-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Packet alerts/v6 #6943
Packet alerts/v6 #6943
Conversation
Some unittests used SCMalloc for allocating new Packet the unittests. While this is valid, it leads to segmentation faults when we move to dynamic allocation of the maximum alerts allowed to be triggered by a single packet. This massive patch uses PacketGetFromAlloc, which initializes a Packet in such a way that any dynamic allocated structures within will also be initialized. Related to Task OISF#4207
The maximum of possible alerts triggered by a unique packet was hardcoded to 15. With usage of 'noalert' rules, that limit could be reached somewhat easily. Make that configurable via suricata.yaml. Conf Bug#4941 Task OISF#4207
Plus small clang formatting change.
Codecov Report
@@ Coverage Diff @@
## master #6943 +/- ##
==========================================
- Coverage 77.74% 77.73% -0.02%
==========================================
Files 628 628
Lines 185648 185547 -101
==========================================
- Hits 144332 144234 -98
+ Misses 41316 41313 -3
Flags with carried forward coverage won't be shown. Click here to find out more. |
Information: QA ran without warnings. Pipeline 6144 |
I think this looks good, but we still need to look at the feedback on my patch that Philippe pointed out in #6896 |
Okey dokey, should I try to address those as well? |
replaced by #6999 |
This is just another variant of DLT_RAW. Ticket: OISF#6943.
This is just another variant of DLT_RAW. Ticket: OISF#6943.
This is just another variant of DLT_RAW. Ticket: OISF#6943.
Previous PR: #6931
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4207
Describe changes:
BUG_ON
check with config value checks and warning, falling back to defaultssuricata-verify-pr: 694