diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:40:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 17:40:14 +0000 |
| commit | 666c8268e8bdf745f609f7f389e5c67be45f0065 (patch) | |
| tree | 93948ffd948bd0f56bd3b454cef09bd00a01224e /doc/userguide | |
| parent | Adding upstream version 1:7.0.3. (diff) | |
| download | suricata-666c8268e8bdf745f609f7f389e5c67be45f0065.tar.xz suricata-666c8268e8bdf745f609f7f389e5c67be45f0065.zip | |
Adding upstream version 1:7.0.4.upstream/1%7.0.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | doc/userguide/configuration/suricata-yaml.rst | 6 | ||||
| -rw-r--r-- | doc/userguide/rules/payload-keywords.rst | 5 | ||||
| -rw-r--r-- | doc/userguide/suricata.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatactl-filestore.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatactl.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatasc.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/userguide.pdf | bin | 3799337 -> 3799748 bytes |
7 files changed, 13 insertions, 6 deletions
diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst index 6e2e0cd..6eea5e8 100644 --- a/doc/userguide/configuration/suricata-yaml.rst +++ b/doc/userguide/configuration/suricata-yaml.rst @@ -2130,7 +2130,11 @@ size of the cache is covered in the YAML file. To be able to run DPDK on Intel cards, it is required to change the default Intel driver to either `vfio-pci` or `igb_uio` driver. The process is described in `DPDK manual page regarding Linux drivers -<https://doc.dpdk.org/guides/linux_gsg/linux_drivers.html>`_. +<https://doc.dpdk.org/guides/linux_gsg/linux_drivers.html>`_. +The Intel NICs have the amount of RX/TX descriptors capped at 4096. +This should be possible to change by manually compiling the DPDK while +changing the value of respective macros for the desired drivers +(e.g. IXGBE_MAX_RING_DESC/I40E_MAX_RING_DESC). DPDK is natively supported by Mellanox and thus their NICs should work "out of the box". diff --git a/doc/userguide/rules/payload-keywords.rst b/doc/userguide/rules/payload-keywords.rst index 9a609a2..086e11c 100644 --- a/doc/userguide/rules/payload-keywords.rst +++ b/doc/userguide/rules/payload-keywords.rst @@ -282,7 +282,7 @@ precision to the content match, previously this could have been done with ``isda An optional operator can be specified; if no operator is present, the operator will default to '='. When a relational operator is used, e.g., '<', '>' or '<>' (range), -the bsize value will be compared using the relational operator. Ranges are inclusive. +the bsize value will be compared using the relational operator. Ranges are exclusive. If one or more ``content`` keywords precedes ``bsize``, each occurrence of ``content`` will be inspected and an error will be raised if the content length and the bsize @@ -325,6 +325,9 @@ Examples of ``bsize`` in a rule: alert dns any any -> any any (msg:"test bsize rule"; dns.query; content:"middle"; bsize:6<>15; sid:126; rev:1;) +To emphasize how range works: in the example above, a match will occur if +``bsize`` is greater than 6 and less than 15. + dsize ----- diff --git a/doc/userguide/suricata.1 b/doc/userguide/suricata.1 index f8f3efa..9564f6a 100644 --- a/doc/userguide/suricata.1 +++ b/doc/userguide/suricata.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATA" "1" "Feb 08, 2024" "7.0.3" "Suricata" +.TH "SURICATA" "1" "Mar 19, 2024" "7.0.4" "Suricata" .SH NAME suricata \- Suricata .SH SYNOPSIS diff --git a/doc/userguide/suricatactl-filestore.1 b/doc/userguide/suricatactl-filestore.1 index b470a26..40688f8 100644 --- a/doc/userguide/suricatactl-filestore.1 +++ b/doc/userguide/suricatactl-filestore.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATACTL-FILESTORE" "1" "Feb 08, 2024" "7.0.3" "Suricata" +.TH "SURICATACTL-FILESTORE" "1" "Mar 19, 2024" "7.0.4" "Suricata" .SH NAME suricatactl-filestore \- Perform actions on filestore .SH SYNOPSIS diff --git a/doc/userguide/suricatactl.1 b/doc/userguide/suricatactl.1 index 9b24460..90b0801 100644 --- a/doc/userguide/suricatactl.1 +++ b/doc/userguide/suricatactl.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATACTL" "1" "Feb 08, 2024" "7.0.3" "Suricata" +.TH "SURICATACTL" "1" "Mar 19, 2024" "7.0.4" "Suricata" .SH NAME suricatactl \- Suricata Control .SH SYNOPSIS diff --git a/doc/userguide/suricatasc.1 b/doc/userguide/suricatasc.1 index 2b41ae0..40a4bc5 100644 --- a/doc/userguide/suricatasc.1 +++ b/doc/userguide/suricatasc.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATASC" "1" "Feb 08, 2024" "7.0.3" "Suricata" +.TH "SURICATASC" "1" "Mar 19, 2024" "7.0.4" "Suricata" .SH NAME suricatasc \- Tool to interact via unix socket .SH SYNOPSIS diff --git a/doc/userguide/userguide.pdf b/doc/userguide/userguide.pdf Binary files differindex 42af865..2ff1757 100644 --- a/doc/userguide/userguide.pdf +++ b/doc/userguide/userguide.pdf |