suricata: Allow 32MB of RAM for DNS decoding

author Michael Tremer <michael.tremer@ipfire.org>

Thu, 28 Feb 2019 14:28:14 +0000 (14:28 +0000)

committer Stefan Schantl <stefan.schantl@ipfire.org>

Fri, 1 Mar 2019 16:56:29 +0000 (17:56 +0100)
author Michael Tremer <michael.tremer@ipfire.org>
Thu, 28 Feb 2019 14:28:14 +0000 (14:28 +0000)
committer Stefan Schantl <stefan.schantl@ipfire.org>
Fri, 1 Mar 2019 16:56:29 +0000 (17:56 +0100)
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml

index d7b3c94c4f35f9c5c5bbe367588209750d4a6402..6ecd4e1797d890fa49ff2d0beae1414f04fdfdfa 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -194,12 +194,12 @@ app-layer:
      #  enabled: yes
      dns:
        # memcaps. Globally and per flow/state.
-      #global-memcap: 16mb
-      #state-memcap: 512kb
+      global-memcap: 32mb
+      state-memcap: 512kb
  
        # How many unreplied DNS requests are considered a flood.
        # If the limit is reached, app-layer-event:dns.flooded; will match.
-      #request-flood: 500
+      request-flood: 512
  
        tcp:
          enabled: yes
author	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 28 Feb 2019 14:28:14 +0000 (14:28 +0000)
committer	Stefan Schantl <stefan.schantl@ipfire.org>
	Fri, 1 Mar 2019 16:56:29 +0000 (17:56 +0100)