[Bro] PF_RING Help Needed
Philip Romero
promero at cenic.org
Thu Oct 12 14:31:13 PDT 2017
I comment out all the [manger], [proxy-1], and [worker-1] lines
(including the names) below and re-enable the below standalone [bro] lines.
[bro]
type=standalone
host=localhost
interface=ens2f0
On 10/12/17 2:22 PM, Azoff, Justin S wrote:
>> On Oct 12, 2017, at 5:14 PM, Philip Romero <promero at cenic.org> wrote:
>>
>> All,
>>
>> I've been meaning to get PF_RING going for a while and am now trying to focus on getting it working. Until now I've been running the "standalone" [bro] config at the top of my node.cfg output below. I've been thru the past threads and came across some info related to output that might confirm if pf_ring and bro were compiled together correctly. Below I've add the output of some of the commands suggested for input on troubleshooting the issue.
>> I suspect an error in some part of my config or setup since I don't get any usable logs when the load-balance/pf_ring node.cfg setting are enabled. If I comment them out and do a broctl deploy usable logs immediately appear in my log directory. Any hints or suggestions as to why my pf_ring configuration is not working would be greatly appreciated. Let me know if any additional details I need to provide would help shed some light on my issue.
> Can you clarify specifically which lines you are commenting out? Does the below configuration work?
>
> [manager]
> type=manager
> host=localhost
>
> [proxy-1]
> type=proxy
> host=localhost
>
> [worker-1]
> type=worker
> host=localhost
> interface=ens2f0
>
> —
> Justin Azoff
>
>
--
Philip Romero, CISSP, CISA
Sr. Information Security Analyst
CENIC
promero at cenic.org
Phone: (714) 220-3430
Mobile: (562) 237-9290
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171012/e09b2d68/attachment.html
More information about the Bro
mailing list