Project

General

Profile

Actions
Copy link

Bug #961

closed

max pending packets variable parsing

Added by Peter Manev over 10 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
4.0.2/4.0.3
Affected Versions:
Effort:
Difficulty:
Label:

Description

During some tests I have noticed that Suricata parses all the yaml variable in a particular way:

If the variable is lexically correct - no problem. If it is not Suricata silently defaults to the default value.

I did some more test with 1.4.5 and latest git on more yaml variable
and the results are generally the same. One such example -


max-pending-packets: 4096o

Notice the wrongly put letter "O" instead of zero "0" at the end. In this cases Suricata silently defaults to the default 1024 packets.
value:
<Info> - preallocated 1024 packets. Total memory 4362240

I believe this is a general issue with most of the variable parsing from suricata.yaml

Thanks

Actions
Copy link
 #1

Updated by Victor Julien over 10 years ago

  • Target version set to TBD
Actions
Copy link
 #2

Updated by Andreas Herz over 7 years ago

  • Assignee set to OISF Dev
Actions
Copy link
 #3

Updated by Victor Julien over 6 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
  • Target version changed from TBD to 4.0.2/4.0.3
Actions
Copy link
 #4

Updated by Victor Julien over 6 years ago

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: Atom PDF