Next/20221027/v10 #8097
Merged
Next/20221027/v10 #8097
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch adds a dataset-dump command to the list of unix socket commands. Implementation is not optimal as we are locking the datasets when doing the dump. But if we consider that the current alternative from an implementation point of view is to stop Suricata then this is far better than current state. Ticket: OISF#5184
This patch introduce the IPv4 type for dataset so Suricata commandmatch on a set of IPv4 addresses. This is meant to complement iprep feature for people that needs more flexibility such as settings the IP on the packet path. Feature: OISF#5383
It is a sticky buffer matching on src_ip. Feature: OISF#5383
This patch also simplifies IPv6 parsing. Feature: OISF#5383
Each module (thread) updates its status to indicate running. Main thread awaits for all threads to be in a running state before continuing the initialisation process Implements feature 5384 (https://redmine.openinfosecfoundation.org/issues/5384)
Upon all threads reaching a running state the system generates a notification for systems running and configured for systemd Implements feature 5384 (https://redmine.openinfosecfoundation.org/issues/5384)
Intergration of systemd is a feature that enables notification of a running service to the service manager. The workflow now ensures compilation with systemd and checks the binary has been built against libsystemd.
This is to avoid the tx logging code that doesn't support LoggerId values over 31 at this time. The simplest fix for now is to just have all JSON (eve) loggers use the same ID. DNP3 is left as-is for now as it needs some extra support in the parser.
Sort the LoggerId's in the order they are define in suricata-common.h.
with setrlimit NPROC. So that, if Suricata wants to execve or such to create a new process the OS will forbid it so that RCE exploits are more painful to write. Ticket: OISF#5373
Add a new DNS record type to represent HTTPS Ticket: OISF#4751
To avoid double counting in case a thread took longer than expected to start up.
victorjulien
requested review from
jasonish,
inashivb and
jufajardini
as code owners
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #8097 +/- ##
==========================================
- Coverage 81.72% 81.51% -0.22%
==========================================
Files 954 958 +4
Lines 275710 276148 +438
==========================================
- Hits 225334 225089 -245
- Misses 50376 51059 +683
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
WARNING:
Pipeline 10277 |
This was referenced Oct 27, 2022
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Staging: