From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 28 Feb 2019 14:28:14 +0000 (+0000)
Subject: suricata: Allow 32MB of RAM for DNS decoding
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cf976e93c419d2c268979397ec87e05a2b8b7636;p=people%2Fstevee%2Fipfire-2.x.git

suricata: Allow 32MB of RAM for DNS decoding

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index d7b3c94c4f..6ecd4e1797 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -194,12 +194,12 @@ app-layer:
     #  enabled: yes
     dns:
       # memcaps. Globally and per flow/state.
-      #global-memcap: 16mb
-      #state-memcap: 512kb
+      global-memcap: 32mb
+      state-memcap: 512kb
 
       # How many unreplied DNS requests are considered a flood.
       # If the limit is reached, app-layer-event:dns.flooded; will match.
-      #request-flood: 500
+      request-flood: 512
 
       tcp:
         enabled: yes