Suricata 3.2.1 update coming soon with hyperscan support
-
Just FYI to let everyone know I'm working now on updating the Suricata binary on pfSense to version 3.2.1. This new version will enable hyperscan support on AMD64 architectures. Please note that hyperscan will not work with 32-bit systems. This is a limitation of the hyperscan library. The new default mpm_algo setting (pattern matching algorithm) in Suricata 3.2.1 will be "auto". This will use hyperscan when it is available, and if no hyperscan support is available, then it will default to the AC setting for pattern matching.
The new 3.2.1 version of the Suricata package will also include a few updates to the structure of the suricata.yaml file to catch up with changes from upstream. There are a number of leftover legacy settings in the suricata.yaml file for the pfSense package that are now deprecated. These will be removed. The 3.2.1 Suricata binary also includes a number of bug fixes from upstream.
Bill
-
Bill,
That's super awesome.
Thank you so much!
Charles
