https://inliniac.net/blog/tag/sysctl/ Recent content in Sysctl on Inliniac Hugo en Wed, 23 Jan 2008 15:27:29 +0000 https://inliniac.net/blog/2008/01/23/improving-snort_inlines-nfq-performance/ Wed, 23 Jan 2008 15:27:29 +0000 https://inliniac.net/blog/2008/01/23/improving-snort_inlines-nfq-performance/ <p>When using Snort_inline with NFQ support, it&rsquo;s likely that at some point you&rsquo;ve seen messages like these on the console: <em>packet recv contents failure: No buffer space available</em>. When the messages are appearing Snort_inline slows down significantly. I&rsquo;ve been trying to find out why.</p> <p>There are a number of setting that influence NFQ performance. One of them is the NFQ queue maximum length. This is a value in packets. Snort_inline takes an argument to modify the buffer length: &ndash;queue-maxlen 5000 (note: there are two dashes before queue-maxlen).</p>