]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2f432c9) | patch
detect: add configurable limits for datasets
authorPhilippe Antoine <pantoine@oisf.net>
Tue, 18 Mar 2025 09:55:39 +0000 (10:55 +0100)
committerVictor Julien <vjulien@oisf.net>
Tue, 18 Mar 2025 10:50:55 +0000 (11:50 +0100)
commite28c8c655a324a18932655a2c2b8f0d5aa1c55d7
tree46cd349e74b7a74b6d27a3944451dd77051df39atree
parent2f432c99a9734ea3a75c9218f35060e11a7a39adcommit | diff
detect: add configurable limits for datasets

Ticket: 7615

Avoids signatures setting extreme hash sizes, which would lead to very
high memory use.

Default to allowing:
- 65536 per dataset
16777216 total

To override these built-in defaults:

```yaml
datasets:
  # Limits for per rule dataset instances to avoid rules using too many
  # resources.
  limits:
    # Max value for per dataset `hashsize` setting
    #single-hashsize: 65536
    # Max combined hashsize values for all datasets.
    #total-hashsizes: 16777216
```

(cherry picked from commit a7713db709b8a0be5fc5e5809ab58e9b14a16e85)
src/datasets.c diff | blob | blame | history
src/tests/fuzz/confyaml.c diff | blob | blame | history
src/util-thash.c diff | blob | blame | history
suricata.yaml.in diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git