At the initialization stage, BypassManager should check whether any BypassedCheckFunc has been registered. Instead, BM calls BypassedCheckFuncInit, then checks again whether it has been registered. I propose checking whether any Byp...Adam Kiripolsky
While investigating this issue on Suricata versions 8.0.0 and main-8.0.x, I noticed the following capture-bypass flow behavior. All flows that did not time out before Suricata shut down were injected into the worker's local queues and...Adam Kiripolsky
h1. Problem: When a worker times out a capture-bypassed flow, it does not call the necessary functions to update the flow statistics. Gathering statistics can be a costly operation, as it depends on the @BypassUpdate@ callback imple...Adam Kiripolsky
h1. Problem: Suricata fails to record statistics for capture-bypassed flows (e.g., eBPF) if the engine shuts down before a flow timeout occurs. This happens because the @BypassUpdate@ callback, which gathers stats for capture-bypasse...Adam Kiripolsky
There is an unnecessary loop in src/runmode-dpdk.c in ParseDpdkConfigAndConfigureDevice(), where pkt_mempools are assigned to ldev.dpdk_vars. When running Suricata with multiple threads (loop runs multiple times), this caused ldev.dpdk_...Adam Kiripolsky
Add capture bypass for dpdk runmode. The offloaded traffic will be handled by rte_flow rules. The feature aims to utilize the potential of modern SmartNICs, mainly Mellanox (ConnectX-5/6/7) NICsAdam Kiripolsky
Suricata in DPDK run mode can configure the DPDK Environment Abstraction Layer (EAL) using the dpdk.eal-params option defined in suricata.yaml. The commit "4dfd44d":https://github.com/OISF/suricata/pull/13383/commits/4dfd44d350717476f435...Adam Kiripolsky
ippair.memcap counter had registered wrong counter function (IPPairGetMemuse) instead of IPPairGetMemcap. This way ippair.memuse and ippair.memcap showed the same number.Adam Kiripolsky