been added, ``v2-block-size`` which can be used to tune this value
for TPACKET_V2. Due to the increased block size, memory usage has
been increased, but should not be an issue in most cases.
+- Datasets specifying a custom `hashsize` will now be limited to 262144 by default.
+ Additionally, the cumulative hash sizes for all datasets in use should not exceed
+ 67108864. These settings can be changed with the following settings.
+
+ .. code-block:: yaml
+
+ datasets:
+ # Limits for per rule dataset instances to avoid rules using too many
+ # resources.
+ # Note: in Suricata 8 the built-in default will be set to lower values.
+ limits:
+ # Max value for per dataset `hashsize` setting
+ #single-hashsize: 262144
+ # Max combined hashsize values for all datasets.
+ #total-hashsizes: 67108864
Upgrading to 7.0.8
------------------
static Dataset *sets = NULL;
static uint32_t set_ids = 0;
-uint32_t dataset_max_one_hashsize = 65536;
-uint32_t dataset_max_total_hashsize = 16777216;
+/* 4x what we set in master to allow a smoother upgrade path */
+uint32_t dataset_max_one_hashsize = 262144;
+uint32_t dataset_max_total_hashsize = 67108864;
uint32_t dataset_used_hashsize = 0;
static int DatasetAddwRep(Dataset *set, const uint8_t *data, const uint32_t data_len,
# Limits for per rule dataset instances to avoid rules using too many
# resources.
+ # Note: in Suricata 8 the built-in default will be set to lower values.
limits:
# Max value for per dataset `hashsize` setting
- #single-hashsize: 65536
+ #single-hashsize: 262144
# Max combined hashsize values for all datasets.
- #total-hashsizes: 16777216
+ #total-hashsizes: 67108864
rules:
# Set to true to allow absolute filenames and filenames that use
projects / thirdparty / suricata.git / commitdiff
