Hello all,
I’m pretty new to IDS and Ask a question
1、Use the Suricata master branch dependency after dpdk-19.11 compiles.
2、
./dpdk-devbind.py -b igb_uio 0000:05:00.0
./dpdk-devbind.py -b igb_uio 0000:06:00.0
./dpdk-devbind.py -b igb_uio 0000:07:00.0
./dpdk-devbind.py -b igb_uio 0000:08:00.0
3、
./dpdk-devbind.py --status-dev net
shows:
Network devices using DPDK-compatible driver
0000:05:00.0 ‘I211 Gigabit Network Connection 1539’ drv=igb_uio unused=igb
0000:06:00.0 ‘I211 Gigabit Network Connection 1539’ drv=igb_uio unused=igb
0000:07:00.0 ‘I211 Gigabit Network Connection 1539’ drv=igb_uio unused=igb
0000:08:00.0 ‘I211 Gigabit Network Connection 1539’ drv=igb_uio unused=igb
Network devices using kernel driver
0000:03:00.0 ‘I211 Gigabit Network Connection 1539’ if=enp3s0 drv=igb unused=igb_uio Active
0000:04:00.0 ‘I211 Gigabit Network Connection 1539’ if=enp4s0 drv=igb unused=igb_uio
4、
vim /usr/local/etc/suricata/suricata.yaml
dpdk:
eal-params:
proc-type: primary
DPDK capture support
RX queues (and TX queues in IPS mode) are assigned to cores in 1:1 ratio
interfaces:
- interface: 0000:05:00.0 # PCIe address of the NIC port
# Threading: possible values are either “auto” or number of threads
…
…
5、
Run suricata --dpdk
shows
[root@RFW dpdk-stable-19.11.11]# suricata --dpdk
[11304] 10/1/2022 – 20:44:44 - (suricata.c:1138) (LogVersion) – This is Suricata version 7.0.0-dev (93842aa 2022-01-03) running in SYSTEM mode
EAL: No available hugepages reported in hugepages-1048576kB
[11304] 10/1/2022 – 20:44:44 - (runmode-dpdk.c:334) (ConfigSetIface) – [ERRCODE: SC_ERR_DPDK_CONF(343)] - Interface “0000:05:00.0”: No such device
The reason for the error is to obtain the network port_id, all network ports are invalid (unbound), but I use ./dpdk-devbind.py binds the network port.
What are the other reasons?
