[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0rc2-14-g03091df

OISF Git noreply at openinfosecfoundation.org
Tue Mar 18 14:06:46 UTC 2014

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  03091dfbda16a55defbe4bc05334013a29223bbc (commit)
       via  c07427c643bb4e62e61b06036c92440bf65494af (commit)
       via  806844d852641cc8ab7fcd5f47c493a5fbe6d18c (commit)
       via  238ff23111f78073c4ebefe9fc1de72ea54a74d3 (commit)
       via  919377d4a50c98bfe6bcf17729d831bb501e5018 (commit)
      from  70efc66e33cc84b57773d059ab27001b403fc419 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 03091dfbda16a55defbe4bc05334013a29223bbc
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 18 13:10:27 2014 +0100

    Update Changelog for 2.0rc3 release

commit c07427c643bb4e62e61b06036c92440bf65494af
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 18 13:36:56 2014 +0100

    yaml: remove rbn, add tls
    Remove rbn rule files from default rule list. The files are empty
    causing a warning.
    Add tls-event.rules to the default list.

commit 806844d852641cc8ab7fcd5f47c493a5fbe6d18c
Author: Victor Julien <victor at inliniac.net>
Date:   Tue Mar 18 10:46:30 2014 +0100

    af-packet: fix init sync with no traffic
    Previously the sync code would depend on traffic to complete. This
    patch adds poll support and can complete the setup if the poll timeout
    is reached as well.
    Part of bug #1130.

commit 238ff23111f78073c4ebefe9fc1de72ea54a74d3
Author: Eric Leblond <eric at regit.org>
Date:   Mon Mar 17 13:58:06 2014 +0100

    af-packet: move packet fanout code
    The sooner is the better for that caode as these means we will get
    all sockets binded to fanout group as fast as possible.

commit 919377d4a50c98bfe6bcf17729d831bb501e5018
Author: Eric Leblond <eric at regit.org>
Date:   Tue Mar 11 09:48:34 2014 +0100

    af-packet: synchronize reading start
    This patch is updating af-packet to discard packets that have been
    sent to a socket before all socket in a fanout group have been setup.
    Without this, there is no way to assure that all packets for a single
    flow will be treated by the same thread.
    Tests have been done on a system with an ixgbe network card. When using
    'cluster_flow' load balancing and disactivating receive hash on the iface:
     ethtool -K IFACE rxhash off
    then suricata is behaving as expected and all packets for a single flow
    are treated by the same thread.
    For some unknown reason, this is not the case when using cluster_cpu. It
    seems that in that case the load balancing is not perfect on the card side.
    The rxhash offloading has a direct impact on the cluster_flow load balancing
    because load balancing is done by using a generic hash key attached to
    each skb. This hash can be computed by the network card or can be
    computed by the kernel. In the xase of a ixgbe network card, it seems there
    is some issue with the hash key for TCP. This explains why it is necessary to
    remove the rxhash offloading to have a correct behavior. This could also
    explain why cluster_cpu is currently failing because the card is using the
    same hash key computation to do the RSS queues load balancing.


Summary of changes:
 ChangeLog              |   11 ++++
 src/source-af-packet.c |  168 +++++++++++++++++++++++++++++++++++++++++++-----
 suricata.yaml.in       |    3 +-
 3 files changed, 164 insertions(+), 18 deletions(-)


More information about the Oisf-devel mailing list