General

Profile

Jeff Weeks

  • Login: jweeks
  • Registered on: 01/29/2021
  • Last sign in: 03/20/2025

Issues

open closed Total
Assigned issues 6 1 7
Reported issues 7 1 8

Activity

03/21/2025

02:45 PM Suricata Bug #7622 (Rejected): AFPacket V3 missing socket ref count decrement
Already fixed in master via https://github.com/OISF/suricata/commit/e3d20acb98141fc8d109302158e898ed388f1b5a Jeff Weeks

03/20/2025

08:21 PM Suricata Bug #7622 (Rejected): AFPacket V3 missing socket ref count decrement
This can be fairly easily reproduced by sending traffic with AFPacket V3 enabled.
I first confirm traffic is being... Jeff Weeks

12/12/2023

07:37 PM Suricata Bug #6623: Suricata BPF filter differs from tcpdump (tcpdump behaviour seems correct)
Victor Julien wrote in #note-1:
> Suricata calls @pcap_compile@ with @optimize=1@ and @mask=0@. Are you seeing the sa... Jeff Weeks
03:59 PM Suricata Bug #6623 (New): Suricata BPF filter differs from tcpdump (tcpdump behaviour seems correct)
Attempting to create a filter that doesn't inspect local/east-west traffic can be done various ways in tcpdump, but t... Jeff Weeks

01/29/2021

08:53 PM Suricata Feature #4285 (New): Add an optional "active flow timeout" for long lived flows
YAF is a flow meter which has a feature whereby every 30minutes a new record is created for a long lived flow.
In or... Jeff Weeks
08:42 PM Suricata Feature #4284 (New): Expose (via the flow record log) whether a flow was picked up midstream
It can be beneficial to know whether a flow record is describing a flow picked up midstream (vs describing a flow whe... Jeff Weeks
08:34 PM Suricata Feature #4283 (New): Configure the proper flow direction if we see the SYN/ACK first
Even if we didn't see the SYN, we can get an accurate from direction if the first packet is a SYN/ACK, because we kno... Jeff Weeks
08:23 PM Suricata Feature #4282 (New): Ensure that the flags used for the initial TCP packets are saved
Suricata saves the TCP flags which it sees inside `struct TcpStream_::tcp_flags` but this contains a union of all fla... Jeff Weeks
07:38 PM Suricata Feature #4281 (New): Add a log indicating when all worker threads are able to process packets
Depending on the configuration used, the time it takes for Suricata to initialize and have worker threads ready to pr... Jeff Weeks
05:25 PM Suricata Feature #4279 (In Review): Optionally allow hashing truncated files, and a maximum length to hash
The hash of a truncated file is still valuable information, as is the hash of the first N bytes of a file.
Both of t... Jeff Weeks

Also available in: Atom