General

Profile

AK Adam Kiripolsky

  • Login: kiripolsky
  • Registered on: 10/16/2024
  • Last sign in: 06/25/2026

Issues

open closed Total
Assigned issues 14 6 20
Reported issues 7 3 10

Projects

Project Roles Registered on
Suricata Developer 10/16/2024
Suricata-Update Developer 10/16/2024

Activity

07/02/2026

AK 02:32 PM Suricata Bug #8710 (Resolved): flow-manager: no flow timeout with flow.hash-size < 10
Due to a rounding calculation in *flow-manager.c*, the variable *rows_per_sec* was set to 0 in the case of flows.hash-size < 10.
This caused Flow Manager to not time out any flows during Suricata runtime.
The fix proposes to ensure the...
Adam Kiripolsky
AK 01:28 PM Suricata Bug #8704 (Resolved): af-packet: eBPF map location error never printed
The flag *g_flowv4_ok* in source-af-packet.c is never set to false, due to how logically structured the adjacent condition is.
The bug caused the error message to never be printed by any thread
Adam Kiripolsky
AK 08:16 AM Suricata Bug #8699 (In Review): af-packet: XDP bypass VLAN byte order
Adam Kiripolsky

07/01/2026

AK 10:44 AM Suricata Bug #8699 (In Review): af-packet: XDP bypass VLAN byte order
The XDP filter *xdp_filter.c* incorrectly bypasses packets when VLAN_TRACKING is enabled.
The VLAN tag is extracted in the wrong byte order, resulting in the bypass being applied to packets with a different real VLAN tag.
This issu...
Adam Kiripolsky

06/12/2026

AK 11:45 PM Suricata Bug #8442: capture-bypass: worker timeout of flows causes statistics inconsistencies
h1. Reproducibility test
I used Suricata in **AF_PACKET** runmode with **EBPF** bypass.
To see the results more clearly, I have created a test branch: https://github.com/adaki4/suricata/tree/reproduce-wrong-worker-bypass-stats-v1
...
Adam Kiripolsky

04/23/2026

AK 08:06 AM Suricata Bug #8473: BypassManager checks registration of BypassedCheckFuncInit instead of BypassedCheckFunc
In my opinion, it is a bug, as the original behavior does not make sense (using the BypassedCheckFuncInit function and checking only after that whether it exists). Adam Kiripolsky

04/14/2026

AK 04:46 PM Suricata Bug #8473 (Resolved): BypassManager checks registration of BypassedCheckFuncInit instead of BypassedCheckFunc
At the initialization stage, BypassManager should check whether any BypassedCheckFunc has been registered.
Instead, BM calls BypassedCheckFuncInit, then checks again whether it has been registered.
I propose checking whether any Byp...
Adam Kiripolsky

03/31/2026

AK 04:26 PM Suricata Bug #8441: capture-bypass: flow statistics of bypassed flows lost during shutdown (8.0.x backport)
While investigating this issue on Suricata versions 8.0.0 and main-8.0.x, I noticed the following capture-bypass flow behavior.
All flows that did not time out before Suricata shut down were injected into the worker's local queues and...
Adam Kiripolsky
AK 03:32 PM Suricata Bug #8442 (In Review): capture-bypass: worker timeout of flows causes statistics inconsistencies
h1. Problem:
When a worker times out a capture-bypassed flow, it does not call the necessary functions to update the flow statistics.
Gathering statistics can be a costly operation, as it depends on the @BypassUpdate@ callback imple...
Adam Kiripolsky
AK 03:17 PM Suricata Bug #8440 (In Review): capture-bypass: flow statistics of bypassed flows lost during shutdown
h1. Problem:
Suricata fails to record statistics for capture-bypassed flows (e.g., eBPF) if the engine shuts down before a flow timeout occurs.
This happens because the @BypassUpdate@ callback, which gathers stats for capture-bypasse...
Adam Kiripolsky

Also available in: Atom