aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,277 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5a31b3508d'
${ noResults }
Commit Graph

54 Commits (5a31b3508d6bec7df1a77e0422360c155a3de9f9)

Author SHA1 Message Date
Phil Young 76de981574 napatech: Added comment indicating that hba will be deprecated 
HBA will be deprecated in Suricata 7
 4 years ago
Jeff Lucovsky 06f41f608c doc: Improve grammar, spelling and clarifications 
This commit improves the overall documentation's grammar, spelling, and
adds clarifications  where needed.
 5 years ago
Odin Jenseg 4549505418 doc/userguide: fix outdated xdp info 5 years ago
Jeff Lucovsky b116a56a32 doc: Correct typos 5 years ago
Jeff Lucovsky e14447d594 docs/napatech: Correct typo 5 years ago
Phil Young 3fbcacf9a8 napatech: documentation hardware based bypass support 
Napatech hardware bypass support enables Suricata to utilize
capabilities of Napatech SmartNICs to selectively bypass flow-based
traffic.
 5 years ago
Eric Leblond 82eb669205 doc: information about scaling AF_PACKET IPS mode 5 years ago
Eric Leblond 35bc73e4e2 doc: change eBPF directory path 6 years ago
Eric Leblond cc28d24e9a doc: install eBPF files in share directory 
Following proposal by Sascha Steinbiss, let's use /usr/share/suricata
to store the eBPF files.
 6 years ago
Eric Leblond 3cf49ae868 doc: fix English and some typos 6 years ago
Eric Leblond 4be6701836 doc: pointer to bpfctrl 
As bpfctrl is currently the easiest way to manage pinned maps,
let's point to it. We will switch doc to suricatacl once support
has been added.
 6 years ago
Eric Leblond 8f1a7de791 doc: improve doc on compiling with eBPF support 6 years ago
Eric Leblond f1ab27b7cb doc: improve XDP cpu redirect documentation 6 years ago
Eric Leblond 6d9ac64f7b doc: only balance by ip pair 
As there is some issue with defrag, let's recommend to only do
IP pair load-balacing for RSS
 6 years ago
Eric Leblond a1d3835b86 doc: document filter.bpf changes 
Also adds some info to explain maps.
 6 years ago
Hilko Bengen 36998ab4cd Add documentation for --with-clang parameter 6 years ago
Eric Leblond 1f151dd8a6 doc: address norg comments on eBPF doc 6 years ago
Eloïse Brocas 8692aac97f doc: specify config file in ebpf doc 
This patch updates the ebpf-xdp.rst file to specify which
configuration file has to be modified.
 6 years ago
Eric Leblond eea3c6b610 doc: info for new bypass counters 6 years ago
Eric Leblond e3dccb2400 doc: update bypass stats doc 6 years ago
Eric Leblond 8a11581ac8 doc: update ebpf doc following bypass_filter change 6 years ago
Eric Leblond 253c011c70 doc: update for latest xdp_filter.c change 6 years ago
Eric Leblond 567b5ee1bc af-packet: rename option 'no-percpu-hash' 6 years ago
Eric Leblond ca50f8852e doc: improve ebpf doc 
Add example of bypass rules and explain clang dependency.
 6 years ago
Eric Leblond c11eb78141 doc: document netronome hardware bypass usage 6 years ago
Eric Leblond 82c4f5135b doc: use github mirror to setup libbpf 6 years ago
Eric Leblond 1c4d214cdb doc: typo fixes on ebpf doc 6 years ago
Eric Leblond b7560d7547 doc: document externally managed global switch 
This is currently implemented as an exposed map and it seems
a good way to do it.
 6 years ago
Eric Leblond b1769d5f8f util-ebpf: implement pinned maps loading 
Load flow tables at start if asked to.
 6 years ago
Eric Leblond 19c0a5edf5 doc: white space and typo fix 6 years ago
Eric Leblond 6d41a0ced0 doc: more eBPF and XDP capabilities 6 years ago
Eric Leblond 315c29a8e6 ebpf: change the logic to avoid ktime usage 
Kernel time is not available (and/or costly) on NIC such as
Netronome so we update the logic to detect dead flows based on a
lack of update of packets counters. This way, the XDP filter will
be usable by network card.

This patch also updates the ebpf code to support per CPU and
regular mapping. Netronome is not supporting it and the structure
is using atomic for counter so the cost of simultaneous update
is really low.

This patch also updates the xdp_filter to be able to select if the
flow table is per CPU on shared. Second option will be used for
hardward offload. To deactivate the per cpu hash, you need to set
USE_PERCPU_HASH to 0.

This patch also adds an new option to af-packet named no-percpu-hash
If this option is set to yes then the Flow bypassed manager thread
will use one CPU instead of the number of cores. By doing that
we are able to handle the case where USE_PERCPU_HASH is unset (so
hardware offload for Netronome).

This patch also remove aligment indications in the eBPF filter. This
was not really needed and it seems it is causing problem with
some recent version of LLVM toolchain.
 6 years ago
Andreas Herz 30fd80b0ef doc: convert fancy quotes to straight quotes 6 years ago
Phil Young 6cfc39d7c9 napatech: auto-config documentation update 
Added documentation describing how to configure suricata to automaticly
configure sreams and host buffers without using NTPL.  I.e. from
suricata.yaml.
 6 years ago
Victor Julien 517b45ea2d netmap: switch to nm_* API 
Process multiple packets at nm_dispatch. Use zero copy for workers
recv mode.

Add configure check netmap check for API 11+ and find netmap api version.

Add netmap guide to the userguide.
 6 years ago
Pascal Delalande f2dca46382 doc: fix minor typo 6 years ago
Victor Julien 693a3df031 tls: document encrypt-handling option 
Document in sample yaml and user guide.
 7 years ago
Eric Leblond e2aab10d29 doc: fix typo in ebpf xdp doc 7 years ago
Andreas Herz 2e8678a5ff docs: replace redmine links and enforce https on oisf urls 7 years ago
Eric Leblond 7da805ffd9 doc: improve eBPF and XDP doc 
Remove reference to `buggy` clang as a workaround has been found in
libbpf.

Proof read and add information on the structure of eBPF code.
 7 years ago
Eric Leblond 8030e3f66b doc: update documentation 
This patch adds info on kernel requirement for XDP and rework a few
things.
 7 years ago
Eric Leblond 0e1a4173ff doc: how to get live info about ebpf behavior 7 years ago
Eric Leblond 8c7b5cb088 doc: add info about xdp IPS bypass 7 years ago
Eric Leblond ce8b74b524 doc: document XDP CPU redirect 7 years ago
Eric Leblond 60265e023a doc: update xdp documentation 
Also remove configuration info from yaml as they are now in the
documentation.
 7 years ago
Peter Manev 5ee44c877c doc: add XDP setup documentation 7 years ago
Victor Julien 456af8faa8 doc/napatech: formatting fixes 8 years ago
Phil Young 5f613e6e7d napatech: Added section describing packet counters. 8 years ago
Phil Young f6838f9085 napatech: Added description of hba usage. 8 years ago
psanders240 1223de4208 doc: Napatech docs improvement 
Fix errors and simplify filters.
 8 years ago