Adds a configuration example for nflog support in suricata.yaml

author Giuseppe Longo <giuseppelng@gmail.com>

Sat, 14 Dec 2013 09:40:57 +0000 (10:40 +0100)

committer Victor Julien <victor@inliniac.net>

Fri, 23 May 2014 10:42:52 +0000 (12:42 +0200)
author Giuseppe Longo <giuseppelng@gmail.com>
Sat, 14 Dec 2013 09:40:57 +0000 (10:40 +0100)
committer Victor Julien <victor@inliniac.net>
Fri, 23 May 2014 10:42:52 +0000 (12:42 +0200)
diff --git a/suricata.yaml.in b/suricata.yaml.in

index 7cf9108e54ed669a8ffc4d59c84bb44235d59f13..780b9398160bd15a9f920982fb7c2993a3bfd5d9 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -290,6 +290,23 @@ nfq:
  #  batchcount: 20
  #  fail-open: yes
  
+#nflog support
+nflog:
+    # netlink multicast group
+    # (the same as the iptables --nflog-group param)
+    # Group 0 is used by the kernel, so you can't use it
+  - group: 2
+    # netlink buffer size
+    buffer-size: 18432
+    # put default value here
+  - group: default
+    # set number of packet to queue inside kernel
+    qthreshold: 1
+    # set the delay before flushing packet in the queue inside kernel
+    qtimeout: 100
+    # netlink max buffer size
+    max-size: 20000
+
  # af-packet support
  # Set threads to > 1 to use PACKET_FANOUT support
  af-packet:
author	Giuseppe Longo <giuseppelng@gmail.com>
	Sat, 14 Dec 2013 09:40:57 +0000 (10:40 +0100)
committer	Victor Julien <victor@inliniac.net>
	Fri, 23 May 2014 10:42:52 +0000 (12:42 +0200)