Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Jul 2021 11:16:26 -0400
From:      mike tancsa <mike@sentex.net>
To:        Carlos Lopez <clopmz@outlook.com>
Cc:        "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Subject:   Re: Suricata 6.0.3 process never stops under FreeBSD 13-p3
Message-ID:  <199770f2-a996-32ea-9334-f2dad6972b14@sentex.net>
In-Reply-To: <C1B9ABCD-8752-4EFF-8EF9-2980ECF7B4E0@outlook.com>
References:  <2B994648-59D6-4F68-B4C8-0D8FB1CA5B87@outlook.com> <04839bf2-1d6b-1d46-3ac1-02a561d72d58@sentex.net> <C1B9ABCD-8752-4EFF-8EF9-2980ECF7B4E0@outlook.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 7/22/2021 9:41 AM, Carlos Lopez wrote:
>
>
>> On 22 Jul 2021, at 15:37, mike tancsa <mike@sentex.net
>> <mailto:mike@sentex.net>> wrote:
>>
>> On 7/21/2021 3:33 AM, Carlos Lopez wrote:
>>> Good morning,
>>>
>>> I have installed Suricata 6.0.3 under FreeBSD 13-p3 host from source
>>> using the following comp=C3=ACle options:
>>>
>>> ./configure --prefix=3D/opt/suricata --sysconfdir=3D/etc
>>> --localstatedir=3D/var --disable-gccmarch-native --enable-profiling
>>> --enable-profiling-locks --enable-netmap --enable-pie --enable-rust
>>> --enable-gccprotect --disable-suricata-update.
>>>
>>> All works ok except when I try to stop suricata process:
>>>
>> I have the same problem, but also have a problem with the daemon no
>> longer generating alerts. It will work for a few min to hours and then=

>> it just stops.=C2=A0 Apart from the graceful shutdown, does it actuall=
y work
>> for you for any long period of time ?
>>
>> =C2=A0=C2=A0=C2=A0 =E2=80=94Mike
>>
>
> Hi MIke,
>
> =C2=A0In my case, Suricata triggers alerts, detects anomaly traffic, sh=
ow
> statistics, etc =E2=80=A6 all It seems to work ok, except when I am try=
ing to
> stop the daemon.
>
> =C2=A0I am using virtue Nic drivers and autofp as a runmode option.
>
> =C2=A0IMO problem is related to this
> issue:=C2=A0https://redmine.openinfosecfoundation.org/issues/4478
> <https://redmine.openinfosecfoundation.org/issues/4478>;
>
Thanks, that sure sounds like the problem I am seeing in issue 4478. It
looks like both netmap and non netmap modes shows the problem :(=C2=A0 Wh=
at
nic drivers are you using ? I was testing both in a VM and on actual
hardware and had the same results on RELENG_12 and RELENG_11 using igb NI=
Cs

=C2=A0=C2=A0=C2=A0 ---Mike


>
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199770f2-a996-32ea-9334-f2dad6972b14>