Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata 3.0 Inline Mode & Traffic Shaping

    Scheduled Pinned Locked Moved IDS/IPS
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      ghkrauss
      last edited by

      I like to hear from anyone who is successfully using traffic shaping with Suricata 3.0 in the Inline Mode. In particular are you able to achieve positive results? Have you used the CODELQ scheme? My shaping works fine in the Legacy Mode for Suricata but not the Inline Mode.

      Traffic shaping in general does not seem to be working in the Inline Mode for Suricata 3.0

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        There appear to be unintended and "fatal to connectivity" interactions between the shaper/limiter and the new Netmap driver compiled into the pfSense 2.3 kernel.  A bug report is open on the problem and has been assigned to one of the kernel developers on the pfSense project.  When Suricata runs with the new inline IPS mode it is using the new Netmap driver.  This is causing issues with the shaper.

        Bill

        1 Reply Last reply Reply Quote 0
        • G
          ghkrauss
          last edited by

          Bill:

          Thanks for the update. You have confirmed the issue.

          Howard

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.