因为工作遇到的困难,我向suricata的某个作者发送了邮件。

On Wed, Sep 11, 2013 at 8:22 AM, likeyi <929812468@qq.com> wrote:
Dear Tom DeCanio:
Very glad to see you, I am now reading the source code that writed by you.
I am a user for this source code, and now I have met some problems.
One is that I found when I configure the suricata as IDS mode, It's run
fast, But when I configure the suricata as IPS mode,it is very slowly.

And I found that it is "MpipeFreePacket" function cause that, and I want to know why.

Thank you very much.

很幸运的,Tom Decanio回复了邮件。

Nice to meet you as well.

 
Its been quite a while since I played with this code. I seem to remember that my benchmark comparisons between IDS and IPS mode seemed to indicate that there was about a 10-15% penalty for running in IPS mode, which I didn't think was too bad. I don't know if you are seeing something similar.
 
When running IDS mode freeing a packet results in a simple write to a hardware register to free the packet back to a stack. Actually transmitting that requires queueing the packet for transmission out the egress port. I've not looked recently, but I believe the gxio_mpipe_equeue_put implementation actually requires synchronization between all of the suricata worker threads doing output so there might be lock contention within the routine. Again this is from memory as I haven't looked at this in a while.
 
I believe that Tilera has modified this part of the code somewhat, and removed quite a bit of functionality in the process. I haven't benchmarked the suricata code being delivered by Tilera.
 
Good luck with Suricata on Tilera.
 
Regards;
Tom
然后我又做了如下回复。
Thank you very much, to be honest, seeing 0:03 reply to my mail, I am very grateful.
Then I realized that China is at midnight,and the United States just at noon, right? You are in the U.S.?
Your e-mail I received very excited, it reminds me of the feeling of pen pals, especially when chatting with foreigners.
I hope you know that when I was in China will not be too surprised that China is developing rapidly, welcome to travel to China.

【工作备忘】suricata的更多相关文章

  1. 工作T-SQL备忘

    作为一个"浸淫" Oracle 数据库很久的人来说, 突然转入 T-SQL, 也就是 MSSQL , 工作中经常用的查询和 MSMS 使用备忘如下 : --1. 切换对应的库连接 ...

  2. 工作效率-十五分钟让你快速学习Markdown语法到精通排版实践备忘

    关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 文章目录: 0x00 前言简述 ...

  3. Nmap备忘单:从探索到漏洞利用(Part 4)

    这是我们的Nmap备忘单的第四部分(Part 1. Part 2. Part 3).本文中我们将讨论更多东西关于扫描防火墙,IDS / IPS 逃逸,Web服务器渗透测试等.在此之前,我们应该了解一下 ...

  4. SSO之CAS备忘

    http://blog.chinaunix.net/uid-28380443-id-4740103.html 自己负责的公司基于CAS单点登录平台架构已经上线运行,很多细节的东西是时候备忘一下了,开源 ...

  5. 编写Windows Service 备忘

    项目需求要做一个定时扫表,将按条件查询到的数据插入或者更新到另一个数据表的需求,老大要求让用window service来做 因为以前没有做过,把这次的经历写出来.作为备忘. 1.什么是windows ...

  6. Npm vs Yarn 之备忘大全

    有则笑话,如此讲到:"老丈人爱吃核桃,昨天买了二斤陪妻子送去,老丈人年轻时练过武,用手一拍核桃就碎了,笑着对我说:你还用锤子,你看我用手就成.我嘴一抽,来了句:人和动物最大的区别就是人会使用 ...

  7. AngularJS之备忘与诀窍

    译自:<angularjs> 备忘与诀窍 目前为止,之前的章节已经覆盖了Angular所有功能结构中的大多数,包括指令,服务,控制器,资源以及其它内容.但是我们知道有时候仅仅阅读是不够的. ...

  8. linux 指令备忘

    linux 指令备忘 1.ls [选项] [目录名 | 列出相关目录下的所有目录和文件 -a 列出包括.a开头的隐藏文件的所有文件 -A 通-a,但不列出"."和"..& ...

  9. 备忘:移植ucos-III到stm32f103c8t6

    由于本人对linux系统内核这块比较感兴趣,下一份工作想做linux驱动相关的:于是最近一旦有空都在研究linux内核源码,面对linux内核这个庞然大物,越看越觉得不能太过急躁,且由于还要工作,只能 ...

随机推荐

  1. Codeforces Round #272 (Div. 2) C. Dreamoon and Sums (数学 思维)

    题目链接 这个题取模的时候挺坑的!!! 题意:div(x , b) / mod(x , b) = k( 1 <= k <= a).求x的和 分析: 我们知道mod(x % b)的取值范围为 ...

  2. android开发找不到模拟器(PANIC: Could not open:)解决办法

    android开发找不到模拟器(PANIC: Could not open:)解决办法   2013/4/3 17:44:15 0人评论 213次浏览 分类:android开发 在系统环境变量设置名为 ...

  3. UVa 1607 (二分) Gates

    这道题真的有点“神”啊.= ̄ω ̄= 因为输入都是x,所以整个电路的功能一共就四种:0, 1, x,!x 所以就确定了这样一个事实:如果电路的输出是常数,那么所有的输入都可以优化成常数. 否则,只需要将 ...

  4. UVa 10115 Automatic Editing

    字符串题目就先告一段落了,又是在看balabala不知道在说些什么的英语. 算法也很简单,用了几个库函数就搞定了.本来还担心题里说的replace-by为空的特殊情况需要特殊处理,后来发现按一般情况处 ...

  5. Linux磁盘占用100%解决方法

    /opt分区被web日志堆满了,导致一些服务无法正常运行,于是rm -fr掉这些日志(近11GB),但是服务仍没有恢复正常,用df -hT看,该分区占用还是100%: [root@anjing opt ...

  6. 旧书重温:0day2【3】 详细解读PEB法 查找kener32地址

    题外话:上一篇文章中的 PEB法查找kerner32地址的方法 对TEB.PEB .PE结构 知识要求很高,确实在写汇编代码时候小编 感觉自己能力,信手啪啪一顿乱撸,结果一运行,非法访问了,没办法翻阅 ...

  7. Android telnet RPi 2B

    /************************************************************************* * Android telnet RPi 2B * ...

  8. UVALive 5713 Qin Shi Huang's National Road System秦始皇修路(MST,最小瓶颈路)

    题意: 秦始皇要在n个城市之间修路,而徐福声可以用法术位秦始皇免费修1条路,每个城市还有人口数,现要求徐福声所修之路的两城市的人口数之和A尽量大,而使n个城市互通需要修的路长B尽量短,从而使得A/B最 ...

  9. erl0008 - unicode 和 utf-8之间的关系

    转载:http://blog.jobbole.com/84903/ 原文出处: 卢钧轶   欢迎分享原创到伯乐头条 本文将简述字符集,字符编码的概念.以及在遭遇乱码时的一些常用诊断技巧. 背景:字符集 ...

  10. 让ecshop编辑器功能更强大

    ecshop后台的商品编辑和文章编辑使用的是FCKEDITOR 编辑器, 这个FCKEDITOR的工具条(toolbar)是可以自定义的,ECSHOP默认使用的是 normal ,属于中档功能, 下面 ...