Hi all,
Recently I have some problems with Bro and PF_RING in cluster.
On my server, when I have less than 32 worker threads(rings),
everything is okay, but when I use worker threads more than 32, pf_ring
start to receive repeating data packets. For example, rings less than 32, I
send 400000 packets to server and pf_ring info in /proc shows there is
400000 packets in rings, but when rings greater than 32, I can get 800000
packets when 33 rings and 1200000 packets when 34 rings and so on.
I guess if there is some rules that a pf_ring or a bro cluster can only
support less than 32 rings or worker threads on a server or some other
reasons?
Any insight would be helpful.
Hello there,
Has anybody got success in cross compiling bro for mips core,
specifically as Cavium's Octeon binary (simple executive) ?
I have looked around but did not find any pointer on this information.
Does not look straightforward to me. Can somebody help providing any
information/tips/notes on this if you have tried it before ?
I appreciate your time on helping out this.
-Anant
Hello,
If I installed Bro using the package manager, made sure that the GeoIP
databases are in the right place, what else do I need to make it work,
or does Bro need to be compiled from source for it to have support for
GeoIP?
I've done the test at [1] and it returned the error.
Thanks,
https://www.bro.org/sphinx/frameworks/geoip.html#geolocation
--
-finid-
Sent from my containerized Linux desktop
----------------------------------------
Interestingly, a Nessus scan now crashes bro...I can replicate this on
one machine, so, how do I tell bro not to listen to all interfaces, and
just localhost? It's a standalone instance. Thank you.
James
Hi George,
Thanks for the reminder. I've uploaded the newer versions to PyPI.
Please let me know if you run into any issues.
Thanks,
--Vlad
George Macon <George.Macon(a)gtri.gatech.edu> writes:
> The PySubnetTree library was uploaded to PyPI in 2014 when it was on
> version 0.23; this is still the most recent version on PyPI. This had
> been originally requested in the GitHub Issue #1, which I note was never
> closed. I asked on IRC where the appropriate place to ask about getting
> the most recent version uploaded and was directed to the mailing list.
> Can whoever controls the "bro" account on PyPI upload the newest version
> of PySubnetTree?
>
> Thanks,
> George
> _______________________________________________
> Bro mailing list
> bro(a)bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro