diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/Makefile.in | 1 | ||||
| -rw-r--r-- | doc/userguide/Makefile.am | 1 | ||||
| -rw-r--r-- | doc/userguide/Makefile.in | 2 | ||||
| -rw-r--r-- | doc/userguide/capture-hardware/dpdk.rst | 38 | ||||
| -rw-r--r-- | doc/userguide/conf.py | 6 | ||||
| -rw-r--r-- | doc/userguide/rules/base64-keywords.rst | 2 | ||||
| -rw-r--r-- | doc/userguide/suricata.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatactl-filestore.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatactl.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/suricatasc.1 | 2 | ||||
| -rw-r--r-- | doc/userguide/userguide.pdf | bin | 3799748 -> 3801361 bytes |
11 files changed, 53 insertions, 5 deletions
diff --git a/doc/Makefile.in b/doc/Makefile.in index 0bec752..b44a221 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -320,6 +320,7 @@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ POW_LIB = @POW_LIB@ RANLIB = @RANLIB@ +RELEASE_DATE = @RELEASE_DATE@ RUSTC = @RUSTC@ RUSTUP_HOME_PATH = @RUSTUP_HOME_PATH@ RUST_FEATURES = @RUST_FEATURES@ diff --git a/doc/userguide/Makefile.am b/doc/userguide/Makefile.am index bd15792..8ffede5 100644 --- a/doc/userguide/Makefile.am +++ b/doc/userguide/Makefile.am @@ -74,6 +74,7 @@ userguide.pdf: _build/latex/Suricata.pdf pdf: userguide.pdf _build/man: manpages/suricata.rst manpages/suricatasc.rst manpages/suricatactl.rst manpages/suricatactl-filestore.rst + RELEASE_DATE=$(RELEASE_DATE) \ sysconfdir=$(sysconfdir) \ localstatedir=$(localstatedir) \ version=$(PACKAGE_VERSION) \ diff --git a/doc/userguide/Makefile.in b/doc/userguide/Makefile.in index 2d0a204..2884e25 100644 --- a/doc/userguide/Makefile.in +++ b/doc/userguide/Makefile.in @@ -262,6 +262,7 @@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ POW_LIB = @POW_LIB@ RANLIB = @RANLIB@ +RELEASE_DATE = @RELEASE_DATE@ RUSTC = @RUSTC@ RUSTUP_HOME_PATH = @RUSTUP_HOME_PATH@ RUST_FEATURES = @RUST_FEATURES@ @@ -640,6 +641,7 @@ uninstall-man: uninstall-man1 @SPHINX_BUILD_TRUE@pdf: userguide.pdf @SPHINX_BUILD_TRUE@_build/man: manpages/suricata.rst manpages/suricatasc.rst manpages/suricatactl.rst manpages/suricatactl-filestore.rst +@SPHINX_BUILD_TRUE@ RELEASE_DATE=$(RELEASE_DATE) \ @SPHINX_BUILD_TRUE@ sysconfdir=$(sysconfdir) \ @SPHINX_BUILD_TRUE@ localstatedir=$(localstatedir) \ @SPHINX_BUILD_TRUE@ version=$(PACKAGE_VERSION) \ diff --git a/doc/userguide/capture-hardware/dpdk.rst b/doc/userguide/capture-hardware/dpdk.rst index 1b9ecae..6be7278 100644 --- a/doc/userguide/capture-hardware/dpdk.rst +++ b/doc/userguide/capture-hardware/dpdk.rst @@ -146,3 +146,41 @@ management and worker CPU set. - worker-cpu-set: cpu: [ 2,4,6,8 ] ... + +Interrupt (power-saving) mode +----------------------------- + +The DPDK is traditionally recognized for its polling mode operation. +In this mode, CPU cores are continuously querying for packets from +the Network Interface Card (NIC). While this approach offers benefits like +reduced latency and improved performance, it might not be the most efficient +in scenarios with sporadic or low traffic. +The constant polling can lead to unnecessary CPU consumption. +To address this, DPDK offers an `interrupt` mode. + +The obvious advantage that interrupt mode brings is power efficiency. +So far in our tests, we haven't observed a decrease in performance. Suricata's +performance has actually seen a slight improvement. +The (IPS runmode) users should be aware that interrupts can +introduce non-deterministic latency. However, the latency should never be +higher than in other (e.g. AF_PACKET/AF_XDP/...) capture methods. + +Interrupt mode in DPDK can be configured on a per-interface basis. +This allows for a hybrid setup where some workers operate in polling mode, +while others utilize the interrupt mode. +The configuration for the interrupt mode can be found and modified in the +DPDK section of the suricata.yaml file. + +Below is a sample configuration that demonstrates how to enable the interrupt mode for a specific interface: + +:: + + ... + dpdk: + eal-params: + proc-type: primary + + interfaces: + - interface: 0000:3b:00.0 + interrupt-mode: true + threads: 4 diff --git a/doc/userguide/conf.py b/doc/userguide/conf.py index d043a28..959744e 100644 --- a/doc/userguide/conf.py +++ b/doc/userguide/conf.py @@ -19,6 +19,10 @@ import re import subprocess import datetime +# Set 'today'. This will be used as the man page date. If an empty +# string todays date will be used. +today = os.environ.get('RELEASE_DATE', '') + on_rtd = os.environ.get('READTHEDOCS', None) == 'True' # If extensions (or modules to document with autodoc) are in another directory, @@ -67,7 +71,7 @@ try: version = os.environ.get('version', None) if not version: version = re.search( - "AC_INIT\(\[suricata\],\s*\[(.*)?\]\)", + r"AC_INIT\(\[suricata\],\s*\[(.*)?\]\)", open("../../configure.ac").read()).groups()[0] if not version: version = "unknown" diff --git a/doc/userguide/rules/base64-keywords.rst b/doc/userguide/rules/base64-keywords.rst index 7daf0c2..190fdb5 100644 --- a/doc/userguide/rules/base64-keywords.rst +++ b/doc/userguide/rules/base64-keywords.rst @@ -62,3 +62,5 @@ Example:: alert http any any -> any any (msg:"Example"; content:"somestring"; http_uri; \ base64_decode:bytes 8, offset 1, relative; \ base64_data; content:"test"; sid:10001; rev:1;) + +.. note:: ``fast_pattern`` is ineffective with ``base64_data`` diff --git a/doc/userguide/suricata.1 b/doc/userguide/suricata.1 index 9564f6a..423e397 100644 --- a/doc/userguide/suricata.1 +++ b/doc/userguide/suricata.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATA" "1" "Mar 19, 2024" "7.0.4" "Suricata" +.TH "SURICATA" "1" "2024-04-23" "7.0.5" "Suricata" .SH NAME suricata \- Suricata .SH SYNOPSIS diff --git a/doc/userguide/suricatactl-filestore.1 b/doc/userguide/suricatactl-filestore.1 index 40688f8..4ec5a9f 100644 --- a/doc/userguide/suricatactl-filestore.1 +++ b/doc/userguide/suricatactl-filestore.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATACTL-FILESTORE" "1" "Mar 19, 2024" "7.0.4" "Suricata" +.TH "SURICATACTL-FILESTORE" "1" "2024-04-23" "7.0.5" "Suricata" .SH NAME suricatactl-filestore \- Perform actions on filestore .SH SYNOPSIS diff --git a/doc/userguide/suricatactl.1 b/doc/userguide/suricatactl.1 index 90b0801..a0a1725 100644 --- a/doc/userguide/suricatactl.1 +++ b/doc/userguide/suricatactl.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATACTL" "1" "Mar 19, 2024" "7.0.4" "Suricata" +.TH "SURICATACTL" "1" "2024-04-23" "7.0.5" "Suricata" .SH NAME suricatactl \- Suricata Control .SH SYNOPSIS diff --git a/doc/userguide/suricatasc.1 b/doc/userguide/suricatasc.1 index 40a4bc5..4f54787 100644 --- a/doc/userguide/suricatasc.1 +++ b/doc/userguide/suricatasc.1 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "SURICATASC" "1" "Mar 19, 2024" "7.0.4" "Suricata" +.TH "SURICATASC" "1" "2024-04-23" "7.0.5" "Suricata" .SH NAME suricatasc \- Tool to interact via unix socket .SH SYNOPSIS diff --git a/doc/userguide/userguide.pdf b/doc/userguide/userguide.pdf Binary files differindex 2ff1757..4b38931 100644 --- a/doc/userguide/userguide.pdf +++ b/doc/userguide/userguide.pdf |