[Oisf-users] Suricata Lua API (stack overflow)
Shell_Xu
xuh881026 at gmail.com
Wed Oct 9 02:23:35 UTC 2019
HI:
any help makes sense to me.
Peter Manev <petermanev at gmail.com> 于2019年10月3日周四 下午1:48写道:
> On Fri, Sep 27, 2019 at 7:45 AM Shell_Xu <xuh881026 at gmail.com> wrote:
> >
> > HI, Suricata Team:
> >
> > I tried to use Lua scripts to audit all HTTP traffic, but after the
> script runs for about 30 seconds, the program automatically exits and
> outputs the following message: PANIC: unprotected error in call to Lua API
> (stack overflow).Since I don't want to log all HTTP headers, I didn't
> enable the dump-all-headers option.Lua scripts were used to implement my
> needs.But obviously, I have a problem now, can anyone help me?
> > Is this problem caused by Lua scripts unable to withstand HTTP traffic?
> >
> > Traffic 1.5Gbpps
> > CPU: 1 CPU 36 core
> > Memory: 60G
> > Suricata 5.0.0-rc1
> >
> > My lua script code is in the attachment, please correct me my mistake,
> any help makes sense to me.
> >
>
>
> Hi,
>
> You are running it on live traffic right?
> Is it possible to share your conf and a pcap for that as well?
> (after a short glance)
> What is the purpose of the script - you want to log each http
> transaction substituting true client ip for src wherever available ?
>
> Thank you
>
>
>
> --
> Regards,
> Peter Manev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20191009/0695b6b8/attachment.html>
More information about the Oisf-users
mailing list