Suricata
latest
1. 什么是Suricata
2. 安装
3. 命令行选项
4. Suricata规则
5. Rule Management
6. Making sense out of Alerts
7. Performance
7.1. Runmodes
7.2. Packet Capture
7.3. Tuning Considerations
7.4. Hyperscan
7.5. High Performance Configuration
7.6. Statistics
7.7. Ignoring Traffic
7.8. Packet Profiling
7.9. Rule Profiling
7.10. Tcmalloc
8. Configuration
9. Reputation
10. Init Scripts
11. Setting up IPS/inline for Linux
12. Setting up IPS/inline for Windows
13. 输出
14. Lua support
15. File Extraction
16. Public Data Sets
17. Using Capture Hardware
18. Interacting via Unix Socket
19. Man Pages
20. Acknowledgements
21. Licenses
Suricata
Docs
»
7. Performance
Edit on GitHub
7. Performance
¶
7.1. Runmodes
7.1.1. Different runmodes
7.2. Packet Capture
7.2.1. Load balancing
7.2.2. RSS
7.2.3. Offloading
7.2.4. Recommendations
7.3. Tuning Considerations
7.3.1. max-pending-packets: <number>
7.3.2. mpm-algo: <ac|hs|ac-bs|ac-ks>
7.3.3. detect.profile: <low|medium|high|custom>
7.3.4. detect.sgh-mpm-context: <auto|single|full>
7.4. Hyperscan
7.4.1. Introduction
7.4.2. Compilation
7.4.3. Using Hyperscan
7.4.4. Ubuntu Hyperscan Installation
7.4.4.1. libboost headers
7.4.4.2. Trusty
7.4.4.3. Hyperscan
7.5. High Performance Configuration
7.6. Statistics
7.6.1. stats.log file
7.6.1.1. Detecting packet loss
7.6.2. Kernel drops
7.6.3. Tools to plot graphs
7.7. Ignoring Traffic
7.7.1. capture filters (BPF)
7.7.2. pass rules
7.7.3. suppress
7.7.4. Encrypted traffic
7.8. Packet Profiling
7.9. Rule Profiling
7.10. Tcmalloc
7.10.1. Installation
7.10.2. Usage