search

vipinpv85 / DPDK-Suricata_3.0

add dpdk interface and packet processing to suricata in worker mode
https://github.com/vipinpv85/DPDK-Suricata_3.0
GNU Lesser General Public License v3.0
64 stars 34 forks source link

Can not init EAL correctly for unknown reason #25

Closed Leonardo-DiCaprio closed 4 years ago

Leonardo-DiCaprio commented 4 years ago

Hi,I have to get your help. I built DPDK-suricata without error(./configure --enable-dpdkintel --with-libdpdkintel-includes=/home/adm1n/dpdk/x86_64-native-linuxapp-gcc/include --with-libdpdkintel-libraries=/home/adm1n/dpdk/x86_64-native-linuxapp-gcc/lib && make )

My DPDK is build success, and the dpdk bind info is : Network devices using kernel driver

0000:00:1f.6 'Ethernet Connection (7) I219-LM 15bb' if=eno1 drv=e1000e unused=igb_uio Active

Other Network devices

0000:03:00.0 '82576 Gigabit Network Connection 10c9' unused=igb,igb_uio 0000:03:00.1 '82576 Gigabit Network Connection 10c9' unused=igb,igb_uio

And the suricata.yaml info is :

dpdkintel support

dpdkintel:

inputs:

Then whatever command I run with suricata(like "./src/suricata -h") I got the same error saying can not init EAL.

31/7/2020 -- 10:29:36 - - section (EAL) has entries 8 31/7/2020 -- 10:29:36 - - - name: (-l) value: (10-15) 31/7/2020 -- 10:29:36 - - - name: (--base-virtaddr) value: (0x300000000000) 31/7/2020 -- 10:29:36 - - - name: (--master-lcore) value: (10) 31/7/2020 -- 10:29:36 - - - name: (--socket-mem) value: (128) 31/7/2020 -- 10:29:36 - - - name: (--socket-limit) value: (2048) 31/7/2020 -- 10:29:36 - - - name: (--log-level) value: (eal,1) 31/7/2020 -- 10:29:36 - - - name: (-w) value: (0000:02:00.1) 31/7/2020 -- 10:29:36 - - - name: (-w) value: (0000:02:00.3)

Usage: suricata [options]

EAL common options: -c COREMASK Hexadecimal bitmask of cores to run on -l CORELIST List of cores to run on The argument format is [-c2][,c3[-c4],...] where c1, c2, etc are core indexes between 0 and 128 --lcores COREMAP Map lcore set to physical cpu set The argument format is 'lcores[@cpus][,lcores[@cpus]...]' lcores and cpus list are grouped by '(' and ')' Within the group, '-' is used for range separator, ',' is used for single number separator. '( )' can be omitted for single element group, '@' can be omitted if cpus and lcores have the same value -s SERVICE COREMASK Hexadecimal bitmask of cores to be used as service cores --master-lcore ID Core ID that is used as master --mbuf-pool-ops-name Pool ops name for mbuf to use -n CHANNELS Number of memory channels -m MB Memory to allocate (see also --socket-mem) -r RANKS Force number of memory ranks (don't detect) -b, --pci-blacklist Add a PCI device in black list. Prevent EAL from using this PCI device. The argument format is . -w, --pci-whitelist Add a PCI device in white list. Only use the specified PCI devices. The argument format is <[domain:]bus:devid.func>. This option can be present several times (once per device). [NOTE: PCI whitelist cannot be used with -b option] --vdev Add a virtual device. The argument format is [,key=val,...] (ex: --vdev=net_pcap0,iface=eth2). --iova-mode Set IOVA mode. 'pa' for IOVA_PA 'va' for IOVA_VA -d LIB.so|DIR Add a driver or driver directory (can be used multiple times) --vmware-tsc-map Use VMware TSC map instead of native RDTSC --proc-type Type of this process (primary|secondary|auto) --syslog Set syslog facility --log-level= Set global log level --log-level=: Set specific log level -v Display version information on startup -h, --help This help --in-memory Operate entirely in memory. This will disable secondary process support

EAL options for DEBUG use only: --huge-unlink Unlink hugepage files after init --no-huge Use malloc instead of hugetlbfs --no-pci Disable PCI --no-hpet Disable HPET --no-shconf No shared config (mmap'd files)

EAL Linux options: --socket-mem Memory to allocate on sockets (comma separated values) --socket-limit Limit memory allocation on sockets (comma separated values) --huge-dir Directory where hugetlbfs is mounted --file-prefix Prefix for hugepage filenames --base-virtaddr Base virtual address --create-uio-dev Create /dev/uioX (usually done by hotplug) --vfio-intr Interrupt mode for VFIO (legacy|msi|msix) --legacy-mem Legacy memory mode (no dynamic allocation, contiguous segments) --single-file-segments Put all hugepage memory in single files

EAL: FATAL: Invalid 'command line' arguments. 31/7/2020 -- 10:29:36 - - [ERRCODE: SC_ERR_MISSING_CONFIG_PARAM(118)] - DPDK EAL init -1 coredump

vipinpv85 commented 4 years ago

please check the readme, the commands that work are 


command | purpose
-- | --
./src/suricata --list-runmodes | get suricata version and supported modes
./src/suricata --list-dpdkintel-ports | list DPDK available ports
./src/suricata -c suricata.yaml --dpdkintel | Run DPDK suircata with mysuricata.cfg

if you still facing difficulty, a live debug is required. I am available on skype, google hangout, or zoom.

Leonardo-DiCaprio commented 4 years ago

whatever command I run with suricata I got the same error, including ./src/suricata --list-runmodes or ./src/suricata --list-dpdkintel-ports

Leonardo-DiCaprio commented 4 years ago

And here is config.log My DPDK version is 18.11.5 config.log

vipinpv85 commented 4 years ago

I have already shared if you still facing difficulty, a live debug is required. I am available on skype, google hangout, or zoom.. Decision is yours

[EDIT] I am waiting for your update

vipinpv85 commented 4 years ago

I have been waiting for your update, I did not get any invite. I assume your problem is similar to https://github.com/vipinpv85/DPDK-Suricata_3.0/issues/24. Hence requesting to check the same.

Leonardo-DiCaprio commented 4 years ago

I am really sorry for missing your message, I'd like to share a live debug with you. But will you give me a zoom meeting ID? I will join you whenever you are available.

vipinpv85 commented 4 years ago

i have made myself available now. You can reach me on zoom or skype.

vipinpv85 commented 4 years ago

what are your EAL parameters in dpdk-suricata.ini. Modify these from 

[EAL]
-l=10-15
--base-virtaddr=0x300000000000
--master-lcore=10
--socket-mem=128
--socket-limit=2048
--log-level=eal,1
-w=0000:02:00.1
-w=0000:02:00.3

to 

[EAL]
-l=1-5
--base-virtaddr=0x300000000000
--master-lcore=1
--socket-mem=128
--socket-limit=2048
--log-level=eal,8
Leonardo-DiCaprio commented 4 years ago

Yes! And It worked for me. Thanks my hero.

vipinpv85 commented 4 years ago

@Leonardo-DiCaprio if you had gone through the readme

Section purpose
EAL dpdk eal args
PORT-[0-X] specific configuration per port
ACL-IPV4 rule count or number of entires
ACL-IPV6 rule count or number of entires

same information is available ther3e