19. Using Capture Hardware

• 19.1. Endace DAG
• 19.2. Napatech
  • 19.2.1. Contents
  • 19.2.2. Introduction
  • 19.2.3. Package Installation
  • 19.2.4. Suricata Installation
  • 19.2.5. Suricata configuration
  • 19.2.6. Example Configuration - Auto-config without cpu-affinity:
  • 19.2.7. Example Configuration - Auto-config with cpu-affinity:
  • 19.2.8. Example Configuration - Manual Configuration
  • 19.2.9. Counters
  • 19.2.10. Napatech configuration options:
  • 19.2.11. Support
• 19.3. Myricom
  • 19.3.1. Debug Info
  • 19.3.2. Additional Info
• 19.4. eBPF and XDP
  • 19.4.1. Introduction
    • 19.4.1.1. XDP
  • 19.4.2. Requirements
  • 19.4.3. Prerequisites
    • 19.4.3.1. Disable irqbalance
    • 19.4.3.2. Kernel
    • 19.4.3.3. Clang and dependencies
    • 19.4.3.4. libbpf
  • 19.4.4. Compile and install Suricata
  • 19.4.5. Setup bypass
  • 19.4.6. Setup eBPF filter
  • 19.4.7. Setup eBPF bypass
  • 19.4.8. Setup eBPF load balancing
  • 19.4.9. Setup XDP bypass
    • 19.4.9.1. Intel NIC setup
    • 19.4.9.2. Disable any NIC offloading
    • 19.4.9.3. Balance as much as you can
    • 19.4.9.4. The XDP CPU redirect case
    • 19.4.9.5. Start Suricata with XDP
  • 19.4.10. Pinned maps usage
  • 19.4.11. XDP and pinned-maps
    • 19.4.11.1. Pinned maps and eBPF filter
  • 19.4.12. Hardware bypass with Netronome
  • 19.4.13. Getting live info about bypass
• 19.5. Netmap
  • 19.5.1. Compiling Suricata
    • 19.5.1.1. FreeBSD
    • 19.5.1.2. Linux
  • 19.5.2. Starting Suricata
    • 19.5.2.1. IDS
    • 19.5.2.2. IPS
  • 19.5.3. Advanced setups
  • 19.5.4. lb (load balance)
    • 19.5.4.1. FreeBSD 11
    • 19.5.4.2. Single NIC
    • 19.5.4.3. VALE switches
  • 19.5.5. Inline IDS