Actions
Optimization #4207
closed
PA
JF
Bug #4941: alerts: 5.0.8/6.0.4 count noalert sigs towards built-in alert limit
Use configurable or more dynamic @ PACKET_ALERT_MAX@
Optimization #4207:
Use configurable or more dynamic @ PACKET_ALERT_MAX@
Effort:
Difficulty:
Label:
Description
Currently, PACKET_ALERT_MAX is hardcoded to 15
This turned out to be a problem writing S-V test, with many signatures (different variations of a feature) matching on the same packet
That was HTTP keywords on HTTP2 traffic, where I had one packet containing 3 requests
It would be nice to have this value be configurable from suricata.yaml
VJ Updated by Victor Julien over 5 years ago
- Assignee set to OISF Dev
- Target version changed from TBD to 7.0.0-beta1
VJ Updated by Victor Julien almost 5 years ago
- Assignee changed from OISF Dev to Juliana Fajardini Reichow
JF Updated by Juliana Fajardini Reichow almost 5 years ago
- Status changed from New to In Progress
VJ Updated by Victor Julien about 4 years ago
- Priority changed from Normal to High
- Parent task set to #4941
JF Updated by Juliana Fajardini Reichow about 4 years ago
- Status changed from In Progress to In Review
PR for review: https://github.com/OISF/suricata/pull/6895
JL Updated by Jeff Lucovsky about 4 years ago
- Copied to Optimization #5121: Use configurable or more dynamic @ PACKET_ALERT_MAX@ (5.0.x backport) added
JL Updated by Jeff Lucovsky about 4 years ago
- Copied to Optimization #5125: Use configurable or more dynamic @ PACKET_ALERT_MAX@ (6.0.x backport) added
JF Updated by Juliana Fajardini Reichow almost 4 years ago
Merged PR: https://github.com/OISF/suricata/pull/7347#
JF Updated by Juliana Fajardini Reichow over 3 years ago
- Status changed from In Review to Closed
Actions