[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-4.0.1-165-g7069520
OISF Git
noreply at openinfosecfoundation.org
Tue Dec 19 19:55:12 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 70695201f6eb6099da2f5cc18656573024146702 (commit)
via 16ddba61d6d69c2b948e516a9024e66f9bbc61e2 (commit)
via 3668ea25224a2a7a50c2694e500fae74205b7a87 (commit)
via bba8cfb6267e576d4dfac4e06269896e71b671dd (commit)
via e4a18bb9420d23fd3016c5966884d33b00740f2e (commit)
via 0839d0651433d55f3d18facbc16d3471e28895c8 (commit)
via 7addc24566919feea6bc47eef8ae7ee7bdb963ab (commit)
via 85ddeb3afa8328989ca0e5179421c277a086da03 (commit)
via 6fdad7d9e58bb07f085c262c998d2cc3f741c3a0 (commit)
via 80bf728bfe80eec5b9df5c47b14daba318952fc6 (commit)
via 4a75eaf40590bfd5bf276482abea710b117a55da (commit)
via 802bdb26951b15f992508dd0e81084d673a402e3 (commit)
via bf166420fa5b7ecb56b82edeee19a1614a5922ae (commit)
via 3bf098e52f19086c53f5246c474db8fb0bd6dc84 (commit)
via 3205a8789b418dc601e85bc90b92d0091834fd7c (commit)
from cf8d770caad3b049d67143d3e84f6fb56c28d6b9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 70695201f6eb6099da2f5cc18656573024146702
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Fri Dec 1 14:48:54 2017 +0100
doc: add memcap commands in unix-socket section
commit 16ddba61d6d69c2b948e516a9024e66f9bbc61e2
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:22:54 2017 +0100
suricatasc: add commands for memcap handling
commit 3668ea25224a2a7a50c2694e500fae74205b7a87
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:19:45 2017 +0100
runmode-unix-socket: add commands for memcap handling
This permits to handle memcap values through
unix socket for:
- stream
- stream-reassembly
- flow
- applayer-proto-http
- defrag
- ippair
- host
It will be possible to show or change a memcap value
for a specified configuration and list all memcap values
available.
The following commands are registered for unix-socket:
- memcap-set
- memcap-show
- memcap-list
Output:
>>> memcap-show flow
Success:
{
"value": "64mb"
}
>>> memcap-set flow 64mb
Success:
"memcap value for 'flow' updated: 67108864"
Command with invalid memcap key:
>>> memcap-set udp 32mb
Error:
"Available config: stream stream-reassembly flow applayer-proto-http defrag ippair host"
Command with an invalid memcap value:
>>> memcap-set http 32mmb
Error:
"error parsing memcap specified, value not changed"
commit bba8cfb6267e576d4dfac4e06269896e71b671dd
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:13:00 2017 +0100
host: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
Another function is added to gets
the memuse value since it will be shown
through unix-socket.
commit e4a18bb9420d23fd3016c5966884d33b00740f2e
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:11:15 2017 +0100
ippair: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
Another function is added to gets
the memuse value since it will be shown
through unix-socket.
commit 0839d0651433d55f3d18facbc16d3471e28895c8
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:09:17 2017 +0100
defrag: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
Another function is added to gets
the memuse value since it will be shown
through unix-socket.
commit 7addc24566919feea6bc47eef8ae7ee7bdb963ab
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Dec 11 09:42:56 2017 +0100
htp: destroy atomic vars
Atomic vars declared in app-layer-htp-mem.c were not
destroyed when suricata is shutdown.
commit 85ddeb3afa8328989ca0e5179421c277a086da03
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:06:54 2017 +0100
htp: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
commit 6fdad7d9e58bb07f085c262c998d2cc3f741c3a0
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 15:02:32 2017 +0100
flow: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
FlowGetMemuse() function is made as public
because the memuse value will be shown
through unix-socket.
commit 80bf728bfe80eec5b9df5c47b14daba318952fc6
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Mon Nov 20 14:39:22 2017 +0100
stream-tcp: get/set memcap value
This adds new functions that will be called
through unix-socket and permit to update
and show memcap value.
The memcap value needs to be handled in a
thread safe way, so for this reason it is
declared as atomic var.
commit 4a75eaf40590bfd5bf276482abea710b117a55da
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Wed Dec 13 12:26:35 2017 +0100
stream-tcp-reassemble: declare 'size' as uint64_t
According to all checking memcap functions,
the size passed as argument is declared as uint64_t
except for StreamTcpReassembleCheckMemcap where it's
defined as uint32_t.
commit 802bdb26951b15f992508dd0e81084d673a402e3
Author: Pierre Chifflier <chifflier at wzdftpd.net>
Date: Mon Mar 17 18:59:35 2014 +0100
Hash table: free bucker in case of insertion error
This fixes a warning raised by cppcheck.
commit bf166420fa5b7ecb56b82edeee19a1614a5922ae
Author: Pierre Chifflier <chifflier at wzdftpd.net>
Date: Fri Mar 14 18:59:11 2014 +0100
Hash table: check hash array size when inserting element
If the hash function returns an index greater than the array size of the
hash table, the index is not checked. Even if this is the responsibility
of the caller, add a safety check to avoid errors.
commit 3bf098e52f19086c53f5246c474db8fb0bd6dc84
Author: Eric Leblond <eric at regit.org>
Date: Tue Dec 12 12:48:42 2017 +0100
doc: document log reopen unix socket command
commit 3205a8789b418dc601e85bc90b92d0091834fd7c
Author: Eric Leblond <eric at regit.org>
Date: Mon Nov 27 11:23:24 2017 +0100
unix-socket: add logs reopen command
We did had a race condition with running logrotate with multiple
EVE Json files. Consequence was one of the file not being reopen
by suricata that did continue to write to the rotated one.
Trying fix on signal handler did fail so this patch implements
log rotation support by adding a dedicated command to unix socket
to reopen the log files.
-----------------------------------------------------------------------
Summary of changes:
doc/userguide/unix-socket.rst | 4 +
scripts/suricatasc/src/suricatasc.py | 23 +++-
src/app-layer-htp-mem.c | 48 +++++++-
src/app-layer-htp-mem.h | 4 +
src/app-layer-htp.c | 1 +
src/defrag-hash.c | 54 ++++++++-
src/defrag-hash.h | 8 +-
src/flow-manager.c | 8 +-
src/flow-util.h | 2 +-
src/flow.c | 55 +++++++--
src/flow.h | 6 +-
src/host.c | 56 +++++++--
src/host.h | 8 +-
src/ippair.c | 56 +++++++--
src/ippair.h | 8 +-
src/runmode-unix-socket.c | 215 +++++++++++++++++++++++++++++++++++
src/runmode-unix-socket.h | 3 +
src/stream-tcp-reassemble.c | 35 +++++-
src/stream-tcp-reassemble.h | 4 +-
src/stream-tcp.c | 56 +++++++--
src/stream-tcp.h | 6 +-
src/unix-manager.c | 11 ++
src/util-hash.c | 12 ++
23 files changed, 617 insertions(+), 66 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list