Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Packet alerts/v4 #6929

Closed
wants to merge 4 commits into from
Closed

Packet alerts/v4 #6929

wants to merge 4 commits into from

Conversation

jufajardini
Copy link
Contributor

@jufajardini jufajardini commented Feb 4, 2022
edited
Loading

#6896 incorporating changes as per @catenacyber's review

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4207

Describe changes:

  • remove unnecessary Debug statement
  • remove redundant initialization of packet_alert_max (I think we don't need to check if run mode is unittests, now)
  • add BUG_ON if packet_alert_max is configured as 0 or if allocation returns NULL

suricata-verify-pr: 694

jufajardini and others added 4 commits February 4, 2022 10:26
@jufajardini
unittests: alloc Packet with PacketGetFromAlloc
b1f1d47 
Some unittests used SCMalloc for allocating new Packet the unittests.
While this is valid, it leads to segmentation faults when we move to
dynamic allocation of the maximum alerts allowed to be triggered by a
single packet.

This massive patch uses PacketGetFromAlloc, which initializes a Packet
in such a way that any dynamic allocated structures within will also be
initialized.

Related to
Task OISF#4207
@jufajardini
decode: make packet_alert_max configurable
4dff577 
The maximum of possible alerts triggered by a unique packet was
hardcoded to 15. With usage of 'noalert' rules, that limit could be
reached somewhat easily. Make that configurable via suricata.yaml.

Conf Bug#4941

Task#4207
@jufajardini
detect-engine-alert: fix tipo
2ad2f18 
Plus small clang formatting change.
@victorjulien @jufajardini
detect/alert: optimize alert queue processing
7d88b21
@jufajardini jufajardini requested a review from a team as a code owner February 4, 2022 17:48
@jufajardini jufajardini mentioned this pull request Feb 4, 2022
Closed
@jufajardini
Copy link
Contributor Author

Has silly issue x_x submitting a fix in a few.

@jufajardini jufajardini mentioned this pull request Feb 4, 2022
Closed
@jufajardini
Copy link
Contributor Author

CI failures fixed with #6931

@jufajardini jufajardini closed this Feb 4, 2022
@jufajardini jufajardini deleted the packet-alerts/v4 branch May 2, 2022 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jufajardini @victorjulien