Actions
Feature #681
closedImplement TPACKET_V3 support in AF_PACKET
Effort:
Difficulty:
Label:
Description
Suricata only supports TPACKET_V2 in AF_PACKET capture. The version 3 of packet allows to have a non fixed packet size in the ring buffer. This is supposed to increase capture performance on network with small packets.
Updated by Victor Julien over 11 years ago
- Assignee set to Eric Leblond
Seems the protocol is not documented and example code is missing. Might be hard to get it working.
Updated by Victor Julien almost 11 years ago
- Status changed from New to Assigned
- Target version changed from TBD to 3.0RC2
Updated by Victor Julien about 10 years ago
- Priority changed from Normal to Low
- Target version changed from 3.0RC2 to TBD
Seems this API isn't all that much of an improvement?
Updated by Eoin Miller almost 10 years ago
We noticed quite an increase in performance (around %25) when implementing in our sniffer. It would be great is Suricata was able to support this as well.
Updated by Eoin Miller almost 10 years ago
Updated by Victor Julien almost 10 years ago
Eoin, since you have an implementation, are you interested in contributing it?
Updated by Victor Julien over 8 years ago
- Priority changed from Low to Normal
- Target version changed from TBD to 70
Updated by Victor Julien over 8 years ago
- Status changed from Assigned to Closed
- Target version changed from 70 to 3.1rc1
Actions