suricata: Set detection profile to high

This will merge rules more aggressively so that the engine
is only processing those that can actually match.

Memory is cheap. People with little memory should not run
suricata anyways.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index c2fd4ebc93515db1c9927e5090dce1af73c8932e..86ed44a4047aaa67b4622f4239f4796d34305936 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -745,7 +745,7 @@ decoder:
 # If the argument specified is 0, the engine uses an internally defined
 # default limit.  On not specifying a value, we use no limits on the recursion.
 detect:
-  profile: medium
+  profile: high
   custom-values:
     toclient-groups: 3
     toserver-groups: 25