suricata how to enable netmap I211 igb interface
-
So I'm trying to get the netmap / inline mode of suricata working, but I'm not seeing the netmap option in the card settings.
my config is as follows;
igb0 cable modem / eth connection - weight 1 - Tier 1
igb1 fibre / pppoe connection - weight 2 - Tier 1
igb2 lagg0 - LAN
igb3 lagg0 - LANon a side note, does it matter the igb1 pppoe mtu is 1492 and igb0 eth 1500 from a load balancing perspective?
and how do i disable ipv6 on all of these?igb0@pci0:1:0:0: class=0x020000 card=0x00008086 chip=0x15398086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = 'I211 Gigabit Network Connection' class = network subclass = ethernet igb1@pci0:2:0:0: class=0x020000 card=0x00008086 chip=0x15398086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = 'I211 Gigabit Network Connection' class = network subclass = ethernet igb2@pci0:3:0:0: class=0x020000 card=0x00008086 chip=0x15398086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = 'I211 Gigabit Network Connection' class = network subclass = ethernet igb3@pci0:4:0:0: class=0x020000 card=0x00008086 chip=0x15398086 rev=0x03 hdr=0x00 vendor = 'Intel Corporation' device = 'I211 Gigabit Network Connection' class = network subclass = ethernet lagg0: flags=88b43<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST,STATICARP> metric 0 mtu 1500 description: LAN_20_MGMT options=8120b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER> ether 40:62:31:06:xx:xx inet6 fe80::4262:31ff:xxxx:xxxx%lagg0 prefixlen 64 scopeid 0x9 inet 192.168.xx.xx netmask 0xffffff00 broadcast 192.168.xx.255 inet 10.10.10.1 netmask 0xffffffff broadcast 10.10.10.1 laggproto lacp lagghash l2,l3,l4 laggport: igb2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> laggport: igb3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING> groups: lagg media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ifconfig igb0 igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN_SEC options=8120b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER> ether 40:62:31:06:xx:xx inet6 fe80::4262:31ff:xxxx:xxxx%igb0 prefixlen 64 scopeid 0x1 inet 62.143.197.238 netmask 0xfffffc00 broadcast 255.255.255.255 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ifconfig igb1 igb1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8120b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER> ether 40:62:31:06:xx:xx inet6 fe80::4262:31ff:xxxx:xxxx%igb1 prefixlen 64 scopeid 0x2 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> igb1.1066: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 40:62:31:06:xx:xx inet6 fe80::4262:31ff:xxxx:xxxx%igb1.1066 prefixlen 64 scopeid 0x11 groups: vlan vlan: 1066 vlanpcp: 0 parent interface: igb1 media: Ethernet autoselect (1000baseT <full-duplex>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> pppoe0: flags=89d1<UP,POINTOPOINT,RUNNING,NOARP,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1492 inet xx.xx.xx.xx --> xx.xx.xx.xx netmask 0xffffffff inet6 fe80::4262:31ff:xxxx:xxxx%pppoe0 prefixlen 64 scopeid 0x12 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
-
Netmap (and thus Inline IPS Mode) is incompatible with your WAN because netmap does not support a PPPoE interface, and it is incompatible with your LAN because LAGG interfaces are not fully supported. It might work, but I would anticipate you having issues with LAGG.
-
@bmeeks it doesn't allow it, as it says the interface is not supported, but thanks for the confirmation