 years ago
Victor Julien wrote:
Should be fixed in the git master:
https://github.com/OISF/suricata/pull/4188
https://github.com/OISF/suricata/pull/4188/commits/7cabb025ea530cc97b033cbca55e87053a32fd00
Thanks you for the quick response. Will try it out.
Regards,
Sj