doc/stream: explain absent reassembly.depth means unlimited

Ticket: 8343

doc/userguide/configuration/suricata-yaml.rst

@@ -1387,8 +1387,10 @@ is hit: 'drop-flow', 'drop-packet', 'pass-flow', 'pass-packet',  'bypass',
 'reject', or 'ignore'.
 
 Reassembling a stream is an expensive operation. With the option depth
-you can control how far into a stream reassembly is done. By default
-this is 1MB. This setting can be overridden per stream by the protocol
+you can control how far into a stream reassembly is done. The default
+provided suricata.yaml is set to 1MB, but if the field is absent from the
+configuration, value 0 (meaning "unlimited") is used.
+This setting can be overridden per stream by the protocol
 parsers that do file extraction.
 
 Inspection of reassembled data is done in chunks. The size of these

src/stream-tcp.c

@@ -735,6 +735,7 @@ void StreamTcpInitConfig(bool quiet)
             exit(EXIT_FAILURE);
         }
     } else {
+        SCLogNotice("stream.reassembly.depth set to unlimited by default");
         stream_config.reassembly_depth = 0;
     }
 

suricata.yaml.in

@@ -1662,8 +1662,9 @@ flow-timeouts:
 #     memcap-policy: ignore     # The exception policy value can be "drop-flow",
 #                               # "pass-flow", "bypass", "drop-packet", "pass-packet",
 #                               # "reject" or "ignore" default is "ignore"
-#     depth: 1 MiB               # Can be specified in KiB, MiB, GiB.  Just a number
+#     depth: 1 MiB              # Can be specified in KiB, MiB, GiB.  Just a number
 #                               # indicates it's in bytes.
+#                               # if the field is absent, value 0 (meaning "unlimited") is used
 #     toserver-chunk-size: 2560 # inspect raw stream in chunks of at least
 #                               # this size.  Can be specified in KiB, MiB, GiB.
 #                               # Just a number indicates it's in bytes.