suricata启动多个实例,监听不同网卡的报错
如下:
20/3/2018 -- 11:21:55 - - all 2 packet processing threads, 4 management threads initialized, engine started.
20/3/2018 -- 11:21:55 - - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
20/3/2018 -- 11:21:55 - - [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
20/3/2018 -- 11:21:55 - - [ERRCODE: SC_ERR_FATAL(171)] - thread W#01-tap0 failed
如下:
20/3/2018 -- 11:21:55 -
20/3/2018 -- 11:21:55 -
20/3/2018 -- 11:21:55 -
20/3/2018 -- 11:21:55 -
但是监听相同网卡启动多个实例是可以的,好吧,将多个网卡的数据汇聚到同一个网卡才可以,现在没想到别的方法
没有评论:
发表评论