[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-416-ga408987

OISF Git noreply at openinfosecfoundation.org
Tue Nov 17 20:26:18 UTC 2015

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  a4089873c70b621a84ca4be75d3a669de7ff45cc (commit)
       via  b85901a6b494ec608b31ab6267f0e9989afa61e4 (commit)
       via  35c1b681eea62918e07c35e3d8c8df23f1f26d49 (commit)
       via  c199fdcbb9197d13e2cc85d162051139d511494c (commit)
       via  affb399cd9b09771b59b8eddea1de04719babfc8 (commit)
       via  9672e16323bd46ee366d922b856deabca9dfd232 (commit)
       via  c06dfe6e26e16b0c8e3d4965b5a0ddafc2553174 (commit)
       via  7f8795c7563827f090d8679cb35847af0085fc56 (commit)
       via  8d06d7bccc431fda671bacca482fd98264b660fb (commit)
       via  ca3916881fe598b2b9b10f7f90d3636f938a1db5 (commit)
       via  77624701e73aade1706836591a750e4aec13520e (commit)
      from  86711a1332f7082a688ff68ad38f2641bd20ee26 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit a4089873c70b621a84ca4be75d3a669de7ff45cc
Author: Eric Leblond <eric at regit.org>
Date:   Thu Oct 22 20:31:13 2015 +0200

    rules-reload: fix reload with -s or -S
    When using the -S or -s option, the reload was causing the specified
    rules file to be forgotten and the default rules to be loaded at
    reload time.

commit b85901a6b494ec608b31ab6267f0e9989afa61e4
Author: Eric Leblond <eric at regit.org>
Date:   Thu Oct 22 21:20:54 2015 +0200

    prscript: add rm command
    This command removes the container and the image allowing to
    free the disk space allocated during the creation.

commit 35c1b681eea62918e07c35e3d8c8df23f1f26d49
Author: Eric Leblond <eric at regit.org>
Date:   Thu Oct 22 21:06:44 2015 +0200

    prscript: docker do not need sudo
    Usage is not to run docker command as root but to have the user
    in the docker group to be able to run docker commands.

commit c199fdcbb9197d13e2cc85d162051139d511494c
Author: Eric Leblond <eric at regit.org>
Date:   Tue Nov 3 09:45:53 2015 +0100

    handle MTU discovery in multi iface case
    This patch adds handling of multiple interface by using as
    default-packet-size the maximum MTU + header length among the
    live iface.

commit affb399cd9b09771b59b8eddea1de04719babfc8
Author: Eric Leblond <eric at regit.org>
Date:   Tue Nov 17 09:56:55 2015 +0100

    config: don't use hardcoded path
    It is better to use a transformation to define the default
    directory of output message instead of using an hardcoded value.
    Same apply to the directory for the pid file.

commit 9672e16323bd46ee366d922b856deabca9dfd232
Author: Eric Leblond <eric at regit.org>
Date:   Mon Nov 16 17:53:04 2015 +0100

    suricata: clean dump-config output
    When user asks for a configuration dump, it is useless to display
    the version and CPU info. Also initializing the log system conduct
    to overwrite the some log files and in particular suricata.log and
    this is annoying as a command should not interfere with a running

commit c06dfe6e26e16b0c8e3d4965b5a0ddafc2553174
Author: cardigliano <cardigliano at ntop.org>
Date:   Thu Oct 22 11:55:57 2015 +0200

    pfring pkt acq: keep running on 'pfring_set_cluster' failure when cluster is not required
    Suricata creates a pfring cluster with a default ID = 1 when not explicitly configured,
    unless the device has prefix 'dna' or 'zc'. Since pf_ring also supports other cards
    implementing kernel-bypass (cluster not supported), this is preventing those cards from
    running on top of this module. This patch stops suricata on 'pfring_set_cluster' failure
    only when error code != PF_RING_ERROR_NOT_SUPPORTED or cluster ID has not been explicitly

commit 7f8795c7563827f090d8679cb35847af0085fc56
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Oct 23 18:29:10 2015 +0200

    threading: avoid autofp deadlock
    When there are many threads and/or the packet pool (max-pending-packets) is
    small, a potential dead lock exists between the packet pool return pool
    logic and the capture threads. The autofp workers together can have all the
    packets in their return pools, while the capture thread(s) are waiting at an
    empty pool. A race between the worker threads and the capture thread, where
    the latter signals the former, is lost by the capture thread. Now everyone
    is waiting.
    To avoid this scenario, this patch makes the previously hardcoded 'return
    pool' threshold dynamic based on the number of threads and the packet pool
    It sets the threshold to the max pending packets value, divided by the number
    of lister threads. The max value hasn't changed. Normally, in the autofp
    runmode these are the stream/detect/log worker threads.
    The max_pending_return_packets value needs to stay below the packet pool size
    of the 'producers' (normally pkt capture threads but also flow timeout
    injection) to avoid the deadlock.
    As it's quite impossible at this time to learn how many threads will be
    created before starting the runmodes, and thus spawning the threads and
    already initializing the packet pools, this code sets a global variable
    after runmode setup, but before the threads are 'unpaused'.

commit 8d06d7bccc431fda671bacca482fd98264b660fb
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Oct 23 18:09:24 2015 +0200

    threads: add func to count running threads of types

commit ca3916881fe598b2b9b10f7f90d3636f938a1db5
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Oct 23 18:01:55 2015 +0200

    threading: store thread module flags in threadvars

commit 77624701e73aade1706836591a750e4aec13520e
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Oct 23 09:53:48 2015 +0200

    htp: cleanup, remove unused declaration


Summary of changes:
 qa/prscript.py        | 26 +++++++++++++++++---------
 src/app-layer-htp.c   |  4 ----
 src/detect-engine.c   |  5 +++--
 src/detect-engine.h   |  2 +-
 src/runmode-pfring.c  |  4 ++++
 src/source-pfring.c   |  7 +++++--
 src/source-pfring.h   |  6 ++++++
 src/suricata.c        | 33 ++++++++++++++++++++-------------
 src/threadvars.h      |  3 +++
 src/tm-threads.c      | 24 ++++++++++++++++++++++++
 src/tm-threads.h      |  2 ++
 src/tmqh-packetpool.c | 36 +++++++++++++++++++++++++++++++++++-
 src/tmqh-packetpool.h |  1 +
 suricata.yaml.in      |  4 ++--
 14 files changed, 123 insertions(+), 34 deletions(-)


More information about the Oisf-devel mailing list