david415
commented
9 years ago now working and testing with this branch https://github.com/david415/HoneyBadger/tree/54-unhose-1
Closed david415 closed 9 years ago
david415
commented
9 years ago now working and testing with this branch https://github.com/david415/HoneyBadger/tree/54-unhose-1
david415
commented
9 years ago yess! i found the problem... or at least i partially understand the problem:
2015/05/24 23:40:40 not an attack attempt; a normal TCP retransmission.
2015/05/24 23:47:49 timeout closed 299 connectionsThese two log messages appear before and after the "pause"... AND it only pauses for the WireDuration unit of time... and not some other random ass time duration.
david415
commented
9 years ago i don't know what exactly is causing this... but the workaround is to NOT use libpcap ;-0 but instead use AF_PACKET ;-) honeybadger CLI option is -afpacket=true
david415
commented
9 years ago this bug may have been fixed. closing for now... since this behavior is never exhibited when using AF_PACKET.
I'm not yet sure what's causing this problem but it will be obvious it's happening when honeybadger stops logging connection statistics...