[Oisf-users] Battling segfaults on 3.2.1
Cloherty, Sean E
scloherty at mitre.org
Thu Apr 20 15:59:48 UTC 2017
As suggested - I recompiled Suricata with the debug option flag enabled per the instruction online. The work was completed late Friday, and naturally there has not been a segfault nor a trap since.
I am posting this update in an attempt to tempt fate and cause a segfaults for analysis. Like a washing your car will induce rain, or a lighting a cigarette will make the bus arrive early, I expect it will be effective.
-----Original Message-----
From: Oisf-users [mailto:oisf-users-bounces at lists.openinfosecfoundation.org] On Behalf Of Cloherty, Sean E
Sent: Thursday, April 13, 2017 15:57 PM
To: Cooper F. Nelson <cnelson at ucsd.edu>; oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] Battling segfaults on 3.2.1
In the app-layer section -
app-layer:
protocols:
http:
enabled: yes
memcap: 4gb
-----Original Message-----
From: Cooper F. Nelson [mailto:cnelson at ucsd.edu]
Sent: Thursday, April 13, 2017 12:20 PM
To: Cloherty, Sean E <scloherty at mitre.org>; oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] Battling segfaults on 3.2.1
What do you mean http memcap? The request and response body-limit settings?
-Coop
On 4/12/2017 9:18 AM, Cloherty, Sean E wrote:
> Also, one system had 2gb vs. 4gb for the http memcap in the app layer
> protocol config.
--
Cooper Nelson
IT Security - Information Technology Services University of California San Diego
(858) 534-6487 - cnelson at ucsd.edu
https://cybersecurity.ucsd.edu
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list