[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0rc2-14-g03091df
OISF Git
noreply at openinfosecfoundation.org
Tue Mar 18 14:06:46 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 03091dfbda16a55defbe4bc05334013a29223bbc (commit)
via c07427c643bb4e62e61b06036c92440bf65494af (commit)
via 806844d852641cc8ab7fcd5f47c493a5fbe6d18c (commit)
via 238ff23111f78073c4ebefe9fc1de72ea54a74d3 (commit)
via 919377d4a50c98bfe6bcf17729d831bb501e5018 (commit)
from 70efc66e33cc84b57773d059ab27001b403fc419 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 03091dfbda16a55defbe4bc05334013a29223bbc
Author: Victor Julien <victor at inliniac.net>
Date: Tue Mar 18 13:10:27 2014 +0100
Update Changelog for 2.0rc3 release
commit c07427c643bb4e62e61b06036c92440bf65494af
Author: Victor Julien <victor at inliniac.net>
Date: Tue Mar 18 13:36:56 2014 +0100
yaml: remove rbn, add tls
Remove rbn rule files from default rule list. The files are empty
causing a warning.
Add tls-event.rules to the default list.
commit 806844d852641cc8ab7fcd5f47c493a5fbe6d18c
Author: Victor Julien <victor at inliniac.net>
Date: Tue Mar 18 10:46:30 2014 +0100
af-packet: fix init sync with no traffic
Previously the sync code would depend on traffic to complete. This
patch adds poll support and can complete the setup if the poll timeout
is reached as well.
Part of bug #1130.
commit 238ff23111f78073c4ebefe9fc1de72ea54a74d3
Author: Eric Leblond <eric at regit.org>
Date: Mon Mar 17 13:58:06 2014 +0100
af-packet: move packet fanout code
The sooner is the better for that caode as these means we will get
all sockets binded to fanout group as fast as possible.
commit 919377d4a50c98bfe6bcf17729d831bb501e5018
Author: Eric Leblond <eric at regit.org>
Date: Tue Mar 11 09:48:34 2014 +0100
af-packet: synchronize reading start
This patch is updating af-packet to discard packets that have been
sent to a socket before all socket in a fanout group have been setup.
Without this, there is no way to assure that all packets for a single
flow will be treated by the same thread.
Tests have been done on a system with an ixgbe network card. When using
'cluster_flow' load balancing and disactivating receive hash on the iface:
ethtool -K IFACE rxhash off
then suricata is behaving as expected and all packets for a single flow
are treated by the same thread.
For some unknown reason, this is not the case when using cluster_cpu. It
seems that in that case the load balancing is not perfect on the card side.
The rxhash offloading has a direct impact on the cluster_flow load balancing
because load balancing is done by using a generic hash key attached to
each skb. This hash can be computed by the network card or can be
computed by the kernel. In the xase of a ixgbe network card, it seems there
is some issue with the hash key for TCP. This explains why it is necessary to
remove the rxhash offloading to have a correct behavior. This could also
explain why cluster_cpu is currently failing because the card is using the
same hash key computation to do the RSS queues load balancing.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 11 ++++
src/source-af-packet.c | 168 +++++++++++++++++++++++++++++++++++++++++++-----
suricata.yaml.in | 3 +-
3 files changed, 164 insertions(+), 18 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list