Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pcap-log: fix output filenames when reading from pcap files - v2 #8403

Closed
wants to merge 3 commits into from
Closed

pcap-log: fix output filenames when reading from pcap files - v2 #8403

wants to merge 3 commits into from

Conversation

jasonish
Copy link
Member

Remove early opening of output files if running in an offline mode, as
we don't yet know the timestamp to use.

Prevents the first pcap files being opened with a timestamp of 0,
bringing us back to the same behvaviour of pcap logging in 6.0.

Other commits:

  • log-pcap: display mininum limit on error
  • log-pcap: fix typo in multi-mode error message

Issue: https://redmine.openinfosecfoundation.org/issues/5374

Previous PR: #8401

Changes from previous PR:

  • Use existing offline check

suricata-verify-pr: 1066

@jasonish
log-pcap: display mininum limit on error
a5be4a5 
On fatal error due to limit being less than the allowed minimum,
display the minimum value in bytes.
@jasonish
log-pcap: fix typo in multi-mode error message
ab1f0bd
@jasonish
log-pcap: remove early output initializing if offline
bdeb688 
Remove early opening of output files if running in an offline mode, as
we don't yet know the timestamp to use.

Prevents the first pcap files being opened with a timestamp of 0,
bringing us back to the same behvaviour of pcap logging in 6.0.

Issue: 5374
@jasonish jasonish mentioned this pull request Jan 18, 2023
Closed
@suricata-qa
Copy link

WARNING:

field baseline test %
SURI_TLPW1_stats_chk
.tcp.rst 128237 103924 81.04%
.app_layer.error.tls.parser 931 1145 122.99%
SURI_TLPR1_stats_chk
.app_layer.flow.http 3118951 3340795 107.11%
.app_layer.flow.tls 510462 623355 122.12%
.app_layer.flow.ssh 8937 11032 123.44%
.app_layer.flow.telnet 1624 2334 143.72%
.app_layer.error.ftp-data.gap 0 1 -
TREX_GENERIC_stats_chk
.capture.kernel_drops 0 164600 0.03

Pipeline 11710

This was referenced Jan 20, 2023
Closed
Merged
@victorjulien
Copy link
Member

Merged in #8430, thanks!

@jasonish jasonish deleted the issue/5374/v2 branch January 26, 2023 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jasonish @suricata-qa @victorjulien