Bug #930
closedError when not specifying the interface on the command line
Description
When you run suricata + pf_ring without specifying the interface in command line, this error appears:
26/8/2013 -- 12:49:24 - <Info> - This is Suricata version 1.4.5 RELEASE
26/8/2013 -- 12:49:24 - <Info> - CPUs/cores online: 8
26/8/2013 -- 12:49:24 - <Info> - Live rule reloads enabled
26/8/2013 -- 12:49:24 - <Info> - Failure when trying to get MTU via ioctl: 19
Specifying the interface, it works:
[root@nsm01 init.d]# LD_LIBRARY_PATH=/opt/pfring/lib suricata --pfring-int=eth3 --pfring-cluster-id=99 --pfring-cluster-type=cluster_flow c /data/config/etc/suricata02/suricata.yaml -D 13:07:22 - <Info> - This is Suricata version 1.4.5 RELEASE
26/8/2013 -
26/8/2013 -- 13:07:22 - <Info> - CPUs/cores online: 8
26/8/2013 -- 13:07:22 - <Info> - Live rule reloads enabled
26/8/2013 -- 13:07:22 - <Info> - Found an MTU of 1514 for 'eth3'
Updated by Victor Julien about 11 years ago
- Status changed from New to Assigned
- Assignee set to Eric Leblond
- Target version deleted (
1.4.5)
Updated by Andreas Herz about 8 years ago
Can someone with pf_ring check if that's still an issue?
Updated by Peter Manev about 8 years ago
With pfring and 3.1dev (rev ae11687) it seems to be ok but the MTU it is not reported :
[13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:339) <Config> (DNSUDPConfigure) -- DNS request flood protection level: 500 [13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:351) <Config> (DNSUDPConfigure) -- DNS per flow memcap (state-memcap): 524288 [13187] 14/9/2016 -- 09:31:37 - (app-layer-dns-udp.c:363) <Config> (DNSUDPConfigure) -- DNS global memcap: 4294967296 [13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:210) <Config> (DefragInitConfig) -- allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56 [13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:235) <Config> (DefragInitConfig) -- preallocated 65535 defrag trackers of size 168 [13187] 14/9/2016 -- 09:31:37 - (defrag-hash.c:242) <Config> (DefragInitConfig) -- defrag memory usage: 14679896 bytes, maximum: 536870912 [13187] 14/9/2016 -- 09:31:37 - (host.c:216) <Config> (HostInitConfig) -- allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64 [13187] 14/9/2016 -- 09:31:37 - (host.c:239) <Config> (HostInitConfig) -- preallocated 1000 hosts of size 136
as opposed to af-packet where it is :
[16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:339) <Config> (DNSUDPConfigure) -- DNS request flood protection level: 500 [16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:351) <Config> (DNSUDPConfigure) -- DNS per flow memcap (state-memcap): 524288 [16578] 14/9/2016 -- 10:30:00 - (app-layer-dns-udp.c:363) <Config> (DNSUDPConfigure) -- DNS global memcap: 4294967296 [16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth2' [16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth3' [16578] 14/9/2016 -- 10:30:00 - (util-ioctl.c:103) <Info> (GetIfaceMTU) -- Found an MTU of 1500 for 'eth0' [16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:210) <Config> (DefragInitConfig) -- allocated 3670016 bytes of memory for the defrag hash... 65536 buckets of size 56 [16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:235) <Config> (DefragInitConfig) -- preallocated 65535 defrag trackers of size 168 [16578] 14/9/2016 -- 10:30:00 - (defrag-hash.c:242) <Config> (DefragInitConfig) -- defrag memory usage: 14679896 bytes, maximum: 536870912 [16578] 14/9/2016 -- 10:30:00 - (host.c:216) <Config> (HostInitConfig) -- allocated 262144 bytes of memory for the host hash... 4096 buckets of size 64 [16578] 14/9/2016 -- 10:30:00 - (host.c:239) <Config> (HostInitConfig) -- preallocated 10000 hosts of size 136
Updated by Victor Julien about 7 years ago
- Status changed from Assigned to Closed
- Assignee deleted (
Eric Leblond) - Target version deleted (
TBD)