[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta1-440-g9e85b8d

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Mon Dec 9 14:32:22 UTC 2013

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  9e85b8d35ed02cbbf4222c1d97e13caecf5ca592 (commit)
       via  85b1a8ff26a0a8ba1e3f0a0c9e92f6fb08c2733d (commit)
       via  3b3dce8328007e66f9f8b7070c712da76321852b (commit)
       via  b32abea06b70b4774f5127f4be2118a409318fe1 (commit)
       via  8522da8ea505aca02b722a9cb3c22a3a00a25812 (commit)
      from  47b5fc0934e938eb9e1badaf3aebd4450dbcf559 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9e85b8d35ed02cbbf4222c1d97e13caecf5ca592
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Dec 3 15:14:46 2013 +0100

    flow timeout: remove now unused code

commit 85b1a8ff26a0a8ba1e3f0a0c9e92f6fb08c2733d
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Dec 3 14:36:25 2013 +0100

    flow: fix typo in function name
    FlowForceReassemblyNeedReassmbly -> FlowForceReassemblyNeedReassembly

commit 3b3dce8328007e66f9f8b7070c712da76321852b
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Dec 3 14:28:09 2013 +0100

    flow timeout cleanup and fix
    Flow timeout code worked by luck when checking if a flow still needed
    reassembly for app layer inspection or logging. It would check for a
    part of raw reassembly (smsg list) to determine if detection was
    needed. In this case it would also process app layer cleanup,
    including logging.
    Introduced AppLayerTransactionGetActive which returns the lowest tx_id
    in a direction that still needs some work.
    FlowForceReassemblyNeedReassmbly now uses it to determine if the
    applayer still needs work.
    Converted FlowForceReassemblyForHash to use the checking function
    FlowForceReassemblyNeedReassmbly as well, so that checking if a flow
    needs work is now unified.

commit b32abea06b70b4774f5127f4be2118a409318fe1
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Dec 3 09:55:01 2013 +0100

    flow/stream: use named values in flow timeout code

commit 8522da8ea505aca02b722a9cb3c22a3a00a25812
Author: Victor Julien <victor at inliniac.net>
Date:   Thu Nov 28 19:02:14 2013 +0100

    stream: add option to disable raw reassembly
    Raw reassembly is used only by the detection engine. For users only
    caring about logging it's a significant overhead, both in cpu and
    memory usage.
    The option is called 'raw' and lives under the stream.reassembly
      memcap: 32mb
      checksum-validation: yes      # reject wrong csums
      inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
        memcap: 64mb
        depth: 1mb                  # reassemble 1mb into a stream
        toserver-chunk-size: 2560
        toclient-chunk-size: 2560
        randomize-chunk-size: yes
        #randomize-chunk-range: 10
        raw: false # <- new option


Summary of changes:
 src/app-layer-parser.c      |   17 ++++++++
 src/app-layer-parser.h      |    1 +
 src/flow-manager.c          |    3 +-
 src/flow-timeout.c          |   86 +++++++++++++++++++++++++------------------
 src/flow-timeout.h          |    2 +-
 src/stream-tcp-private.h    |    5 +-
 src/stream-tcp-reassemble.c |    7 +++-
 src/stream-tcp.c            |   12 ++++++
 src/stream-tcp.h            |    3 +
 9 files changed, 94 insertions(+), 42 deletions(-)


More information about the Oisf-devel mailing list