[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta4-405-g86711a1

OISF Git noreply at openinfosecfoundation.org
Thu Oct 22 15:22:40 UTC 2015

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  86711a1332f7082a688ff68ad38f2641bd20ee26 (commit)
       via  70c98c1ff25a143eb156144d3e517d6d5251c7b1 (commit)
       via  c4850c1d8fa8e1902141b92766d2f41e35ebbb0c (commit)
       via  d88e1334283b37ee2c3d409d38632062d261c67e (commit)
       via  2ea4bbc4921cd6a34824e8ee54d56370577a5160 (commit)
       via  7e3a5a0db28bebd5ce0deb4a4a54461cac270c86 (commit)
       via  404e66041091008dc67b5fa4ea4f814384d63af4 (commit)
       via  c5d939834ffbecc9cc7cefbed1657b4412ccd95d (commit)
       via  1b0f2774f2c5d5df0cd0beeb0133ff9c1729bc51 (commit)
       via  e9d26dd510ebdd3c02727861e05e3ba1de5c76ae (commit)
       via  f11b269ef134d1822caa0eb9249fcf9b1a0a66b9 (commit)
       via  594f62b52305258b6a39be76b7bdf049c74298d3 (commit)
       via  b834e2d19ae66b0ea0798e26818f5b100c2dc7d5 (commit)
       via  f953fdfbace8c5dbdc0f190147be3ef7ed309bf7 (commit)
       via  a13be67b5e6c26c53149b88f9565c58f7fbe3381 (commit)
       via  60ea49c777ad839fc6306f5731fd12aa98b0f011 (commit)
       via  9286360f866b723c214d415e3314c76422b15bd9 (commit)
       via  31c91d53bb0e784fa46fd4c67af75eb453c1d01e (commit)
       via  eef5678e5e4ae210e3a0137cad7650ccd798369b (commit)
       via  769722101e91cf59cd0a166870b0220bb6dbc98d (commit)
       via  c2704c39333c2866d62020e1aa4e749968fb3a01 (commit)
       via  16b210f1ea500193d942955eec2572fe6e2df46a (commit)
       via  f8b6768d050573aff955df3a2661340a040af345 (commit)
      from  dc2c8967819fc1e60cbc992c85893e166617f8fc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 86711a1332f7082a688ff68ad38f2641bd20ee26
Author: cardigliano <cardigliano at ntop.org>
Date:   Thu Oct 22 01:43:41 2015 +0200

    pfring pkt acq: capture loop optimisation
    For each packet the capture module checks whether it is time to dump stats calling
    TimeGet(). TimeGet() is an expensive function using gettimeofday() or SCSpinLock()
    which affect performance. Since gettimeofday() is already called for setting packet
    timestamp, it is more efficient to use the packet timestamp directly.

commit 70c98c1ff25a143eb156144d3e517d6d5251c7b1
Author: cardigliano <cardigliano at ntop.org>
Date:   Thu Oct 22 01:35:04 2015 +0200

    pfring pkt acq: removed reentrant flag
    PF_RING_REENTRANT is not needed as each pfring socket is used by a single thread.

commit c4850c1d8fa8e1902141b92766d2f41e35ebbb0c
Author: cardigliano <cardigliano at ntop.org>
Date:   Thu Oct 22 01:26:54 2015 +0200

    pfring pkt acq: use zero-copy recv in workers runmode
    This patch removes packet copy when suricata is running in workers runmode,
    packet copy is not needed in this case since packets are processed in sequence.

commit d88e1334283b37ee2c3d409d38632062d261c67e
Author: Eric Leblond <eric at regit.org>
Date:   Wed Oct 14 16:40:44 2015 +0200

    util-logopenfile: don't allocate redis command
    As we only have two different commands we don't need to allocate
    it and can use pointer to global variables.

commit 2ea4bbc4921cd6a34824e8ee54d56370577a5160
Author: Eric Leblond <eric at regit.org>
Date:   Thu Sep 17 10:28:08 2015 +0200

    util-logopenfile: move sensor_name to filectx
    We will now output the sensor name independantly of the output
    method if it is set in the YAML file. In the case of redis we are
    using the hostname value if unset.

commit 7e3a5a0db28bebd5ce0deb4a4a54461cac270c86
Author: Eric Leblond <eric at regit.org>
Date:   Fri May 29 22:14:22 2015 +0200

    util-logopenfile: log queued events at exit
    Do a redis query at exit to log possibly existing events.

commit 404e66041091008dc67b5fa4ea4f814384d63af4
Author: Eric Leblond <eric at regit.org>
Date:   Tue May 26 12:06:26 2015 +0200

    util-logopenfile: don't lock syslog write

commit c5d939834ffbecc9cc7cefbed1657b4412ccd95d
Author: Eric Leblond <eric at regit.org>
Date:   Tue May 26 12:02:49 2015 +0200

    util-logopenfile: cleaner free function

commit 1b0f2774f2c5d5df0cd0beeb0133ff9c1729bc51
Author: Eric Leblond <eric at regit.org>
Date:   Mon Jun 1 23:14:41 2015 +0200

    util-logopenfile: don't use atomic for batch_count

commit e9d26dd510ebdd3c02727861e05e3ba1de5c76ae
Author: Eric Leblond <eric at regit.org>
Date:   Tue May 26 11:53:06 2015 +0200

    util-logopenfile: use a function for redis write

commit f11b269ef134d1822caa0eb9249fcf9b1a0a66b9
Author: Eric Leblond <eric at regit.org>
Date:   Tue May 26 11:31:41 2015 +0200

    redis-output: fix sensor-name code
    The sensor-name was not freed at exist and the result of SCStrdup
    was not checked.

commit 594f62b52305258b6a39be76b7bdf049c74298d3
Author: Eric Leblond <eric at regit.org>
Date:   Mon May 25 19:38:28 2015 +0200

    util-logopenfile: reconnect handling
    This patch implements reconnection handling for the redis output.
    A reconnect limitation has been implemented with a limitation of
    one connection per second.

commit b834e2d19ae66b0ea0798e26818f5b100c2dc7d5
Author: Eric Leblond <eric at regit.org>
Date:   Sun May 24 21:52:56 2015 +0200

    util-logopenfile: implement redis pipelining
    This patch implements redis pipelining. This consist in contacting
    the redis server every N events to minimize the number of TCP
    exchange. This is optional and setup via the configuration file.

commit f953fdfbace8c5dbdc0f190147be3ef7ed309bf7
Author: Eric Leblond <eric at regit.org>
Date:   Sun May 24 18:07:20 2015 +0200

    util-logopenfile: introduce SCConfLogOpenRedis
    Introduce a function to realize the parsing and config file and
    opening of connection to the database. Only used by output-json
    for now it will be usable by other logging modules.

commit a13be67b5e6c26c53149b88f9565c58f7fbe3381
Author: Eric Leblond <eric at regit.org>
Date:   Sun May 24 17:43:51 2015 +0200

    util-logopenfile: add write function
    Introduce a function LogFileWrite that will handle the writing with
    respect of the type defined in the configuration. This is used in
    this patch to remove the write complexity from output-json.

commit 60ea49c777ad839fc6306f5731fd12aa98b0f011
Author: Eric Leblond <eric at regit.org>
Date:   Sat May 23 16:59:16 2015 +0200

    output-json: add sensor-name config variable
    When using redis output, we are loosing the host key (added by
    logstash or logstash-forwarder) and we can't find anymore what
    Suricata did cause the alert.
    This patch is adding this key during message generation using the
    'sensor-name' variable or the hostname is 'sensor-name' is not

commit 9286360f866b723c214d415e3314c76422b15bd9
Author: Eric Leblond <eric at regit.org>
Date:   Sun Feb 8 12:20:59 2015 +0100

    travis: add libjansson and hiredis
    Install the libs and force usage of hiredis. We will have a more
    complete build with this two libs.

commit 31c91d53bb0e784fa46fd4c67af75eb453c1d01e
Author: Eric Leblond <eric at regit.org>
Date:   Tue May 26 22:49:07 2015 +0200

    output-json: improve hiredis define
    Use #ifdef instead of #if and don't include the header which is
    not needed anymore.

commit eef5678e5e4ae210e3a0137cad7650ccd798369b
Author: Eric Leblond <eric at regit.org>
Date:   Sat Feb 7 13:10:23 2015 +0100

    output-json: add redis support
    This patch adds redis support to JSON output.

commit 769722101e91cf59cd0a166870b0220bb6dbc98d
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date:   Mon Oct 12 11:39:36 2015 +0200

    decode: add flow memcap counter
    This adds a counter indicating how many times
    the flow max memcap has been reached
    Since there is no always a reference to FlowManagerThreadData,
    the counter is put in DecodeThreadVars.
    Currently when there is no counter increase in one call of FlowGetNew
    because we don't have tv or dtv at the time of the call.
    The following is a snippet of the generated EVE entry:

commit c2704c39333c2866d62020e1aa4e749968fb3a01
Author: cardigliano <cardigliano at ntop.org>
Date:   Wed Oct 21 01:23:32 2015 +0200

    workers runmode: allow multiple input devices
    This fix allows multiple input devices when running in 'workers' mode.

commit 16b210f1ea500193d942955eec2572fe6e2df46a
Author: Eric Leblond <eric at regit.org>
Date:   Wed Oct 21 14:56:38 2015 +0200

    json-file: avoid allocation

commit f8b6768d050573aff955df3a2661340a040af345
Author: Eric Leblond <eric at regit.org>
Date:   Wed Oct 21 14:50:25 2015 +0200

    json-email: fix coverity alert
    The code was not correct and coverity did detect a potential
    overflow problem that should not happen because of the structure
    of md5 string and of format.


Summary of changes:
 .travis.yml                    |   4 +-
 configure.ac                   |  41 +++++++
 src/decode.c                   |   1 +
 src/decode.h                   |   2 +
 src/flow-hash.c                |   8 ++
 src/output-json-email-common.c |   4 +-
 src/output-json-file.c         |  11 +-
 src/output-json.c              |  92 +++++++++------
 src/output-json.h              |   1 -
 src/source-pfring.c            |  39 +++++--
 src/util-logopenfile.c         | 258 +++++++++++++++++++++++++++++++++++++++++
 src/util-logopenfile.h         |  42 ++++++-
 src/util-runmodes.c            |   2 +-
 suricata.yaml.in               |  18 ++-
 14 files changed, 463 insertions(+), 60 deletions(-)


More information about the Oisf-devel mailing list