Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

app-layer: disable by default if not in configuration #6454

Closed
wants to merge 1 commit into from
Closed

app-layer: disable by default if not in configuration #6454

wants to merge 1 commit into from

Conversation

catenacyber
Copy link
Contributor

@catenacyber catenacyber commented Oct 6, 2021
edited

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4739

Describe changes:

  • Truly disables by default some protocols

That means disable them when they are not in the configuration file

suricata-verify-pr: 553
OISF/suricata-verify#553

@catenacyber
app-layer: disable by default if not in configuration
ac665df 
DNP3, ENIP, HTTP2 and Modbus are supposed to be disabled
by default. That means the default configuration does it,
but that also means that, if they are not in suricata.yaml,
the protocol should stay disabled.
@catenacyber catenacyber mentioned this pull request Oct 6, 2021
Closed
@catenacyber
Copy link
Contributor Author

The S-V failure for modbus seems to prove this point

@suricata-qa
Copy link

WARNING:

field test baseline %
tlpr1_stats_chk
.flow.mgr.rows_maxlen 539 364 148.08%

Pipeline 4472

@catenacyber catenacyber mentioned this pull request Oct 7, 2021
Closed
@codecov
Copy link

codecov bot commented Oct 7, 2021
edited

Codecov Report

Merging #6454 (ac665df) into master (fa72a5a) will decrease coverage by 0.03%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #6454      +/-   ##
==========================================
- Coverage   76.98%   76.94%   -0.04%     
==========================================
  Files         613      613              
  Lines      186712   186720       +8     
==========================================
- Hits       143735   143681      -54     
- Misses      42977    43039      +62
Flag Coverage Δ
fuzzcorpus 52.93% <100.00%> (-0.10%) ⬇️
suricata-verify 51.60% <100.00%> (-0.02%) ⬇️
unittests 63.12% <70.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@victorjulien victorjulien mentioned this pull request Oct 9, 2021
Merged
@victorjulien
Copy link
Member

Merged in #6464

@catenacyber catenacyber mentioned this pull request Oct 10, 2021
Merged
thomasjwinter added a commit to thomasjwinter/suricata that referenced this pull request Nov 8, 2023
@thomasjwinter
rule-reload: Release excess memory freed during engine reload
7c0d523 
The hot reload results in large chunks of memory being freed as the
as the old signature tables are discarded. Help the memory management
system along by telling to release as much memory as it can at this
point.

Bug: OISF#6454.
@thomasjwinter thomasjwinter mentioned this pull request Nov 8, 2023
Closed
3 tasks
victorjulien pushed a commit to victorjulien/suricata that referenced this pull request Nov 19, 2023
@thomasjwinter @victorjulien
rule-reload: Release excess memory freed during engine reload
7d40a9f 
The hot reload results in large chunks of memory being freed as the
as the old signature tables are discarded. Help the memory management
system along by telling to release as much memory as it can at this
point.

Bug: OISF#6454.
inashivb pushed a commit to inashivb/suricata that referenced this pull request Nov 22, 2023
@thomasjwinter @inashivb
rule-reload: Release excess memory freed during engine reload
8d34f56 
The hot reload results in large chunks of memory being freed as the
as the old signature tables are discarded. Help the memory management
system along by telling to release as much memory as it can at this
point.

Bug: OISF#6454.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
3 participants
@catenacyber @suricata-qa @victorjulien