[Oisf-users] Suricata 4.0.0 - bypass/performance issue
Victor Julien
lists at inliniac.net
Thu Jul 20 08:32:49 UTC 2017
On 20-07-17 10:26, Victor Julien wrote:
> On 19-07-17 17:27, Martin Petracek wrote:
>> Oh, I should also mention that I'm using suricata without any rules,
>> just to perform deep-packet-inspection and get HTTP/TLS/DNS information.
>> I'm getting these information still, even with this patch. I think the
>> information drop could be important with some rules.
>
> Are you using --disable-detection?
>
> If so, could you test the vanilla source with -S /dev/null instead? I
> think there may be a dependency on the detection engine.
>
Also separately could you add this commandline option and see if it has
any effect?
--set stream.reassembly.raw=false
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170720/791525d7/attachment-0002.sig>
More information about the Oisf-users
mailing list