From f08d01a8e8fa80529d23e97ddab2553540dddda6 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Sun, 31 Jan 2010 22:40:02 +0100 Subject: [PATCH] Set sensible tcp timeout defaults and no longer set the timeouts from the stream engine. --- src/stream-tcp.c | 10 +++++----- suricata.yaml | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/stream-tcp.c b/src/stream-tcp.c index 6c5d57e542..0bebe6a931 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -258,11 +258,11 @@ void StreamTcpInitConfig(char quiet) /* set the default TCP timeout, free function and flow state function * values. */ - FlowSetProtoTimeout(IPPROTO_TCP, STREAMTCP_NEW_TIMEOUT, - STREAMTCP_EST_TIMEOUT, STREAMTCP_CLOSED_TIMEOUT); - FlowSetProtoEmergencyTimeout(IPPROTO_TCP, STREAMTCP_EMERG_NEW_TIMEOUT, - STREAMTCP_EMERG_EST_TIMEOUT, - STREAMTCP_EMERG_CLOSED_TIMEOUT); + //FlowSetProtoTimeout(IPPROTO_TCP, STREAMTCP_NEW_TIMEOUT, + // STREAMTCP_EST_TIMEOUT, STREAMTCP_CLOSED_TIMEOUT); + //FlowSetProtoEmergencyTimeout(IPPROTO_TCP, STREAMTCP_EMERG_NEW_TIMEOUT, + // STREAMTCP_EMERG_EST_TIMEOUT, + // STREAMTCP_EMERG_CLOSED_TIMEOUT); FlowSetProtoFreeFunc(IPPROTO_TCP, StreamTcpSessionClear); FlowSetFlowStateFunc(IPPROTO_TCP, StreamTcpGetFlowState); diff --git a/suricata.yaml b/suricata.yaml index 9180bda5f5..3f9bd0fc86 100644 --- a/suricata.yaml +++ b/suricata.yaml @@ -77,12 +77,12 @@ flow-timeouts: emergency_established: 100 emergency_closed: 0 - tcp: - new: 30 - established: 300 - closed: 0 + new: 60 + established: 3600 + closed: 120 emergency_new: 10 - emergency_established: 100 - emergency_closed: 0 + emergency_established: 300 + emergency_closed: 20 - udp: new: 30 established: 300