|
|
|
|
@ -329,25 +329,28 @@ flow-timeouts:
|
|
|
|
|
# stream:
|
|
|
|
|
# memcap: 33554432 # 32mb tcp session memcap
|
|
|
|
|
# checksum_validation: yes # To validate the checksum of received
|
|
|
|
|
# packet. If csum validation is specified as
|
|
|
|
|
# "yes", then packet with invalid csum will not
|
|
|
|
|
# be processed by the engine stream/app layer.
|
|
|
|
|
# Warning: locally generated trafic can be
|
|
|
|
|
# generated without checksum due to hardware offload
|
|
|
|
|
# of checksum
|
|
|
|
|
# # packet. If csum validation is specified as
|
|
|
|
|
# # "yes", then packet with invalid csum will not
|
|
|
|
|
# # be processed by the engine stream/app layer.
|
|
|
|
|
# # Warning: locally generated trafic can be
|
|
|
|
|
# # generated without checksum due to hardware offload
|
|
|
|
|
# # of checksum
|
|
|
|
|
# max_sessions: 262144 # 256k concurrent sessions
|
|
|
|
|
# prealloc_sessions: 32768 # 32k sessions prealloc'd
|
|
|
|
|
# midstream: false # don't allow midstream session pickups
|
|
|
|
|
# async_oneside: false # don't enable async stream handling
|
|
|
|
|
# inline: no # stream inline mode
|
|
|
|
|
#
|
|
|
|
|
# reassembly:
|
|
|
|
|
# memcap: 67108864 # 64mb tcp reassembly memcap
|
|
|
|
|
# depth: 1048576 # 1 MB reassembly depth
|
|
|
|
|
stream:
|
|
|
|
|
memcap: 33554432
|
|
|
|
|
checksum_validation: yes
|
|
|
|
|
memcap: 33554432 # 32mb
|
|
|
|
|
checksum_validation: yes # reject wrong csums
|
|
|
|
|
inline: no # no inline mode
|
|
|
|
|
reassembly:
|
|
|
|
|
memcap: 67108864
|
|
|
|
|
depth: 1048576
|
|
|
|
|
memcap: 67108864 # 64mb for reassembly
|
|
|
|
|
depth: 1048576 # reassemble 1mb into a stream
|
|
|
|
|
|
|
|
|
|
# Logging configuration. This is not about logging IDS alerts, but
|
|
|
|
|
# IDS output about what its doing, errors, etc.
|
|
|
|
|
|
Victor Julien
15 years ago