Suricata terminating briefly after initializing

[tushartathgur]

Description
Suricata is terminating after getting initialized.
The interfaces that Suricata uses are antrea-l7-tap1 and antrea-l7-tap0, both of the interfaces uses mtu of 65485 before initiating Suricata, Suricata changes the mtu size of antrea-l7-tap1 to 1500 but not of antrea-l7-tap0 resulting into failure.

To Reproduce

• Set L7NetworkPolicy and disableTXChecksumOffload as True and start Antrea.
• Add 2 Pods for the L7 NP.
• Create and apply an L7 NP.
• Suricata should start in the corresponding Antrea agent node to the Pod's node.
• Exec into the Node where Suricata would have ran.
• Logs would be present at "/var/log/antrea/networkpolicy/l7engine/suricata.logs"

Expected
Suricata should start and remain running unless terminated explicitly.

Actual behavior
Suricata is failing to stay in running stage due to interface mismatch.
Below are the logs:

[167 - Suricata-Main] 2023-08-15 18:03:51 Notice: suricata: This is Suricata version 7.0.0 RELEASE running in SYSTEM mode
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: cpu: CPUs/cores online: 6
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: device: antrea-l7-tap0: shortening device name to antr..tap0
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: device: antrea-l7-tap1: shortening device name to antr..tap1
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: af-packet: Setting IPS mode
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: exception-policy: master exception-policy set to: auto
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[167 - Suricata-Main] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: conf: Running in live mode, activating unix socket
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: logopenfile: eve-log output device (regular) initialized: eve-%Y-%m-%d.json
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: logopenfile: Setting logging socket of non-blocking in live mode.
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: logopenfile: eve-log output device (unix_stream) initialized: /var/log/antrea/networkpolicy/suricata_eve.socket
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: conf: Running in live mode, activating unix socket
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: detect: using 4 detect loader threads
[168 - Suricata-Main] 2023-08-15 18:03:51 Notice: detect: no tenant traffic mappings defined, tenants won't be used until mappings are added
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: af-packet: antrea-l7-tap0: AF_PACKET IPS mode activated antrea-l7-tap0->antrea-l7-tap1
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: runmodes: antrea-l7-tap0: creating 6 threads
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: af-packet: antrea-l7-tap1: AF_PACKET IPS mode activated antrea-l7-tap1->antrea-l7-tap0
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: runmodes: antrea-l7-tap1: creating 6 threads
[179 - W#01-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[179 - W#01-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[179 - W#01-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[180 - W#02-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[180 - W#02-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[180 - W#02-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[181 - W#03-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[181 - W#03-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[181 - W#03-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[182 - W#04-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[182 - W#04-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[182 - W#04-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[183 - W#05-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[183 - W#05-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[183 - W#05-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[184 - W#06-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap1: MTU 1500
[184 - W#06-antr..tap1] 2023-08-15 18:03:51 Info: ioctl: antrea-l7-tap0: MTU 65485
[184 - W#06-antr..tap1] 2023-08-15 18:03:51 Warning: af-packet: MTU on antrea-l7-tap1 (1500) and antrea-l7-tap0 (65485) are not equal, transmission of packets bigger than 1500 will fail.
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: unix-manager: unix socket '/var/run/suricata/suricata-command.socket'
[168 - Suricata-Main] 2023-08-15 18:03:51 Info: unix-manager: created socket directory /var/run/suricata/
[173 - W#01-antr..tap0] 2023-08-15 18:03:51 Error: af-packet: antrea-l7-tap0: Frame size bigger than block size
[173 - W#01-antr..tap0] 2023-08-15 18:03:51 Error: af-packet: antrea-l7-tap0: ring parameters are incorrect. Please file a bug report
[173 - W#01-antr..tap0] 2023-08-15 18:03:51 Error: af-packet: antrea-l7-tap0: failed to init socket for interface
[168 - Suricata-Main] 2023-08-15 18:03:51 Error: threads: thread "W#01-antr..tap0" failed to start: flags 0423

Versions:

• Antrea version (Docker image tag): Latest
• Suricata version: 6.0.13 and 7.0.0

Additional context