[URL Filter ] Loading DPI signature failed

Hi I’m trying to run the URL Filter app, specifically I’m trying to add some suricata rules that I got from
/opt/mellanox/doca/examples/application_recognition/bin/doca_application_recognition/ar_suricata_rules_example

But the “commit” command fails for some reason.

ubuntu@localhost:~$ sudo /opt/mellanox/doca/examples/url_filter/bin/doca_url_filter -a 0000:03:00.0,class=regex -a auxiliary:mlx5_core.sf.4,sft_en=1 -a auxiliary:mlx5_core.sf.5,sft_en=1 -- -p
EAL: Detected 8 lcore(s)
EAL: Detected 1 NUMA nodes
EAL: Detected shared linkage of DPDK
EAL: Multi-process socket /var/run/dpdk/rte/mp_socket
EAL: Selected IOVA mode 'VA'
EAL: No available hugepages reported in hugepages-32768kB
EAL: No available hugepages reported in hugepages-64kB
EAL: No available hugepages reported in hugepages-1048576kB
EAL: Probing VFIO support...
EAL: VFIO support initialized
EAL:   Device is not NUMA-aware, defaulting socket to 0
EAL: Probe PCI driver: mlx5_pci (15b3:a2d6) device: 0000:03:00.0 (socket 0)
EAL: No legacy callbacks, legacy socket not created
Temporary WARN - Destination table level lower than Source
[15:17:27:005374][DOCA][I][DWRKR]: 7 cores are used as DPI workers
URL FILTER>> create database
URL FILTER>> commit database /tmp/signature.txt
/tmp/2462826/signatures.rules
rules file is /tmp/2462826/signatures.rules
Info: Setting target hardware version to v5.7...done
Info: Setting virtual prefix mode to 0...done
Info: Setting prefix capacity to 32K...done
Info: Setting compiler objective value to 5...done
Info: Setting number of threads for compilation to 1...done
Info: Reading ruleset...done
Info: Detected 8 rules
Info: Enabling global single-line mode...done
Info: Setting maximum TPE data width to 4...done
Info: Scanning rules...[==============================]...done
Info: Analising possible prefix usage...[==============================]...done
Info: Mapping prefixes, phase 1...[==============================]...done   
Info: Mapping prefixes, phase 2...[==============================]...done
Info: Running rules analysis...[==============================]...done
Info: Optimizing memory map...[==============================]...done
Info: Analyzing memory map...[==============================]...done
Info: Calculating thread instructions...[==============================]...done
Info: Beginning to write memory map for ROF2...done
Info: PPE total 1-byte prefix usage: 0/256 (0%)
Info: PPE total 2-byte prefix usage: 0/2048 (0%)
Info: PPE total 3-byte prefix usage: 0/2048 (0%)
Info: PPE total 4-byte prefix usage: 7/32768 (0.0213623%)
Info: TPE instruction RAM TCM partition usage: 2048/2048 (100%)
Info: TPE instruction RAM external memory partition usage: 6458/13M (0.0473756%)
Info: TPE class RAM usage: 3/256 (1.17188%)
Info: Estimated threads/byte: 2.073e-09
Info: Finalizing memory map for ROF2...done
Info: Storing ROF2 data...done
Info: Number of rules compiled = 8/8
Info: Writing ROF2 file to /tmp/2462826/rof/signatures_compiled.rof2
Info: Writing binary ROF2 file to /tmp/2462826/rof/signatures_compiled.rof2.binary...done
mlx5_regex: Rules program failed 22
mlx5_regex: Failed to program rxp rules.
[15:18:03:164492][DOCA][E][UFLTR::Core]: Loading DPI signature failed

signature.txt

alert tcp any any -> any any (msg:"Youtube"; flow:to_server; pcre:"/.*youtube.*/"; sid:1; rev:1;)
drop tcp any any -> any any (msg:"Ebay"; flow:to_server; pcre:"/.*ebay.*/"; sid:2; rev:1;)
alert tcp any any -> any any (msg:"Alibaba"; flow:to_server; pcre:"/.*alibaba.*/"; sid:3; rev:1;)
alert tcp any any -> any any (msg:"Twitch"; flow:to_server; pcre:"/.*twitch.*/"; sid:4; rev:1;)
alert tcp any any -> any any (msg:"Wikipedia"; flow:to_server; pcre:"/.*wikipedia.*/"; sid:5; rev:1;)
alert tcp any any -> any any (msg:"Google"; flow:to_server; pcre:"/.*google.*/"; sid:6; rev:1;)
alert tcp any any -> any any (msg:"Facebook"; flow:to_server; pcre:"/.*facebook.*/"; sid:7; rev:1;)
alert tcp any any -> any any (msg:"Twitter"; flow:to_server; pcre:"/.*twitter.*/"; sid:8; rev:1;)

Hello,

Based on the output provided, we would recommend opening a support case for further investigation of the issue. If you do not have a current support contract, please reach out to our Contracts team at networking-contracts@nvidia.com

Thank you and regards,
~NVIDIA Networking Technical Support

I solved , the regex engine was inactive

systemctl status mlx-regex
systemctl start mlx-regex
1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.