diff mbox series

[17/20] suricata: Increase memory size for the stream engine

Message ID 20190228142825.5153-18-michael.tremer@ipfire.org
State Accepted
Commit 0b340f0938e5f292f74f5f2e60b3d46d473f2096
Headers
Series Suricata Configuration Updates |

Commit Message

Michael Tremer March 1, 2019, 1:28 a.m. UTC 
  This change also ensures that suricata has a decent number
of streams preallocated to be able to handle any bursts in traffic.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/suricata/suricata.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 9537e9e12..40777f3ad 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -537,7 +537,8 @@  flow-timeouts:
 #                               # is used in a rule.
 #
 stream:
-  memcap: 64mb
+  memcap: 256mb
+  prealloc-sessions: 4k
   checksum-validation: yes      # reject wrong csums
   inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
   reassembly:
@@ -546,10 +547,9 @@  stream:
     toserver-chunk-size: 2560
     toclient-chunk-size: 2560
     randomize-chunk-size: yes
-    #randomize-chunk-range: 10
-    #raw: yes
-    #segment-prealloc: 2048
-    #check-overlap-different-data: true
+    raw: yes
+    segment-prealloc: 2048
+    check-overlap-different-data: true
 
 # Host table:
 #