[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.2.1-429-g889a6de
OISF Git
noreply at openinfosecfoundation.org
Tue Jun 6 19:42:16 UTC 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 889a6de926c02c96e2d86f3a0cf9d551c4f13f3a (commit)
via d00b914ddbfefdbb282d36409c3e56d9146df8dc (commit)
via efdbc91687a34ca35ea0bc3960b12ea50009ccdb (commit)
via a3f07ec02e732ec3533c8760cd8b8caa043ff0bc (commit)
via 91d2809bca82f23472a07f55158b8ebff4304c87 (commit)
via 7a17b4acf5029573013336435720d50346bb5243 (commit)
via 85dab65414064776c6d20539146ec8559cd7dc7d (commit)
via 050d8f788b1b9f62f0bc46a245c506e39a42621a (commit)
via ea9b9b50630facc65de81052453d5ae2f0907a8a (commit)
via e933eb849a628ad94cb631d8e86743b32296b946 (commit)
via 775e67459cdcb8723feb2b58feeba7500f212c6b (commit)
via 54718b306ece5418ec441617e114a38b641e863d (commit)
from 098aced714e2648956d19bf91daaf1d0bea3775c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 889a6de926c02c96e2d86f3a0cf9d551c4f13f3a
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jun 6 21:31:23 2017 +0200
rust: add to features
commit d00b914ddbfefdbb282d36409c3e56d9146df8dc
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jun 6 21:29:57 2017 +0200
rust: make clear it's experimental
commit efdbc91687a34ca35ea0bc3960b12ea50009ccdb
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jun 6 19:09:18 2017 +0200
log: fix mem leak in error path (CID1404888)
commit a3f07ec02e732ec3533c8760cd8b8caa043ff0bc
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 5 16:41:47 2017 +0200
doc: document drop-invalid option.
commit 91d2809bca82f23472a07f55158b8ebff4304c87
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 5 13:46:08 2017 +0200
qa: update struct-flags coccinelle test
commit 7a17b4acf5029573013336435720d50346bb5243
Author: Eric Leblond <eric at regit.org>
Date: Fri May 12 20:22:35 2017 +0200
stream-tcp: use flags field to store inline info
commit 85dab65414064776c6d20539146ec8559cd7dc7d
Author: Eric Leblond <eric at regit.org>
Date: Fri May 12 19:53:49 2017 +0200
stream-tcp: use flags field to store bypass info
commit 050d8f788b1b9f62f0bc46a245c506e39a42621a
Author: Eric Leblond <eric at regit.org>
Date: Tue May 9 23:35:03 2017 +0200
af-packet: warn when tpacket_v3 is used in IPS
Update yaml and add an error message.
commit ea9b9b50630facc65de81052453d5ae2f0907a8a
Author: Eric Leblond <eric at regit.org>
Date: Mon Apr 24 15:00:20 2017 +0200
stream-tcp: add option to accept invalid packets
Suricata was inconditionaly dropping packets that are invalid with
respect to the streaming engine. In some corner case like asymetric
trafic capture, this was leading to dropping some legitimate trafic.
The async-oneside option did help but this was not perfect in some
real life case. So this patch introduces an option that allow the
user to tell Suricata not to drop packet that are invalid with
respect to streaming.
commit e933eb849a628ad94cb631d8e86743b32296b946
Author: Eric Leblond <eric at regit.org>
Date: Mon Jun 5 16:06:04 2017 +0200
doc: document filestore update
commit 775e67459cdcb8723feb2b58feeba7500f212c6b
Author: Eric Leblond <eric at regit.org>
Date: Wed May 31 18:14:29 2017 +0200
filestore: avoid open write close sequence
Current file storing approach is using a open file, write data,
close file logic. If this technic is fixing the problem of getting
too much open files in Suricata it is not optimal.
Test on a loop shows that open, write, close on a single file is
two time slower than a single open, loop of write, close.
This patch updates the logic by storing the fd in the File structure.
This is done for a certain number of files. If this amount is exceeded
then the previous logic is used.
This patch also adds two counters. First is the number of
currently open files. The second one is the number of time
the open, write, close sequence has been used due to too much
open files.
In EVE, the entries are:
stats {file_store: {"open_files_max_hit":0,"open_files":5}}
commit 54718b306ece5418ec441617e114a38b641e863d
Author: Eric Leblond <eric at regit.org>
Date: Thu Jun 1 13:21:13 2017 +0200
filestore: add option to disable meta file writing
As the fileinfo entry is containing the file_id it is enough to
have this entry to link the extracted file with metadata.
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 6 +-
doc/userguide/configuration/suricata-yaml.rst | 5 +
doc/userguide/file-extraction/file-extraction.rst | 4 +-
qa/coccinelle/struct-flags.cocci | 40 +++----
src/log-filestore.c | 125 ++++++++++++++++++++--
src/log-filestore.h | 1 +
src/output-filedata.c | 2 +-
src/output-filedata.h | 2 +-
src/runmode-af-packet.c | 6 ++
src/stream-tcp-inline.c | 14 ---
src/stream-tcp-inline.h | 1 -
src/stream-tcp-util.c | 6 +-
src/stream-tcp.c | 69 ++++++++----
src/stream-tcp.h | 9 +-
src/suricata.c | 5 +
src/util-file.c | 3 +-
src/util-file.h | 2 +
src/util-logopenfile.c | 1 +
suricata.yaml.in | 10 +-
19 files changed, 232 insertions(+), 79 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list