PF_Ring

Dave_Crawford · February 8, 2017, 12:09am

Are there any performance benefits over compiling Bro with pf_ring (–with-pcap=*) versus using the Bro pf_ring plugin?

Additionally, if I’m using the ZC drivers (with zbalance_ipc clusters) is the plugin compatible or do I still need to compile Bro with the —with-pcap option?

Also, this documentation is a tad outdated at this point:

https://www.bro.org/sphinx-git/configuration/index.html

Thanks!
-Dave

Topic		Replies	Views
Anyone using PF_RING ZC with Bro yet? Zeek	4	54	May 6, 2022
So before I upgrade (pf_ring revisit) Zeek	3	66	May 6, 2022
Building Bro with PF_RING Zeek	1	58	May 6, 2022
Quick pf_ring question Zeek	5	59	May 6, 2022
PF_RING ZC Config Zeek	9	60	May 6, 2022

PF_Ring

Related Topics