mirror of https://github.com/OISF/suricata
cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51be576a30
This patch modifies max queue length computation logic. The max queue length was set to MAX_PENDING which is the total number of packet processed simultaneously in suricata. This value is correct but this will not permit to take all burst effects into account (read sudden quantity of packet that arrives faster than suricata is enable to parse). Furthermore there is a delaying system when suricata gets overloaded which make necessary to have packet storable into kernel for some time. To improve this situation the patch increases the maximum queue length to NFQ_BURST_FACTOR (4) time the MAX_PENDING packet and it also increase the nfnetlink buffer size to be able to store all packets waiting for suricata in the netlink receive buffer. |
16 years ago | |
|---|---|---|
| benches | 17 years ago | |
| doc | 16 years ago | |
| src | 16 years ago | |
| COPYING | 17 years ago | |
| ChangeLog | 17 years ago | |
| LICENSE | 16 years ago | |
| Makefile.am | 17 years ago | |
| Makefile.cvs | 17 years ago | |
| acsite.m4 | 16 years ago | |
| autojunk.sh | 16 years ago | |
| config.guess | 17 years ago | |
| config.h.in | 16 years ago | |
| config.sub | 17 years ago | |
| configure.in | 16 years ago | |
| depcomp | 17 years ago | |
| doxygen.cfg | 16 years ago | |
| install-sh | 17 years ago | |
| ltmain.sh | 17 years ago | |
| missing | 17 years ago | |
| mkinstalldirs | 17 years ago | |
| suricata.yaml | 16 years ago | |