suricata icon indicating copy to clipboard operation
suricata copied to clipboard
verified publisher icon OISF

Synflood protection v0.10

Open regit opened this issue 2 months ago • 1 comments

Draft PR containing the code that will be presented at Suricon 2025

Contribution style:

  • [x] I have read the contributing guide lines at https://docs.suricata.io/en/latest/devguide/contributing/contribution-process.html

Our Contribution agreements:

  • [x] I have signed the Open Information Security Foundation contribution agreement at https://suricata.io/about/contribution-agreement/ (note: this is only required once)

Changes (if applicable):

  • [ ] I have updated the User Guide (in doc/userguide/) to reflect the changes made
  • [x] I have updated the JSON schema (in etc/schema.json) to reflect all logging changes (including schema descriptions)
  • [ ] I have created a ticket at https://redmine.openinfosecfoundation.org/projects/suricata/issues

Link to ticket: https://redmine.openinfosecfoundation.org/issues/

Describe changes:

  • Update simple hash
  • Implement syn flood protection

regit avatar Nov 19 '25 19:11 regit

As discussed in person at Suricon, I think the first step is to do profiling and analysis of the existing code under these conditions. I'd like to understand better where the bottlenecks are.

victorjulien avatar Nov 23 '25 07:11 victorjulien