From 666c8268e8bdf745f609f7f389e5c67be45f0065 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 19:40:14 +0200
Subject: Adding upstream version 1:7.0.4.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 doc/userguide/configuration/suricata-yaml.rst |   6 +++++-
 doc/userguide/rules/payload-keywords.rst      |   5 ++++-
 doc/userguide/suricata.1                      |   2 +-
 doc/userguide/suricatactl-filestore.1         |   2 +-
 doc/userguide/suricatactl.1                   |   2 +-
 doc/userguide/suricatasc.1                    |   2 +-
 doc/userguide/userguide.pdf                   | Bin 3799337 -> 3799748 bytes
 7 files changed, 13 insertions(+), 6 deletions(-)

(limited to 'doc/userguide')

diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst
index 6e2e0cd..6eea5e8 100644
--- a/doc/userguide/configuration/suricata-yaml.rst
+++ b/doc/userguide/configuration/suricata-yaml.rst
@@ -2130,7 +2130,11 @@ size of the cache is covered in the YAML file.
 To be able to run DPDK on Intel cards, it is required to change the default
 Intel driver to either `vfio-pci` or `igb_uio` driver. The process is
 described in `DPDK manual page regarding Linux drivers
-<https://doc.dpdk.org/guides/linux_gsg/linux_drivers.html>`_.
+<https://doc.dpdk.org/guides/linux_gsg/linux_drivers.html>`_. 
+The Intel NICs have the amount of RX/TX descriptors capped at 4096.
+This should be possible to change by manually compiling the DPDK while
+changing the value of respective macros for the desired drivers
+(e.g. IXGBE_MAX_RING_DESC/I40E_MAX_RING_DESC).
 DPDK is natively supported by Mellanox and thus their NICs should work
 "out of the box".
 
diff --git a/doc/userguide/rules/payload-keywords.rst b/doc/userguide/rules/payload-keywords.rst
index 9a609a2..086e11c 100644
--- a/doc/userguide/rules/payload-keywords.rst
+++ b/doc/userguide/rules/payload-keywords.rst
@@ -282,7 +282,7 @@ precision to the content match, previously this could have been done with ``isda
 
 An optional operator can be specified; if no operator is present, the operator will
 default to '='. When a relational operator is used, e.g., '<', '>' or '<>' (range),
-the bsize value will be compared using the relational operator. Ranges are inclusive.
+the bsize value will be compared using the relational operator. Ranges are exclusive.
 
 If one or more ``content`` keywords precedes ``bsize``, each occurrence of ``content``
 will be inspected and an error will be raised if the content length and the bsize
@@ -325,6 +325,9 @@ Examples of ``bsize`` in a rule:
 
    alert dns any any -> any any (msg:"test bsize rule"; dns.query; content:"middle"; bsize:6<>15; sid:126; rev:1;)
 
+To emphasize how range works: in the example above, a match will occur if
+``bsize`` is greater than 6 and less than 15.
+
 dsize
 -----
 
diff --git a/doc/userguide/suricata.1 b/doc/userguide/suricata.1
index f8f3efa..9564f6a 100644
--- a/doc/userguide/suricata.1
+++ b/doc/userguide/suricata.1
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.TH "SURICATA" "1" "Feb 08, 2024" "7.0.3" "Suricata"
+.TH "SURICATA" "1" "Mar 19, 2024" "7.0.4" "Suricata"
 .SH NAME
 suricata \- Suricata
 .SH SYNOPSIS
diff --git a/doc/userguide/suricatactl-filestore.1 b/doc/userguide/suricatactl-filestore.1
index b470a26..40688f8 100644
--- a/doc/userguide/suricatactl-filestore.1
+++ b/doc/userguide/suricatactl-filestore.1
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.TH "SURICATACTL-FILESTORE" "1" "Feb 08, 2024" "7.0.3" "Suricata"
+.TH "SURICATACTL-FILESTORE" "1" "Mar 19, 2024" "7.0.4" "Suricata"
 .SH NAME
 suricatactl-filestore \- Perform actions on filestore
 .SH SYNOPSIS
diff --git a/doc/userguide/suricatactl.1 b/doc/userguide/suricatactl.1
index 9b24460..90b0801 100644
--- a/doc/userguide/suricatactl.1
+++ b/doc/userguide/suricatactl.1
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.TH "SURICATACTL" "1" "Feb 08, 2024" "7.0.3" "Suricata"
+.TH "SURICATACTL" "1" "Mar 19, 2024" "7.0.4" "Suricata"
 .SH NAME
 suricatactl \- Suricata Control
 .SH SYNOPSIS
diff --git a/doc/userguide/suricatasc.1 b/doc/userguide/suricatasc.1
index 2b41ae0..40a4bc5 100644
--- a/doc/userguide/suricatasc.1
+++ b/doc/userguide/suricatasc.1
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.TH "SURICATASC" "1" "Feb 08, 2024" "7.0.3" "Suricata"
+.TH "SURICATASC" "1" "Mar 19, 2024" "7.0.4" "Suricata"
 .SH NAME
 suricatasc \- Tool to interact via unix socket
 .SH SYNOPSIS
diff --git a/doc/userguide/userguide.pdf b/doc/userguide/userguide.pdf
index 42af865..2ff1757 100644
Binary files a/doc/userguide/userguide.pdf and b/doc/userguide/userguide.pdf differ
-- 
cgit v1.2.3