[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-405-g86711a1
OISF Git
noreply at openinfosecfoundation.org
Thu Oct 22 15:22:40 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 86711a1332f7082a688ff68ad38f2641bd20ee26 (commit)
via 70c98c1ff25a143eb156144d3e517d6d5251c7b1 (commit)
via c4850c1d8fa8e1902141b92766d2f41e35ebbb0c (commit)
via d88e1334283b37ee2c3d409d38632062d261c67e (commit)
via 2ea4bbc4921cd6a34824e8ee54d56370577a5160 (commit)
via 7e3a5a0db28bebd5ce0deb4a4a54461cac270c86 (commit)
via 404e66041091008dc67b5fa4ea4f814384d63af4 (commit)
via c5d939834ffbecc9cc7cefbed1657b4412ccd95d (commit)
via 1b0f2774f2c5d5df0cd0beeb0133ff9c1729bc51 (commit)
via e9d26dd510ebdd3c02727861e05e3ba1de5c76ae (commit)
via f11b269ef134d1822caa0eb9249fcf9b1a0a66b9 (commit)
via 594f62b52305258b6a39be76b7bdf049c74298d3 (commit)
via b834e2d19ae66b0ea0798e26818f5b100c2dc7d5 (commit)
via f953fdfbace8c5dbdc0f190147be3ef7ed309bf7 (commit)
via a13be67b5e6c26c53149b88f9565c58f7fbe3381 (commit)
via 60ea49c777ad839fc6306f5731fd12aa98b0f011 (commit)
via 9286360f866b723c214d415e3314c76422b15bd9 (commit)
via 31c91d53bb0e784fa46fd4c67af75eb453c1d01e (commit)
via eef5678e5e4ae210e3a0137cad7650ccd798369b (commit)
via 769722101e91cf59cd0a166870b0220bb6dbc98d (commit)
via c2704c39333c2866d62020e1aa4e749968fb3a01 (commit)
via 16b210f1ea500193d942955eec2572fe6e2df46a (commit)
via f8b6768d050573aff955df3a2661340a040af345 (commit)
from dc2c8967819fc1e60cbc992c85893e166617f8fc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 86711a1332f7082a688ff68ad38f2641bd20ee26
Author: cardigliano <cardigliano at ntop.org>
Date: Thu Oct 22 01:43:41 2015 +0200
pfring pkt acq: capture loop optimisation
For each packet the capture module checks whether it is time to dump stats calling
TimeGet(). TimeGet() is an expensive function using gettimeofday() or SCSpinLock()
which affect performance. Since gettimeofday() is already called for setting packet
timestamp, it is more efficient to use the packet timestamp directly.
commit 70c98c1ff25a143eb156144d3e517d6d5251c7b1
Author: cardigliano <cardigliano at ntop.org>
Date: Thu Oct 22 01:35:04 2015 +0200
pfring pkt acq: removed reentrant flag
PF_RING_REENTRANT is not needed as each pfring socket is used by a single thread.
commit c4850c1d8fa8e1902141b92766d2f41e35ebbb0c
Author: cardigliano <cardigliano at ntop.org>
Date: Thu Oct 22 01:26:54 2015 +0200
pfring pkt acq: use zero-copy recv in workers runmode
This patch removes packet copy when suricata is running in workers runmode,
packet copy is not needed in this case since packets are processed in sequence.
commit d88e1334283b37ee2c3d409d38632062d261c67e
Author: Eric Leblond <eric at regit.org>
Date: Wed Oct 14 16:40:44 2015 +0200
util-logopenfile: don't allocate redis command
As we only have two different commands we don't need to allocate
it and can use pointer to global variables.
commit 2ea4bbc4921cd6a34824e8ee54d56370577a5160
Author: Eric Leblond <eric at regit.org>
Date: Thu Sep 17 10:28:08 2015 +0200
util-logopenfile: move sensor_name to filectx
We will now output the sensor name independantly of the output
method if it is set in the YAML file. In the case of redis we are
using the hostname value if unset.
commit 7e3a5a0db28bebd5ce0deb4a4a54461cac270c86
Author: Eric Leblond <eric at regit.org>
Date: Fri May 29 22:14:22 2015 +0200
util-logopenfile: log queued events at exit
Do a redis query at exit to log possibly existing events.
commit 404e66041091008dc67b5fa4ea4f814384d63af4
Author: Eric Leblond <eric at regit.org>
Date: Tue May 26 12:06:26 2015 +0200
util-logopenfile: don't lock syslog write
commit c5d939834ffbecc9cc7cefbed1657b4412ccd95d
Author: Eric Leblond <eric at regit.org>
Date: Tue May 26 12:02:49 2015 +0200
util-logopenfile: cleaner free function
commit 1b0f2774f2c5d5df0cd0beeb0133ff9c1729bc51
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 1 23:14:41 2015 +0200
util-logopenfile: don't use atomic for batch_count
commit e9d26dd510ebdd3c02727861e05e3ba1de5c76ae
Author: Eric Leblond <eric at regit.org>
Date: Tue May 26 11:53:06 2015 +0200
util-logopenfile: use a function for redis write
commit f11b269ef134d1822caa0eb9249fcf9b1a0a66b9
Author: Eric Leblond <eric at regit.org>
Date: Tue May 26 11:31:41 2015 +0200
redis-output: fix sensor-name code
The sensor-name was not freed at exist and the result of SCStrdup
was not checked.
commit 594f62b52305258b6a39be76b7bdf049c74298d3
Author: Eric Leblond <eric at regit.org>
Date: Mon May 25 19:38:28 2015 +0200
util-logopenfile: reconnect handling
This patch implements reconnection handling for the redis output.
A reconnect limitation has been implemented with a limitation of
one connection per second.
commit b834e2d19ae66b0ea0798e26818f5b100c2dc7d5
Author: Eric Leblond <eric at regit.org>
Date: Sun May 24 21:52:56 2015 +0200
util-logopenfile: implement redis pipelining
This patch implements redis pipelining. This consist in contacting
the redis server every N events to minimize the number of TCP
exchange. This is optional and setup via the configuration file.
commit f953fdfbace8c5dbdc0f190147be3ef7ed309bf7
Author: Eric Leblond <eric at regit.org>
Date: Sun May 24 18:07:20 2015 +0200
util-logopenfile: introduce SCConfLogOpenRedis
Introduce a function to realize the parsing and config file and
opening of connection to the database. Only used by output-json
for now it will be usable by other logging modules.
commit a13be67b5e6c26c53149b88f9565c58f7fbe3381
Author: Eric Leblond <eric at regit.org>
Date: Sun May 24 17:43:51 2015 +0200
util-logopenfile: add write function
Introduce a function LogFileWrite that will handle the writing with
respect of the type defined in the configuration. This is used in
this patch to remove the write complexity from output-json.
commit 60ea49c777ad839fc6306f5731fd12aa98b0f011
Author: Eric Leblond <eric at regit.org>
Date: Sat May 23 16:59:16 2015 +0200
output-json: add sensor-name config variable
When using redis output, we are loosing the host key (added by
logstash or logstash-forwarder) and we can't find anymore what
Suricata did cause the alert.
This patch is adding this key during message generation using the
'sensor-name' variable or the hostname is 'sensor-name' is not
defined.
commit 9286360f866b723c214d415e3314c76422b15bd9
Author: Eric Leblond <eric at regit.org>
Date: Sun Feb 8 12:20:59 2015 +0100
travis: add libjansson and hiredis
Install the libs and force usage of hiredis. We will have a more
complete build with this two libs.
commit 31c91d53bb0e784fa46fd4c67af75eb453c1d01e
Author: Eric Leblond <eric at regit.org>
Date: Tue May 26 22:49:07 2015 +0200
output-json: improve hiredis define
Use #ifdef instead of #if and don't include the header which is
not needed anymore.
commit eef5678e5e4ae210e3a0137cad7650ccd798369b
Author: Eric Leblond <eric at regit.org>
Date: Sat Feb 7 13:10:23 2015 +0100
output-json: add redis support
This patch adds redis support to JSON output.
commit 769722101e91cf59cd0a166870b0220bb6dbc98d
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Oct 12 11:39:36 2015 +0200
decode: add flow memcap counter
This adds a counter indicating how many times
the flow max memcap has been reached
Since there is no always a reference to FlowManagerThreadData,
the counter is put in DecodeThreadVars.
Currently when there is no counter increase in one call of FlowGetNew
because we don't have tv or dtv at the time of the call.
The following is a snippet of the generated EVE entry:
"flow":{"memcap":0,"spare":10000,"emerg_mode_entered":0,"emerg_mode_over":0,"tcp_reuse":0,"memuse":7085248}
commit c2704c39333c2866d62020e1aa4e749968fb3a01
Author: cardigliano <cardigliano at ntop.org>
Date: Wed Oct 21 01:23:32 2015 +0200
workers runmode: allow multiple input devices
This fix allows multiple input devices when running in 'workers' mode.
commit 16b210f1ea500193d942955eec2572fe6e2df46a
Author: Eric Leblond <eric at regit.org>
Date: Wed Oct 21 14:56:38 2015 +0200
json-file: avoid allocation
commit f8b6768d050573aff955df3a2661340a040af345
Author: Eric Leblond <eric at regit.org>
Date: Wed Oct 21 14:50:25 2015 +0200
json-email: fix coverity alert
The code was not correct and coverity did detect a potential
overflow problem that should not happen because of the structure
of md5 string and of format.
-----------------------------------------------------------------------
Summary of changes:
.travis.yml | 4 +-
configure.ac | 41 +++++++
src/decode.c | 1 +
src/decode.h | 2 +
src/flow-hash.c | 8 ++
src/output-json-email-common.c | 4 +-
src/output-json-file.c | 11 +-
src/output-json.c | 92 +++++++++------
src/output-json.h | 1 -
src/source-pfring.c | 39 +++++--
src/util-logopenfile.c | 258 +++++++++++++++++++++++++++++++++++++++++
src/util-logopenfile.h | 42 ++++++-
src/util-runmodes.c | 2 +-
suricata.yaml.in | 18 ++-
14 files changed, 463 insertions(+), 60 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list