aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adds a configuration example for nflog support in suricata.yaml

Browse Source
pull/976/merge
Giuseppe Longo 12 years ago committed by Victor Julien
parent 4851568a41
commit 62aaae24fd
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File

17
suricata.yaml.in
Unescape Escape View File

@ -290,6 +290,23 @@ nfq:
# batchcount: 20 # batchcount: 20
# fail-open: yes # fail-open: yes
#nflog support
nflog:
# netlink multicast group
# (the same as the iptables --nflog-group param)
# Group 0 is used by the kernel, so you can't use it
- group: 2
# netlink buffer size
buffer-size: 18432
# put default value here
- group: default
# set number of packet to queue inside kernel
qthreshold: 1
# set the delay before flushing packet in the queue inside kernel
qtimeout: 100
# netlink max buffer size
max-size: 20000
# af-packet support # af-packet support
# Set threads to > 1 to use PACKET_FANOUT support # Set threads to > 1 to use PACKET_FANOUT support
af-packet: af-packet:

Write Preview
Loading…
Cancel
Save