[Bro] PF_Ring
Dave Crawford
bro at pingtrip.com
Tue Feb 7 16:09:25 PST 2017
Are there any performance benefits over compiling Bro with pf_ring (--with-pcap=*) versus using the Bro pf_ring plugin?
Additionally, if I’m using the ZC drivers (with zbalance_ipc clusters) is the plugin compatible or do I still need to compile Bro with the —with-pcap option?
Also, this documentation is a tad outdated at this point:
https://www.bro.org/sphinx-git/configuration/index.html <https://www.bro.org/sphinx-git/configuration/index.html>
Thanks!
-Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170207/54547dc6/attachment.html
More information about the Bro
mailing list