General

Profile

Peter Manev

Issues

Projects

  • Suricata (Developer, OISF Team, OISF Manager, 04/06/2011)
  • Suricata-Update (Developer, OISF Team, OISF Manager, 10/31/2017)

Activity

Today

07:56 AM Suricata Bug #3118: asan leaks with 5.0.0-dev (9e126b210 2019-08-07)
I dont see this any more on any runs that i tried. Peter Manev

11/10/2019

04:17 PM Suricata Task #3329: Research: WASM as a Lua alternative and for dynamically loadable modules
btw - this may be a bit off topic - but it would be nice if there are similar profile counters in the rule profiling ... Peter Manev
04:13 PM Suricata Support #2725: stream/packet on wrong thread
Another way of pinpointing locally what is causing the "wrong thread" counters to increase can be enabling only that ... Peter Manev

11/07/2019

09:20 AM Suricata Bug #3237: http_accept not treated as sticky buffer by --engine-analysis
another example - sid:2839153 also has this. Peter Manev

11/05/2019

08:19 AM Suricata Documentation #3313 (New): Document 40Gbps IPS set up
We had some test runs for a 40Gbps IPS/AFPv2 set up that we tested against Trex - needs to be documented for referenc... Peter Manev
07:47 AM Suricata Bug #3124 (Closed): Centos 6 compile err
No, that was fixed a while ago. Closing. Peter Manev

11/03/2019

10:33 AM Suricata Feature #3311 (New): Add better default suricata configuration for different traffic sizes and cpu/system architectures
Related to improving Out of the Box Experience.

Often enough users struggle with coming up with a decent 1Gbps ...
Peter Manev
10:19 AM Suricata Feature #3310 (Feedback): ease suricata configuration with xdp
In cases where XDP is used some configuration changes are made in ebpf/xdp_filter.c - for example flow4/flow6 tables,... Peter Manev
10:12 AM Suricata Bug #3309 (Feedback): xdp: some bypass stats/counters do not update properly
In cases where XDP bypass in HW is involved some stats.log/"event_type":"stats" counter do not update: ... Peter Manev

10/25/2019

03:28 PM Suricata Support #3251: Bypass question
The action order here is for "alert" , so the defaults in yaml should apply. If you want to maximize the bypass you c... Peter Manev

Also available in: Atom