Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Ken Steele 316190c6b9 Add TILE-Gx mPIPE packet processing support. ... The TILE-Gx processor includes a packet processing engine, called mPIPE, that can deliver packets directly into user space memory. It handles buffer allocation and load balancing (either static 5-tuple hashing, or dynamic flow affinity hashing are used here). The new packet source code is in source-mpipe.c and source-mpipe.h A new Tile runmode is added that configures the Suricata pipelines in worker mode, where each thread does the entire packet processing pipeline. It scales across all the Gx chips sizes of 9, 16, 36 or 72 cores. The new runmode is in runmode-tile.c and runmode-tile.h The configure script detects the TILE-Gx architecture and defines HAVE_MPIPE, which is then used to conditionally enable the code to support mPIPE packet processing. Suricata runs on TILE-Gx even without mPIPE support enabled. The Suricata Packet structures are allocated by the mPIPE hardware by allocating the Suricata Packet structure immediatley before the mPIPE packet buffer and then pushing the mPIPE packet buffer pointer onto the mPIPE buffer stack. This way, mPIPE writes the packet data into the buffer, returns the mPIPE packet buffer pointer, which is then converted into a Suricata Packet pointer for processing inside Suricata. When the Packet is freed, the buffer is returned to mPIPE's buffer stack, by setting ReleasePacket to an mPIPE release specific function. The code checks for the largest Huge page available in Linux when Suricata is started. TILE-Gx supports Huge pages sizes of 16MB, 64MB, 256MB, 1GB and 4GB. Suricata then divides one of those page into packet buffers for mPIPE. The code is not yet optimized for high performance. Performance improvements will follow shortly. The code was originally written by Tom Decanio and then further modified by Tilera. This code has been tested with Tilera's Multicore Developement Environment (MDE) version 4.1.5. The TILEncore-Gx36 (PCIe card) and TILEmpower-Gx (1U Rack mount).		13 years ago
benches	Initial add of the files.	17 years ago
contrib	Add one shot run option to suri-graphite.	13 years ago
doc	Update docs from wiki	13 years ago
m4	Prelude plugin: add detection in configure script	16 years ago
qa	coccinelle: dynamic testing through make check	13 years ago
rules	vlan: add rule for new 'too many layers' event	13 years ago
scripts	suricatasc: fix make distcheck.	13 years ago
src	Add TILE-Gx mPIPE packet processing support.	13 years ago
.gitignore	add configure summary to build-info output	13 years ago
COPYING	Initial add of the files.	17 years ago
ChangeLog	Update changelog for 2.0beta1	13 years ago
LICENSE	import of gplv2 LICENSE	16 years ago
Makefile.am	autotools: workaround on partial cleaning	13 years ago
Makefile.cvs	Initial add of the files.	17 years ago
acsite.m4	Added C99 defs/macros to acsite.m4 for CentOS	17 years ago
autogen.sh	OpenBSD 5.2 build fixes, Unit test fix.	13 years ago
classification.config	Import of classification.config	16 years ago
config.rpath	Add file needed for some autotools version.	13 years ago
configure.ac	Fix typo in configure.ac echo message	13 years ago
doxygen.cfg	Adding an updated doxygen config file, because the old one was created a couple major versions ago.	13 years ago
mkinstalldirs	Update autojunk.sh + build update.	16 years ago
reference.config	Add md5 to reference.config.	14 years ago
suricata.yaml.in	Add TILE-Gx mPIPE packet processing support.	13 years ago
threshold.config	threshold: improve comments of shipped threshold.config, add links to wiki.	13 years ago