Project

General

Profile

Actions
Copy link

Bug #961

closed
PM VJ

max pending packets variable parsing

Bug #961: max pending packets variable parsing

Added by Peter Manev over 12 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
4.0.2/4.0.3
Affected Versions:
Effort:
Difficulty:
Label:

Description

During some tests I have noticed that Suricata parses all the yaml variable in a particular way:

If the variable is lexically correct - no problem. If it is not Suricata silently defaults to the default value.

I did some more test with 1.4.5 and latest git on more yaml variable
and the results are generally the same. One such example -


max-pending-packets: 4096o

Notice the wrongly put letter "O" instead of zero "0" at the end. In this cases Suricata silently defaults to the default 1024 packets.
value:
<Info> - preallocated 1024 packets. Total memory 4362240

I believe this is a general issue with most of the variable parsing from suricata.yaml

Thanks

VJ Updated by Victor Julien over 12 years ago Actions
Copy link
 #1

  • Target version set to TBD

AH Updated by Andreas Herz over 9 years ago Actions
Copy link
 #2

  • Assignee set to OISF Dev

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
 #3

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
  • Target version changed from TBD to 4.0.2/4.0.3

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
 #4

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: PDF Atom