Project

General

Profile

Actions

Bug #930

closed

Error when not specifying the interface on the command line

Added by Carlos Lopez about 11 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

When you run suricata + pf_ring without specifying the interface in command line, this error appears:

26/8/2013 -- 12:49:24 - <Info> - This is Suricata version 1.4.5 RELEASE
26/8/2013 -- 12:49:24 - <Info> - CPUs/cores online: 8
26/8/2013 -- 12:49:24 - <Info> - Live rule reloads enabled
26/8/2013 -- 12:49:24 - <Info> - Failure when trying to get MTU via ioctl: 19

Specifying the interface, it works:

[root@nsm01 init.d]# LD_LIBRARY_PATH=/opt/pfring/lib suricata --pfring-int=eth3 --pfring-cluster-id=99 --pfring-cluster-type=cluster_flow c /data/config/etc/suricata02/suricata.yaml -D
26/8/2013 -
13:07:22 - <Info> - This is Suricata version 1.4.5 RELEASE
26/8/2013 -- 13:07:22 - <Info> - CPUs/cores online: 8
26/8/2013 -- 13:07:22 - <Info> - Live rule reloads enabled
26/8/2013 -- 13:07:22 - <Info> - Found an MTU of 1514 for 'eth3'

Actions #1

Updated by Victor Julien about 11 years ago

  • Status changed from New to Assigned
  • Assignee set to Eric Leblond
  • Target version deleted (1.4.5)
Actions #2

Updated by Victor Julien about 11 years ago

  • Target version set to TBD
Actions #3

Updated by Andreas Herz about 8 years ago

Can someone with pf_ring check if that's still an issue?

Actions #4

Updated by Peter Manev about 8 years ago

With pfring and 3.1dev (rev ae11687) it seems to be ok but the MTU it is not reported :

[13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:339) <Config> (DNSUDPConfigure) -- DNS request flood protection level: 500
[13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:351) <Config> (DNSUDPConfigure) -- DNS per flow memcap (state-memcap): 524288
[13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:363) <Config> (DNSUDPConfigure) -- DNS global memcap: 4294967296
[13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:210) <Config> (DefragInitConfig) -- allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56
[13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:235) <Config> (DefragInitConfig) -- preallocated 65535 defrag trackers of size 168
[13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:242) <Config> (DefragInitConfig) -- defrag memory usage: 14679896 bytes, maximum: 536870912
[13187] 14/9/2016 -- 09:31:37 - (host.c:216) <Config> (HostInitConfig) -- allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64
[13187] 14/9/2016 -- 09:31:37 - (host.c:239) <Config> (HostInitConfig) -- preallocated 1000 hosts of size 136

as opposed to af-packet where it is :

[16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:339) <Config> (DNSUDPConfigure) -- DNS request flood protection level: 500
[16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:351) <Config> (DNSUDPConfigure) -- DNS per flow memcap (state-memcap): 524288
[16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:363) <Config> (DNSUDPConfigure) -- DNS global memcap: 4294967296
[16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth2'
[16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth3'
[16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth0'
[16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:210) <Config> (DefragInitConfig) -- allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56
[16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:235) <Config> (DefragInitConfig) -- preallocated 65535 defrag trackers of size 168
[16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:242) <Config> (DefragInitConfig) -- defrag memory usage: 14679896 bytes, maximum: 536870912
[16578] 14/9/2016 -- 10:30:00 - (host.c:216) <Config> (HostInitConfig) -- allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64
[16578] 14/9/2016 -- 10:30:00 - (host.c:239) <Config> (HostInitConfig) -- preallocated 10000 hosts of size 136

Actions #5

Updated by Victor Julien about 7 years ago

  • Status changed from Assigned to Closed
  • Assignee deleted (Eric Leblond)
  • Target version deleted (TBD)
Actions

Also available in: Atom PDF