[Snort-users] why there is netmap module in daq but doesn't has netmap in doc ?

Dorian ROSSE dorianbrice at hotmail.fr
Wed May 15 14:52:14 EDT 2019


Interesting,

Thank you,

I will try from your copy paste,

Regards.


Dorian Rosse

Télécharger Outlook pour Android<https://aka.ms/ghei36>

________________________________
From: Al Lewis (allewi) <allewi at cisco.com>
Sent: Wednesday, May 15, 2019 8:19:05 PM
To: Dorian ROSSE; snort-users at lists.snort.org
Subject: Re: [Snort-users] why there is netmap module in daq but doesn't has netmap in doc ?

Have you looked at the README file included with the DAQ download?

Netmap Module
=============

The netmap project is a framework for very high speed packet I/O.  It is
available on both FreeBSD and Linux with varying amounts of preparatory
setup required.  Specific notes for each follow.

    ./snort --daq netmap -i <device>
            [--daq-var debug]

If you want to run netmap in inline mode, you must craft the device string as
one or more interface pairs, where each member of a pair is separated by a
single colon and each pair is separated by a double colon like this:

    em1:em2

or this:

    em1:em2::em3:em4

Inline operation performs Layer 2 forwarding with no MAC filtering, akin to the
AFPacket module's behavior.  All packets received on one interface in an inline
pair will be forwarded out the other interface unless dropped by the reader and
vice versa.

IMPORTANT: The interfaces will need to be up and in promiscuous mode in order to
function ('ifconfig em1 up promisc').  The DAQ module does not currently do
either of these configuration steps for itself.



From: Snort-users <snort-users-bounces at lists.snort.org> on behalf of Dorian ROSSE via Snort-users <snort-users at lists.snort.org>
Reply-To: Dorian ROSSE <dorianbrice at hotmail.fr>
Date: Wednesday, May 15, 2019 at 12:14 PM
To: "snort-users at lists.snort.org" <snort-users at lists.snort.org>
Subject: [Snort-users] why there is netmap module in daq but doesn't has netmap in doc ?

Hello everybody,


Why there is netmap module in daq but doesn't has netmap in doc ?

Thank you in advance to lighter me,

Regards.


Dorian ROSSE.

Provenance : Courrier<https://go.microsoft.com/fwlink/?LinkId=550986> pour Windows 10

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190515/39c7fda2/attachment.html>


More information about the Snort-users mailing list