Update yaml size params to use kb, mb, gb to indicate size, in place of raw bytes

remotes/origin/master-1.2.x
Anoop Saldanha 14 years ago committed by Victor Julien
parent e0c13434ef
commit 52b37fef3e

@ -56,8 +56,9 @@ outputs:
enabled: yes
filename: unified2.alert
# Limit in MB.
#limit: 32
# File size limit. Can be specified in kb, mb, gb. Just a number
# is parsed as bytes.
#limit: 32mb
# a line based log of HTTP requests (no alerts)
- http-log:
@ -90,7 +91,8 @@ outputs:
enabled: no
filename: log.pcap
# Limit in MB.
# File size limit. Can be specified in kb, mb, gb. Just a number
# is parsed as bytes.
limit: 1000
# If set to a value will enable ring buffer mode. Will keep Maximum of "max_files" of size "limit"
@ -325,6 +327,7 @@ cuda:
packet_buffer_limit: 2400
# The maximum length for a packet that we would buffer to the gpu.
# Anything over this is MPM'ed on the CPU. All entries > 0 are valid.
# Can be specified in kb, mb, gb. Just a number indicates it's in bytes.
packet_size_limit: 1500
# No of packet buffers we initialize. All entries > 0 are valid.
packet_buffers: 10
@ -417,9 +420,11 @@ pattern-matcher:
# the emergency bit and it will try again with more agressive timeouts.
# If that doesn't work, then it will try to kill the last time seen flows
# not in use.
# The memcap can be specified in kb, mb, gb. Just a number indicates it's
# in bytes.
flow:
memcap: 33554432
memcap: 32mb
hash_size: 65536
prealloc: 10000
emergency_recovery: 30
@ -472,7 +477,8 @@ flow-timeouts:
# engine is configured.
#
# stream:
# memcap: 33554432 # 32mb tcp session memcap
# memcap: 32mb # Can be specified in kb, mb, gb. Just a
# # number indicates it's in bytes.
# checksum_validation: yes # To validate the checksum of received
# # packet. If csum validation is specified as
# # "yes", then packet with invalid csum will not
@ -487,19 +493,24 @@ flow-timeouts:
# inline: no # stream inline mode
#
# reassembly:
# memcap: 67108864 # 64mb tcp reassembly memcap
# depth: 1048576 # 1 MB reassembly depth
# memcap: 64mb # Can be specified in kb, mb, gb. Just a number
# # indicates it's in bytes.
# depth: 1mb # Can be specified in kb, mb, gb. Just a number
# # indicates it's in bytes.
# toserver_chunk_size: 2560 # inspect raw stream in chunks of at least
# # this size
# # this size. Can be specified in kb, mb,
# # gb. Just a number indicates it's in bytes.
# toclient_chunk_size: 2560 # inspect raw stream in chunks of at least
# # this size
# # this size. Can be specified in kb, mb,
# # gb. Just a number indicates it's in bytes.
stream:
memcap: 33554432 # 32mb
memcap: 32mb
checksum_validation: yes # reject wrong csums
inline: no # no inline mode
reassembly:
memcap: 67108864 # 64mb for reassembly
depth: 1048576 # reassemble 1mb into a stream
memcap: 64mb
depth: 1mb # reassemble 1mb into a stream
toserver_chunk_size: 2560
toclient_chunk_size: 2560
@ -547,15 +558,15 @@ pfring:
# Number of receive threads (>1 will enable experimental flow pinned
# runmode)
threads: 1
# Default interface we will listen on.
interface: eth0
# Default clusterid. PF_RING will load balance packets based on flow.
# All threads/processes that will participate need to have the same
# clusterid.
cluster-id: 99
# Default PF_RING cluster type. PF_RING can load balance per flow or per hash.
# This is only supported in versions of PF_RING > 4.1.1.
cluster-type: cluster_round_robin
@ -768,7 +779,9 @@ libhtp:
default-config:
personality: IDS
request-body-limit: 3072
# Can be specified in kb, mb, gb. Just a number indicates
# it's in bytes.
request_body_limit: 3072
response-body-limit: 3072
server-config:
@ -776,7 +789,9 @@ libhtp:
- apache:
address: [192.168.1.0/24, 127.0.0.0/8, "::1"]
personality: Apache_2_2
request-body-limit: 4096
# Can be specified in kb, mb, gb. Just a number indicates
# it's in bytes.
request_body_limit: 4096
response-body-limit: 4096
- iis7:
@ -784,7 +799,9 @@ libhtp:
- 192.168.0.0/24
- 192.168.10.0/24
personality: IIS_7_0
request-body-limit: 4096
# Can be specified in kb, mb, gb. Just a number indicates
# it's in bytes.
request_body_limit: 4096
response-body-limit: 4096
# Profiling settings. Only effective if Suricata has been built with the

Loading…
Cancel
Save