Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

signatures: Move ISO 9660 signature to policy

Browse source 
The previous "fix" caused significant performance degradation without
the signature ever having a chance to trigger. Moving it to policy
seems the best compromise, the alternative being outright removing it.
This commit is contained in:
Arne Welzel 2024-02-26 13:32:27 +01:00
parent f96600391a
commit 1a5ce65e3d
6 changed files with 28 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

7
NEWS
View file

@ -26,6 +26,13 @@ Changed Functionality
would reproduce the same fuid, even if the command itself did not result in
a file transfer over a data connection (e.g., CWD, DEL, PASV, SIZE).
- The ISO 9660 file signature has been moved into the policy directory. The
signature has previously been non-functional due to implicit anchoring. Further,
this signature requires users to significantly increase their
``default_file_bof_buffer_size``. Users can now enable this signature by loading
``frameworks/signatures/iso-9660`` which also increases the BOF buffer sufficiently.
Note, doing so may increase memory and CPU usage significantly.
Removed Functionality
---------------------