CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

handle thread count for suricata and default max-pending-packets to 5000 - https://github.com/Security-Onion-Solutions/securityonion/issues/1460

Browse Source
This commit is contained in:
m0duspwnens
2020-10-06 13:57:50 -04:00
parent 1b3eca80d7
commit 34dfc809c7
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/suricata/afpacket.map.jinja
View File

@@ -5,6 +5,7 @@ af-packet:
cluster-type: cluster_flow cluster-type: cluster_flow
defrag: yes defrag: yes
use-mmap: yes use-mmap: yes
threads: {{ salt['pillar.get']('sensor:suriprocs', salt['pillar.get']('sensor:suripins') | length) }}
tpacket-v3: yes tpacket-v3: yes
ring-size: {{ salt['pillar.get']('sensor:suriringsize', '2048') }} ring-size: {{ salt['pillar.get']('sensor:suriringsize', '2048') }}
- interface: default - interface: default

2
salt/suricata/defaults.yaml
View File

@@ -345,7 +345,7 @@ suricata:
coredump: coredump:
max-dump: unlimited max-dump: unlimited
host-mode: auto host-mode: auto
max-pending-packets: 1024 max-pending-packets: 5000
runmode: workers runmode: workers
#autofp-scheduler: hash #autofp-scheduler: hash
default-packet-size: 1500 default-packet-size: 1500