Menu
▾
▴
Re: [Snort-inline-users] snort-inline Packet Drops!!!
|
From: Murugavel T. <tmu...@gm...> - 2005-01-12 06:50:21
|
HI We are trying to run multiple instances . internet ----- snort-inline---- Internal Network Snort-inline box has 2 fibre card which is running in bridge mode. Our objective is to make use of other CPUs and increase the performance. 2 insatnce running with different network segment. We are not getting any error message like 16. Any suggestion welcome. Regards velu On Tue, 11 Jan 2005 10:21:41 -0600, William Metcalf <Wil...@kc...> wrote: > > > Multiple interface should be OK, i.e. multiple bridges, because even if you > are Queueing from multiple interfaces, all of the traffic is going to the > same QUEUE target in iptables. He was talking about running multiple > instances of snort_inline trying to hook into the ip_queue module which will > not work. If you start up multiple instances of snort_inline you will > receive an error message 16 indicating that another application already has > control of the QUEUE. > > Regards, > > Will > Jason <sec...@br...> > > > > Jason <sec...@br...> > > 01/11/2005 02:01 AM > > > To > William Metcalf <Wil...@kc...> > > > cc > Murugavel Thiruvengadam <tmu...@gm...>, "Dale L. Handy P.E." > <dh...@ni...>, sno...@li..., > sno...@li... > > > Subject > Re: [Snort-inline-users] snort-inline Packet Drops!!! > > Do you know if any testing has been done with multiple interfaces? I > would think that the bridging code would handle sending the packet out > the correct interface after snort-inline has decided it is ok and puts > it back into the queue. > > ?? > > William Metcalf wrote: > > You cannot run multiple instances of snort-inline, only one instance is > > allowed to hook into ip_queue. > > > > Regards, > > > > Will > > -- Regards Muruga>>----le> "Success comes to the person who does today" |
