New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sosetup-network: replace ifconfig with iproute2's ip tool #436

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 6 comments

Comments

Projects
None yet
1 participant
@GoogleCodeExporter

GoogleCodeExporter commented Mar 24, 2015

Small patch attached.

1.) Patch enables the BPF JIT compiler via sysctl. 
BPF JIT offers around approximately 50ns speedup for BPF image executions per 
packet. [1][2]

[1] https://lwn.net/Articles/437981/
[2] http://carnivore.it/2011/12/28/bpf_performance

2.) Patch also standardizes on one interface configuration tool. A combination 
of ifconfig(1) and ip(1) were used.
My patch for sosetup-network removes the deprecated ifconfig(1) in favor of 
iproute2's  newer and better suited ip(1) tool. [1]

[1] http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2

Thanks
Jon

Original issue reported on code.google.com by jonsch...@gmail.com on 10 Dec 2013 at 1:42

Attachments:

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Thanks for the patch.

Perhaps we should standardize and put the BPF JIT config in 
/etc/sysctl.d/10-securityonion.conf?

Original comment by doug.bu...@gmail.com on 11 Dec 2013 at 2:17

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Thanks for the patch.

Perhaps we should standardize and put the BPF JIT config in 
/etc/sysctl.d/10-securityonion.conf?

Original comment by doug.bu...@gmail.com on 11 Dec 2013 at 2:17

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Ah, yes, that would be a good idea :)

Original comment by jonsch...@gmail.com on 11 Dec 2013 at 6:50

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Ah, yes, that would be a good idea :)

Original comment by jonsch...@gmail.com on 11 Dec 2013 at 6:50

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

OK, so let's split that out to a separate issue since 
/etc/sysctl.d/10-securityonion.conf is in the 
securityonion-nsmnow-admin-scripts package.

Created Issue 440.

Original comment by doug.bu...@gmail.com on 11 Dec 2013 at 6:57

  • Changed title: sosetup-network: replace ifconfig with iproute2's ip tool
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

OK, so let's split that out to a separate issue since 
/etc/sysctl.d/10-securityonion.conf is in the 
securityonion-nsmnow-admin-scripts package.

Created Issue 440.

Original comment by doug.bu...@gmail.com on 11 Dec 2013 at 6:57

  • Changed title: sosetup-network: replace ifconfig with iproute2's ip tool
  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Any particular reason why we need to turn arp on when bringing the interface 
down?

down ip link set \$IFACE promisc off arp on down

Original comment by doug.bu...@gmail.com on 14 Dec 2013 at 9:51

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Any particular reason why we need to turn arp on when bringing the interface 
down?

down ip link set \$IFACE promisc off arp on down

Original comment by doug.bu...@gmail.com on 14 Dec 2013 at 9:51

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

It doesn't have to be that way. I chose it because it puts the interface
back in its default state.

Original comment by jonsch...@gmail.com on 14 Dec 2013 at 10:21

  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

It doesn't have to be that way. I chose it because it puts the interface
back in its default state.

Original comment by jonsch...@gmail.com on 14 Dec 2013 at 10:21

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://blog.securityonion.net/2013/12/new-securityonion-setup-package.html

Original comment by doug.bu...@gmail.com on 20 Dec 2013 at 12:23

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Published:
http://blog.securityonion.net/2013/12/new-securityonion-setup-package.html

Original comment by doug.bu...@gmail.com on 20 Dec 2013 at 12:23

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment