Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Victor Julien 7f8795c756 threading: avoid autofp deadlock ... When there are many threads and/or the packet pool (max-pending-packets) is small, a potential dead lock exists between the packet pool return pool logic and the capture threads. The autofp workers together can have all the packets in their return pools, while the capture thread(s) are waiting at an empty pool. A race between the worker threads and the capture thread, where the latter signals the former, is lost by the capture thread. Now everyone is waiting. To avoid this scenario, this patch makes the previously hardcoded 'return pool' threshold dynamic based on the number of threads and the packet pool size. It sets the threshold to the max pending packets value, divided by the number of lister threads. The max value hasn't changed. Normally, in the autofp runmode these are the stream/detect/log worker threads. The max_pending_return_packets value needs to stay below the packet pool size of the 'producers' (normally pkt capture threads but also flow timeout injection) to avoid the deadlock. As it's quite impossible at this time to learn how many threads will be created before starting the runmodes, and thus spawning the threads and already initializing the packet pools, this code sets a global variable after runmode setup, but before the threads are 'unpaused'.		10 years ago
benches	Initial add of the files.	17 years ago
contrib	suri-graphite: add ouput to file option	11 years ago
doc	Fix make distcheck on CentOS 5.11	11 years ago
lua	output-lua: add SCPacketTimeString	11 years ago
m4	Prelude plugin: add detection in configure script	16 years ago
qa	docker: add ASAN to pcaps build	10 years ago
rules	decode: add ERSPANv1 decoder	11 years ago
scripts	app-layer setup scripts: enable new modules on copy	10 years ago
src	threading: avoid autofp deadlock	10 years ago
.gitignore	unittest: make check use a qa/log dir for logging	12 years ago
.travis.yml	travis: add libjansson and hiredis	10 years ago
COPYING	GPL license sync with official gpl-2.0.txt	10 years ago
ChangeLog	Update changelog for 2.1beta4 release	11 years ago
LICENSE	GPL license sync with official gpl-2.0.txt	10 years ago
Makefile.am	Respect DESTDIR in install-conf and install-rules.	11 years ago
Makefile.cvs	Initial add of the files.	17 years ago
acsite.m4	Added C99 defs/macros to acsite.m4 for CentOS	16 years ago
autogen.sh	OpenBSD 5.2 build fixes, Unit test fix.	13 years ago
classification.config	Import of classification.config	16 years ago
config.rpath	Add file needed for some autotools version.	13 years ago
configure.ac	output-json: add redis support	10 years ago
doxygen.cfg	doxygen: add source browser	12 years ago
reference.config	Update reference.config	11 years ago
suricata.yaml.in	util-logopenfile: implement redis pipelining	10 years ago
threshold.config	threshold: improve comments of shipped threshold.config, add links to wiki.	13 years ago