Skip to content

Commit

Permalink
yaml: explicitly mention exception policy in conf
Browse files Browse the repository at this point in the history 
While our documentation indicated what were the possible configuration
settings for exception policies, our yaml only explicitly mentioned
exception policy for the master switch. Clearly indicate which config
settings are about exception policies.

Related to
Task OISF#5816
  • Loading branch information
@jufajardini @victorjulien
jufajardini authored and victorjulien committed Apr 11, 2024
1 parent 514e8b8 commit 8defee9
Showing 1 changed file with 16 additions and 16 deletions.
32 changes: 16 additions & 16 deletions suricata.yaml.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -854,9 +854,9 @@ pcap-file:

# Configure the app-layer parsers.
#
# The error-policy setting applies to all app-layer parsers. Values can be
# "drop-flow", "pass-flow", "bypass", "drop-packet", "pass-packet", "reject" or
# "ignore" (the default).
# The exception policy error-policy setting applies to all app-layer parsers.
# Values can be "drop-flow", "pass-flow", "bypass", "drop-packet", "pass-packet",
# "reject" or "ignore" (the default).
#
# The protocol's section details each protocol.
#
Expand Down Expand Up @@ -1380,8 +1380,8 @@ host-os-policy:

# Defrag settings:

# The memcap-policy value can be "drop-packet", "pass-packet", "reject" or
# "ignore" (which is the default).
# The exception policy memcap-policy value can be "drop-packet", "pass-packet",
# "reject" or "ignore" (which is the default).
defrag:
memcap: 32mb
# memcap-policy: ignore
Expand Down Expand Up @@ -1424,8 +1424,8 @@ defrag:
# last time seen flows.
# The memcap can be specified in kb, mb, gb. Just a number indicates it's
# in bytes.
# The memcap-policy can be "drop-packet", "pass-packet", "reject" or "ignore"
# (which is the default).
# The exception policy memcap-policy can be "drop-packet", "pass-packet",
# "reject" or "ignore" (which is the default).

flow:
memcap: 128mb
Expand Down Expand Up @@ -1508,9 +1508,9 @@ flow-timeouts:
# stream:
# memcap: 64mb # Can be specified in kb, mb, gb. Just a
# # number indicates it's in bytes.
# memcap-policy: ignore # Can be "drop-flow", "pass-flow", "bypass",
# # "drop-packet", "pass-packet", "reject" or
# # "ignore" default is "ignore"
# memcap-policy: ignore # The exception policy value can be "drop-flow",
# # "pass-flow", "bypass", "drop-packet",
# # "pass-packet", "reject" or "ignore" default is "ignore"
# checksum-validation: yes # To validate the checksum of received
# # packet. If csum validation is specified as
# # "yes", then packets with invalid csum values will not
Expand All @@ -1522,9 +1522,9 @@ flow-timeouts:
# # option
# prealloc-sessions: 2048 # 2k sessions prealloc'd per stream thread
# midstream: false # don't allow midstream session pickups
# midstream-policy: ignore # Can be "drop-flow", "pass-flow", "bypass",
# # "drop-packet", "pass-packet", "reject" or
# # "ignore" default is "ignore"
# midstream-policy: ignore # The exception policy value can be "drop-flow",
# # "pass-flow", "bypass", "drop-packet",
# # "pass-packet", "reject" or "ignore" default is "ignore"
# async-oneside: false # don't enable async stream handling
# inline: no # stream inline mode
# drop-invalid: yes # in inline mode, drop packets that are invalid with regards to streaming engine
Expand All @@ -1539,9 +1539,9 @@ flow-timeouts:
# reassembly:
# memcap: 256mb # Can be specified in kb, mb, gb. Just a number
# # indicates it's in bytes.
# memcap-policy: ignore # Can be "drop-flow", "pass-flow", "bypass",
# # "drop-packet", "pass-packet", "reject" or
# # "ignore" default is "ignore"
# memcap-policy: ignore # The exception policy value can be "drop-flow",
# # "pass-flow", "bypass", "drop-packet", "pass-packet",
# # "reject" or "ignore" default is "ignore"
# depth: 1mb # Can be specified in kb, mb, gb. Just a number
# # indicates it's in bytes.
# toserver-chunk-size: 2560 # inspect raw stream in chunks of at least
Expand Down

0 comments on commit 8defee9

Please sign in to comment.