[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-1.3-13-g64fad5b

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Mon Aug 6 14:51:29 UTC 2012

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  64fad5b36e19e30cf990e8a3405e1e0ee7f3b8d6 (commit)
       via  fe4c66461f3382038bc7d26c99e02f20a6990805 (commit)
       via  41bb3b95f9c4517c32d2ac141bfa652cf9b71fc8 (commit)
       via  1c41672f5e6df36f10f78c08914698addd613e3f (commit)
       via  8ebc625711e38e9800384289937be82456817cf8 (commit)
       via  a369f8c359f19fcf7a5df85288f2f7b92c1816ad (commit)
       via  4df509f87a4b077e3a5d53080e2412dc066ed8d6 (commit)
       via  a5587fec2ebdd3cd75a2b0e7c8fe7f06a8f0daea (commit)
      from  bf6cd48259b78374d1386b1ed1cc615896d46993 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 64fad5b36e19e30cf990e8a3405e1e0ee7f3b8d6
Author: Anoop Saldanha <poonaatsoc at gmail.com>
Date:   Wed Aug 1 21:00:11 2012 +0530

    Update fast_pattern engine to not use negated content as fast_pattern if we have non-negated content in the sig.
    Noticing a good spike in perf with et_pro ruleset.
    Thanks to Will Metcalf for the suggestion.

commit fe4c66461f3382038bc7d26c99e02f20a6990805
Author: Anoop Saldanha <poonaatsoc at gmail.com>
Date:   Mon Jul 9 10:01:54 2012 +0530

    bug #466 - Updated getticks() to serialize execution of rdtsc with cpuid

commit 41bb3b95f9c4517c32d2ac141bfa652cf9b71fc8
Author: Anoop Saldanha <poonaatsoc at gmail.com>
Date:   Thu Jul 19 13:32:01 2012 +0530

    bug 508 - List (ack | cwr | ecn) combination to be accepted by our stream engine.
    This isn't a perfect solution.  More like we have patched this for the case we
    are in tcp's established state.  The right solution would be to accept states
    based on the presence(using operator OR) of certain flags in the tcp header,
    rather than list out all possible flag combinations.

commit 1c41672f5e6df36f10f78c08914698addd613e3f
Author: Anoop Saldanha <poonaatsoc at gmail.com>
Date:   Wed Jul 11 20:09:24 2012 +0530

    invalidate sigs if depth > content_length

commit 8ebc625711e38e9800384289937be82456817cf8
Author: Eric Leblond <eric at regit.org>
Date:   Wed Aug 1 11:04:37 2012 +0200

    tls: fix keyword regular expression
    Space, dash and comma are valid.

commit a369f8c359f19fcf7a5df85288f2f7b92c1816ad
Author: Eric Leblond <eric at regit.org>
Date:   Fri Jul 27 11:29:37 2012 +0200

    af-packet: loop on ring if there is data to read.
    This patch should bring some improvements by looping on the
    ring when there is some data available instead of getting back
    to the poll. It also fix recovery in case of drops on the ring
    because the poll command will not return correctly in this case.

commit 4df509f87a4b077e3a5d53080e2412dc066ed8d6
Author: Eric Leblond <eric at regit.org>
Date:   Fri Jul 27 11:22:03 2012 +0200

    defrag: use IP ID in hash
    This patch fixes the collision issue observed on an intensive network
    trafic. When there is fragmentation it is the case for all data
    exchanged between two hosts. Thus using a hash func only involving
    IP addresses (and protocol) was leading to a collision for all
    exchanges between the hosts. At a larger scale, it was resulting in
    a packet loss. By using the IP ID instead of the protocol family, we
    introduce a real difference between the trackers.

commit a5587fec2ebdd3cd75a2b0e7c8fe7f06a8f0daea
Author: Victor Julien <victor at inliniac.net>
Date:   Mon Aug 6 15:44:59 2012 +0200

    flow: remove unused prune-flows option


Summary of changes:
 src/defrag.c            |    4 +-
 src/detect-depth.c      |    8 ++-
 src/detect-engine-mpm.c |   26 ++++++++--
 src/detect-tls.c        |    2 +-
 src/detect.c            |   22 +++++++-
 src/flow.c              |    8 ---
 src/flow.h              |    1 -
 src/source-af-packet.c  |  135 ++++++++++++++++++++++++-----------------------
 src/stream-tcp.c        |    3 +-
 src/util-cpu.c          |   28 +++++++++-
 suricata.yaml.in        |    3 +-
 11 files changed, 149 insertions(+), 91 deletions(-)


More information about the Oisf-devel mailing list