* [PATCH] suricata: Limit to a maximum of "16" netfilter queues.
@ 2019-05-19 16:52 Stefan Schantl
2019-05-20 17:01 ` Kienker, Fred
0 siblings, 1 reply; 2+ messages in thread
From: Stefan Schantl @ 2019-05-19 16:52 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 946 bytes --]
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
src/initscripts/system/suricata | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata
index 38b6a40d8..5a567f2d7 100644
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -6,7 +6,7 @@
#
# Author : Stefan Schantl <stefan.schantl(a)ipfire.org>
#
-# Version : 01.01
+# Version : 01.02
#
# Notes :
#
@@ -50,7 +50,13 @@ function get_cpu_count {
[ "$line" ] && [ -z "${line%processor*}" ] && ((CPUCOUNT++))
done </proc/cpuinfo
- echo $CPUCOUNT
+ # Limit to a maximum of 16 cores, because suricata does not support more than
+ # 16 netfilter queues at the moment.
+ if [ $CPUCOUNT -gt "16" ]; then
+ echo "16"
+ else
+ echo $CPUCOUNT
+ fi
}
# Function to flush the firewall chains.
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* RE: [PATCH] suricata: Limit to a maximum of "16" netfilter queues.
2019-05-19 16:52 [PATCH] suricata: Limit to a maximum of "16" netfilter queues Stefan Schantl
@ 2019-05-20 17:01 ` Kienker, Fred
0 siblings, 0 replies; 2+ messages in thread
From: Kienker, Fred @ 2019-05-20 17:01 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1238 bytes --]
Thank you SO much for this! Cleared up all of my problems with high core
count firewalls.
Best regards,
Fred
-----Original Message-----
From: Stefan Schantl <stefan.schantl(a)ipfire.org>
Sent: 19 May, 2019 12:52
To: development(a)lists.ipfire.org
Subject: [PATCH] suricata: Limit to a maximum of "16" netfilter queues.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
src/initscripts/system/suricata | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/initscripts/system/suricata
b/src/initscripts/system/suricata index 38b6a40d8..5a567f2d7 100644
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -6,7 +6,7 @@
#
# Author : Stefan Schantl <stefan.schantl(a)ipfire.org>
#
-# Version : 01.01
+# Version : 01.02
#
# Notes :
#
@@ -50,7 +50,13 @@ function get_cpu_count {
[ "$line" ] && [ -z "${line%processor*}" ] && ((CPUCOUNT++))
done </proc/cpuinfo
- echo $CPUCOUNT
+ # Limit to a maximum of 16 cores, because suricata does not
support more than
+ # 16 netfilter queues at the moment.
+ if [ $CPUCOUNT -gt "16" ]; then
+ echo "16"
+ else
+ echo $CPUCOUNT
+ fi
}
# Function to flush the firewall chains.
--
2.20.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-05-20 17:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-05-19 16:52 [PATCH] suricata: Limit to a maximum of "16" netfilter queues Stefan Schantl
2019-05-20 17:01 ` Kienker, Fred
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox