search

vipinpv85 / DPDK-Suricata_3.0

add dpdk interface and packet processing to suricata in worker mode
https://github.com/vipinpv85/DPDK-Suricata_3.0
GNU Lesser General Public License v3.0
62 stars 34 forks source link

Not able to view runmodes, intel ports etc #23

Closed rbalaji3 closed 4 years ago

rbalaji3 commented 4 years ago

Describe the bug Unable to runmodes from Suricata, ,But simply not able to view anything that happens. If I compile without DPDK, don't have the issue.

To Reproduce Steps to reproduce the behavior:

Rishikesh Balaji @rbalaji3 needs to update

Expected behavior Expected to view runmode output

Screenshots If applicable, add screenshots to help explain your problem. image

Details (please complete the following information):

vipinpv85 commented 4 years ago

Marking as invalid. as list-runmode works without any issue in this project

 # ./src/suricata --list-runmode
25/7/2020 -- 06:38:11 - <Notice> -  section (EAL) has entries 8
25/7/2020 -- 06:38:11 - <Notice> -  - name: (-l) value: (10-15)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (--base-virtaddr) value: (0x300000000000)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (--master-lcore) value: (10)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (--socket-mem) value: (128)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (--socket-limit) value: (2048)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (--log-level) value: (eal,1)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (-w) value: (0000:02:00.1)
25/7/2020 -- 06:38:11 - <Notice> -  - name: (-w) value: (0000:02:00.3)
25/7/2020 -- 06:38:11 - <Notice> - DPDK ACL setup

25/7/2020 -- 06:38:11 - <Notice> - DPDK ipv4AclCtx: 0x30007ffe9340 done!
25/7/2020 -- 06:38:11 - <Notice> - DPDK ipv6AclCtx: 0x30007ffe7ac0 done!
------------------------------------- Runmodes ------------------------------------------
| RunMode Type      | Custom Mode       | Description
|----------------------------------------------------------------------------------------
| DPDKINTEL         | workers           | Workers DpdkIntel mode, each thread does all tasks from decoding to logging. Acquistion is  done by seperate core per interface
|----------------------------------------------------------------------------------------
| PCAP_DEV          | single            | Single threaded pcap live mode
|                   ---------------------------------------------------------------------
|                   | autofp            | Multi threaded pcap live mode.  Packets from each flow are assigned to a single detect thread, unlike "pcap_live_auto" where packets from the same flow can be processed by any detect thread
|                   ---------------------------------------------------------------------
|                   | workers           | Workers pcap live mode, each thread does all tasks from acquisition to logging
|----------------------------------------------------------------------------------------
| PCAP_FILE         | single            | Single threaded pcap file mode
|                   ---------------------------------------------------------------------
|                   | autofp            | Multi threaded pcap file mode.  Packets from each flow are assigned to a single detect thread, unlike "pcap-file-auto" where packets from the same flow can be processed by any detect thread
|----------------------------------------------------------------------------------------
| PFRING(DISABLED)  | autofp            | Multi threaded pfring mode.  Packets from each flow are assigned to a single detect thread, unlike "pfring_auto" where packets from the same flow can be processed by any detect thread
|                   ---------------------------------------------------------------------
|                   | single            | Single threaded pfring mode
|                   ---------------------------------------------------------------------
|                   | workers           | Workers pfring mode, each thread does all tasks from acquisition to logging
|----------------------------------------------------------------------------------------
| NFQ               | autofp            | Multi threaded NFQ IPS mode with respect to flow
|                   ---------------------------------------------------------------------
|                   | workers           | Multi queue NFQ IPS mode with one thread per queue
|----------------------------------------------------------------------------------------
|----------------------------------------------------------------------------------------
| NFLOG             | autofp            | Multi threaded nflog mode
|                   ---------------------------------------------------------------------
|                   | single            | Single threaded nflog mode
|                   ---------------------------------------------------------------------
|                   | workers           | Workers nflog mode
|----------------------------------------------------------------------------------------
| IPFW              | autofp            | Multi threaded IPFW IPS mode with respect to flow
|                   ---------------------------------------------------------------------
|                   | workers           | Multi queue IPFW IPS mode with one thread per queue
|----------------------------------------------------------------------------------------
| ERF_FILE          | single            | Single threaded ERF file mode
|                   ---------------------------------------------------------------------
|                   | autofp            | Multi threaded ERF file mode.  Packets from each flow are assigned to a single detect thread
|----------------------------------------------------------------------------------------
| ERF_DAG           | autofp            | Multi threaded DAG mode.  Packets from each flow are assigned to a single detect thread, unlike "dag_auto" where packets from the same flow can be processed by any detect thread
|                   ---------------------------------------------------------------------
|                   | single            | Singled threaded DAG mode
|                   ---------------------------------------------------------------------
|                   | workers           | Workers DAG mode, each thread does all  tasks from acquisition to logging
|----------------------------------------------------------------------------------------
| AF_PACKET_DEV     | single            | Single threaded af-packet mode
|                   ---------------------------------------------------------------------
|                   | workers           | Workers af-packet mode, each thread does all tasks from acquisition to logging
|                   ---------------------------------------------------------------------
|                   | autofp            | Multi socket AF_PACKET mode.  Packets from each flow are assigned to a single detect thread.
|----------------------------------------------------------------------------------------
| NETMAP(DISABLED)  | single            | Single threaded netmap mode
|                   ---------------------------------------------------------------------
|                   | workers           | Workers netmap mode, each thread does all tasks from acquisition to logging
|                   ---------------------------------------------------------------------
|                   | autofp            | Multi threaded netmap mode.  Packets from each flow are assigned to a single detect thread.
|----------------------------------------------------------------------------------------
| UNIX_SOCKET       | single            | Unix socket mode
|----------------------------------------------------------------------------------------