[GTER] fastnetmon autor

Eduardo Meyer dudu.meyer at gmail.com
Fri Nov 27 11:59:26 -02 2015


Hello Pavel,

In first place, thank you for your time and effort put on this. Fastnetmon
is a great tool.

I am also running it on FreeBSD, and so far the only bug I noticed is a
popen error which lead to exit(1) on the application when we run a shell
script for external action. It's just an exit handling from the popen since
the script just runs correctly, however Fastnetmon believes there was an
error (which was not) and exits.

On the next version for fastnetmon, how do you leverage on DPI? How does it
will influence the effectiveness and quality of DDoS detection? I ask this
due to the difference on topology vs performance, say, trying to determine
I should move from a lightweight approach such as sFLOW to a not so light,
like pcap and how does DPI worths the extra CPU cycles to inspect the whole
packet.

For FreeBSD do you plan to DPI inspect in Netmap mode as well? Have you
done that for PF_RING already or DPI is pcap only?

Once again thank you for such a great piece of code and welcome to GTER.

BTW, FNM performance on FreeBSD even in pcap mode (without netmap pcap) is
years higher than the expected / documented performance on FNM's
documentation. Actually, at least 3Gbit/s in pcap mode in a bridged
(if_bridge / kernel path based) environment so far is GTG, in the next days
I plan to add a 10G port and have a >5Gbps avg load and see how it performs
with ban time 900 and avg calculation time 15.






On Tue, Nov 24, 2015 at 11:22 AM, Pavel Odintsov <pavel.odintsov at gmail.com>
wrote:

> Hello!
>
> We are moving fast and sometimes breaking things. We will fix FreeBSD
> build system in next few weeks. So I haven't saw very big popularity
> of FreeBSD version. But actually GTER show amazing interest about
> FreeBSD. So we could change minds and fix FreeBSD support :)
>
> 2015-11-24 14:37 GMT+03:00 Cassiano Peixoto <peixotocassiano at gmail.com>:
> > Hi Pavel,
> >
> > First of all congrats for your good work. This new features looks very
> > interesting, but i didn't find any support for FreeBSD. Fastnetmon is not
> > support on FreeBSD anymore?
> >
> > Thanks.
> >
> >
> > 2015-11-24 3:44 GMT-02:00 Pavel Odintsov <pavel.odintsov at gmail.com>:
> >>
> >> Hello!
> >>
> >> Thanks for feedback! :) We have already implemented some awesome
> >> features (DPI, GoBGP support and Flow Spec) in current Git version.
> >> You could install it with installer script this way:
> >>
> >> wget
> >>
> https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl
> >> -Ofastnetmon_install.pl
> >> sudo perl fastnetmon_install.pl --use-git-master
> >>
> >> 2015-11-21 2:00 GMT+03:00 Diego Canton de Brito
> >> <diegocanton at ensite.com.br>:
> >> >
> >> > Interessante, utilizamos a algum tempo e recomendo, andei ajudando
> >> > alguns participantes a ajustarem e sempre há um consenso qto a
> eficiência
> >> > dele.
> >> > Estou ansioso pra ver as melhorias previstas no roadmap dele em ação.
> >> > --
> >> > Enviado do aplicativo myMail para Android sexta-feira, 20 novembro
> 2015,
> >> > 08:20PM -02:00 de Roberto Bertó < roberto.berto at gmail.com> :
> >> >
> >> >> Ola pessoal
> >> >>
> >> >> Como é um assunto que a gente sempre discute pensei em trazer o autor
> >> >> do
> >> >> fastnetmon o Pavel Odintsov  aqui na lista para tirar duvidas e
> >> >> conversar
> >> >> conosco, duvidas de instalacao cenarios de deploy, aproveitem!
> >> >>
> >> >> Ele esteve na RIPE71 divulgando essa semana. Muitos de nos ja estao
> >> >> usando
> >> >> o FNM e ja possuem experiencia tambem.
> >> >> --
> >> >> gter list  https://eng.registro.br/mailman/listinfo/gter
> >> > --
> >> > gter list    https://eng.registro.br/mailman/listinfo/gter
> >>
> >>
> >>
> >> --
> >> Sincerely yours, Pavel Odintsov
> >> --
> >> gter list    https://eng.registro.br/mailman/listinfo/gter
> >
> >
>
>
>
> --
> Sincerely yours, Pavel Odintsov
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
>



-- 
===========
Eduardo Meyer
pessoal: dudu.meyer at gmail.com
profissional: ddm.farmaciap at saude.gov.br



More information about the gter mailing list