Warnint util 4516 v8.1 #7120
Closed
Warnint util 4516 v8.1 #7120
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Ticket: 4516
Ticket: 4516
Ticket: 4516
Closed
Codecov Report
@@ Coverage Diff @@
## master #7120 +/- ##
==========================================
- Coverage 78.06% 78.06% -0.01%
==========================================
Files 628 628
Lines 185266 185236 -30
==========================================
- Hits 144635 144602 -33
- Misses 40631 40634 +3
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
Information: QA ran without warnings. Pipeline 6529 |
victorjulien
reviewed
Apr 4, 2022
| @@ -580,8 +580,7 @@ void FlowInitConfig(bool quiet) | |||
| FatalError(SC_ERR_FATAL, "Invalid value for flow.hash-size: NULL"); | |||
| } | |||
|
|
|||
| if (StringParseUint32(&configval, 10, strlen(conf_val), | |||
| conf_val) > 0) { | |||
| if (StringParseUint32(&configval, 10, (uint16_t)strlen(conf_val), conf_val) > 0) { | |||
There was a problem hiding this comment.
while I'm generally not a fan of size_t, I wonder if we should use it here as we'd most of the time pass the result of strlen()?
|
Replaced by #7219 |
Closed
victorjulien
added a commit
to victorjulien/suricata
that referenced
this pull request
Jun 24, 2024
Implement new `type backoff` for thresholding. This allows alerts to be limited. A count of 1 with a multiplier of 10 would generate alerts for matching packets: 1, 10, 100, 1000, 10000, 100000, etc. A count of 1 with a multiplier of 2would generate alerts for matching packets: 1, 2, 4, 8, 16, 32, etc. Like with other thresholds, rule actions like drop and setting of flowbits will still be performed for each matching packet. Current implementation is only for the by_flow tracker and for per rule threshold statements. Ticket: OISF#7120.
victorjulien
added a commit
to victorjulien/suricata
that referenced
this pull request
Jun 28, 2024
Implement new `type backoff` for thresholding. This allows alerts to be limited. A count of 1 with a multiplier of 10 would generate alerts for matching packets: 1, 10, 100, 1000, 10000, 100000, etc. A count of 1 with a multiplier of 2 would generate alerts for matching packets: 1, 2, 4, 8, 16, 32, etc. Like with other thresholds, rule actions like drop and setting of flowbits will still be performed for each matching packet. Current implementation is only for the by_flow tracker and for per rule threshold statements. Tracking is done using uint32_t. When it reaches this value, the rest of the packets in the tracker will use the silent match. Ticket: OISF#7120.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4516
Describe changes:
-Wimplicit-int-conversionfor output, flow, and app-layer filesPart of #7006 as #7107 was
Changed from #7006 to keep using
FlowStatein function prototype and using an explicit cast afterwards to get rid of warning about implicit integer conversion