Author: deri Date: 2010-10-30 17:56:56 +0200 (Sat, 30 Oct 2010) New Revision: 4384
Modified: trunk/PF_RING/kernel/pf_ring.c trunk/PF_RING/userland/snort/daq-0.2/api/Makefile trunk/PF_RING/userland/snort/daq-0.2/config.h trunk/PF_RING/userland/snort/daq-0.2/libtool trunk/PF_RING/userland/snort/daq-0.2/os-daq-modules/daq_pfring.c trunk/PF_RING/userland/snort/daq-0.2/sfbpf/Makefile Log: Added the ability in PF_RING to push filtering rule into the kernel via DAQ. This means that when a packet received by snort is marked as bad (the whole flow and not just the packet) PF_RING will not forward snort those packets belonging to the connection being dropped. This results in a great performance bump of snort, that is not responsible to wasting CPU cycles with flows that PF_RING has already stopped. _______________________________________________ Ntop-dev mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
