[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta1-440-g9e85b8d
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Mon Dec 9 14:32:22 UTC 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 9e85b8d35ed02cbbf4222c1d97e13caecf5ca592 (commit)
via 85b1a8ff26a0a8ba1e3f0a0c9e92f6fb08c2733d (commit)
via 3b3dce8328007e66f9f8b7070c712da76321852b (commit)
via b32abea06b70b4774f5127f4be2118a409318fe1 (commit)
via 8522da8ea505aca02b722a9cb3c22a3a00a25812 (commit)
from 47b5fc0934e938eb9e1badaf3aebd4450dbcf559 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9e85b8d35ed02cbbf4222c1d97e13caecf5ca592
Author: Victor Julien <victor at inliniac.net>
Date: Tue Dec 3 15:14:46 2013 +0100
flow timeout: remove now unused code
commit 85b1a8ff26a0a8ba1e3f0a0c9e92f6fb08c2733d
Author: Victor Julien <victor at inliniac.net>
Date: Tue Dec 3 14:36:25 2013 +0100
flow: fix typo in function name
FlowForceReassemblyNeedReassmbly -> FlowForceReassemblyNeedReassembly
commit 3b3dce8328007e66f9f8b7070c712da76321852b
Author: Victor Julien <victor at inliniac.net>
Date: Tue Dec 3 14:28:09 2013 +0100
flow timeout cleanup and fix
Flow timeout code worked by luck when checking if a flow still needed
reassembly for app layer inspection or logging. It would check for a
part of raw reassembly (smsg list) to determine if detection was
needed. In this case it would also process app layer cleanup,
including logging.
Introduced AppLayerTransactionGetActive which returns the lowest tx_id
in a direction that still needs some work.
FlowForceReassemblyNeedReassmbly now uses it to determine if the
applayer still needs work.
Converted FlowForceReassemblyForHash to use the checking function
FlowForceReassemblyNeedReassmbly as well, so that checking if a flow
needs work is now unified.
commit b32abea06b70b4774f5127f4be2118a409318fe1
Author: Victor Julien <victor at inliniac.net>
Date: Tue Dec 3 09:55:01 2013 +0100
flow/stream: use named values in flow timeout code
commit 8522da8ea505aca02b722a9cb3c22a3a00a25812
Author: Victor Julien <victor at inliniac.net>
Date: Thu Nov 28 19:02:14 2013 +0100
stream: add option to disable raw reassembly
Raw reassembly is used only by the detection engine. For users only
caring about logging it's a significant overhead, both in cpu and
memory usage.
The option is called 'raw' and lives under the stream.reassembly
options.
stream:
memcap: 32mb
checksum-validation: yes # reject wrong csums
inline: auto # auto will use inline mode in IPS mode, yes or no set it statically
reassembly:
memcap: 64mb
depth: 1mb # reassemble 1mb into a stream
toserver-chunk-size: 2560
toclient-chunk-size: 2560
randomize-chunk-size: yes
#randomize-chunk-range: 10
raw: false # <- new option
-----------------------------------------------------------------------
Summary of changes:
src/app-layer-parser.c | 17 ++++++++
src/app-layer-parser.h | 1 +
src/flow-manager.c | 3 +-
src/flow-timeout.c | 86 +++++++++++++++++++++++++------------------
src/flow-timeout.h | 2 +-
src/stream-tcp-private.h | 5 +-
src/stream-tcp-reassemble.c | 7 +++-
src/stream-tcp.c | 12 ++++++
src/stream-tcp.h | 3 +
9 files changed, 94 insertions(+), 42 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list