CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-23 05:03:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

remove restriction of mmap locked on suricata ulimits

Browse Source
This commit is contained in:
Josh Patterson
2026-03-19 09:42:39 -04:00
parent a982056363
commit cceaebe350
2 changed files with 2 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/docker/defaults.yaml
View File

@@ -216,10 +216,7 @@ docker:
custom_bind_mounts: [] custom_bind_mounts: []
extra_hosts: [] extra_hosts: []
extra_env: [] extra_env: []
ulimits: ulimits: []
- name: memlock
soft: 524288000
hard: 524288000
'so-zeek': 'so-zeek':
final_octet: 99 final_octet: 99
custom_bind_mounts: [] custom_bind_mounts: []

3
salt/suricata/enabled.sls
View File

@@ -25,8 +25,7 @@ so-suricata:
- {{ XTRAENV }} - {{ XTRAENV }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{# we look at SURICATAMERGED.config['af-packet'][0] since we only allow one interface and therefore always the first list item #} {% if DOCKERMERGED.containers['so-suricata'].ulimits %}
{% if SURICATAMERGED.config['af-packet'][0]['mmap-locked'] == "yes" and DOCKERMERGED.containers['so-suricata'].ulimits %}
- ulimits: - ulimits:
{% for ULIMIT in DOCKERMERGED.containers['so-suricata'].ulimits %} {% for ULIMIT in DOCKERMERGED.containers['so-suricata'].ulimits %}
- {{ ULIMIT.name }}={{ ULIMIT.soft }}:{{ ULIMIT.hard }} - {{ ULIMIT.name }}={{ ULIMIT.soft }}:{{ ULIMIT.hard }}