Hi Lukas,
many thanks for your feedback.
Yes, the first application is OVS with DPDK.
Have you ever tested OVS\dpdk with Suricata\dpdk?
is it possible to apply this schema in IPS inline mode?
I would think to something like this:
[IF] → OVS → DPDK_APP1 → `DPDK_Suricata → …
and I was thinking to attach Suricata to a tap device
[IF] ↔ [OVS\DPDK] - [TAP] ↔ `Suricata ↔ …
but it is not working. In my system I can use tap and OVS with or without dpdk, that’s usually not a problem.
Do you know if Suricata supports tun\tap devices?
From my test it doesn’t seem to work even in a “normal” environment without dpdk.
TAPI hardware is not possible.
I’m testing your branch.