[Oisf-users] Battling segfaults on 3.2.1

Peter Manev petermanev at gmail.com
Thu Apr 20 18:09:03 UTC 2017 


> 


> On 20 Apr 2017, at 17:59, Cloherty, Sean E <scloherty at mitre.org> wrote:
> 
> As suggested - I recompiled Suricata with the debug option flag enabled per the instruction online.  The work was completed late Friday, and naturally there has not been a segfault nor a trap since.

:)
Happened  to me quite a few times :))


> 
> I am posting this update in an attempt to tempt fate and cause a segfaults for analysis.  Like a washing your car will induce rain, or a lighting a cigarette will make the bus arrive early, I expect it will be effective.
> 
> 
> -----Original Message-----
> From: Oisf-users [mailto:oisf-users-bounces at lists.openinfosecfoundation.org] On Behalf Of Cloherty, Sean E
> Sent: Thursday, April 13, 2017 15:57 PM
> To: Cooper F. Nelson <cnelson at ucsd.edu>; oisf-users at lists.openinfosecfoundation.org
> Subject: Re: [Oisf-users] Battling segfaults on 3.2.1
> 
> In the app-layer section -
> 
> app-layer:
>  protocols:
>    http:
>      enabled: yes
>      memcap: 4gb
> 
> -----Original Message-----
> From: Cooper F. Nelson [mailto:cnelson at ucsd.edu]
> Sent: Thursday, April 13, 2017 12:20 PM
> To: Cloherty, Sean E <scloherty at mitre.org>; oisf-users at lists.openinfosecfoundation.org
> Subject: Re: [Oisf-users] Battling segfaults on 3.2.1
> 
> What do you mean http memcap?  The request and response body-limit settings?
> 
> -Coop
> 
>> On 4/12/2017 9:18 AM, Cloherty, Sean E wrote:
>> Also, one system had 2gb vs. 4gb for the http memcap in the app layer 
>> protocol config.
> 
> 
> --
> Cooper Nelson
> IT Security - Information Technology Services University of California San Diego
> (858) 534-6487 - cnelson at ucsd.edu
> https://cybersecurity.ucsd.edu
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users

More information about the Oisf-users mailing list