Giter Site home page Giter Site logo

haoqc / dpdk-suricata_3.0 Goto Github PK

View Code? Open in Web Editor NEW

This project forked from vipinpv85/dpdk-suricata_3.0

0.0 0.0 0.0 53.09 MB

add dpdk interface and packet processing to suricata in worker mode

Home Page: https://github.com/vipinpv85/DPDK-Suricata_3.0

License: GNU Lesser General Public License v3.0

Makefile 4.44% Shell 7.25% C 79.74% M4 0.75% Perl 0.30% Python 0.20% Perl 6 0.01% PHP 0.04% C++ 7.19% Objective-C 0.07% Cuda 0.02%

dpdk-suricata_3.0's Introduction

Purpose

dpdk-suricata

integerate dpdk PMD to suricata read method under worker mode

How to build DPDK?

  1. Download DPDK LTS https://fast.dpdk.org/rel/dpdk-17.11.3.tar.xz from dpdk.org.
  2. Untar DPDK and use make config T=x86_64-native-linuxapp-gcc O=x86_64-native-linuxapp-gcc.
  3. Build DPDK by
export RTE_SDK=$PWD; 
export RTE_TARGET=x86_64-native-linuxapp-gcc; 
cd x86_64-native-linuxapp-gcc, 
make -j 4
  1. Test the custom build by cross checking examples like helloworld & l2fwd.

How to build Suricata with DPDK?

  1. Download the project zip and unzip the contents.
  2. Execute cd DPDK-Suircata_3.0/suricata-3.0.
  3. If DPDK enviroment variables (RTE_TARGET & RTE_SDK) are present, use ./configure --enable-dpdkintel` or `./configure --sysconfdir=<mydesiredpath> --enable-dpdkintel
  4. If DPDK is installed as package or custom build directory, use ./configure --enable-dpdkintel --with-libdpdkintel-includes=<path to dpdk include> --with-libdpdkintel-libraries=<path to dpdk lib>

note: if there are build errors reporting for 'ld not found', please retry after running 'autoconf'

  1. Download the project zip and unzip the contents.
  2. If DPDK enviroment variables (RTE_TARGET & RTE_SDK)
a. are present:
cd DPDK-Suircata_3.0/suricata-3.0
autoconf
./configure --enable-dpdkintel or ./configure --enable-dpdkintel

or

./configure --enable-dpdkintel or ./configure --sysconfdir=<mydesiredpath> --enable-dpdkintel

b. not present and package installed as distribution. 
cd DPDK-Suircata_3.0/suricata-3.0
autoconf
./configure --enable-dpdkintel --with-libdpdkintel-includes=<path to  dpdk include> --with-libdpdkintel-libraries=<path to dpdk lib>

or 

./configure --sysconfdir=<mydesiredpath> --enable-dpdkintel --with-libdpdkintel-includes=<path to  dpdk include> --with-libdpdkintel-libraries=<path to dpdk lib>
  1. Build suricata-dpdk with make -j 10

Build Enviroment

  • gcc: Ubuntu 7.3.0-27ubuntu1~18.04
  • OS: 4.15.0-46-generic
  • debian version: Ubuntu 18.04.2 LTS

Test Run:

 - ./src/suricata --list-runmodes
 - ./src/suricata --list-dpdkintel-ports
 - ./src/suricata -c suricata.yaml -s <myrules.rules or user desired rules> --dpdkintel

Configuration

  1. IDS
#dpdkintel support
dpdkintel:

  inputs:
     - interface: 0
     - interface: 1

# Select dpdk intel operation mode ips|ids|bypass
       opmode: ids
  1. IPS
#dpdkintel support
dpdkintel:

  inputs:
     - interface: 0
       copy-interface: 1
     - interface: 1
       copy-interface: 0

# Select dpdk intel operation mode ips|ids|bypass
       opmode: ips

dpdk-suricata_3.0's People

Contributors

vipinpv85 avatar vvarghes avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.