Why are you asking me that? What does “git am” tell you? There should be a reason why it didn’t work. Probably there have been other changes in the section? -Michael > On 1 Mar 2019, at 19:01, Stefan Schantl wrote: > >> Hi, >> >> Did you apply all of them in order? >> > > Yes, I did. > > The reported two patches did not apply. > > However, the changes on the second patch depends on modifications of > the first one, but why does the first one does not apply by using "git > am" ? > >> It is not very helpful to only merge half the patchset. >> >> Did you use pwclient? >> >> -Michael >> >>> On 1 Mar 2019, at 17:09, Stefan Schantl >>> wrote: >>> >>> Hello Michael, >>> >>> thanks for working on optimizing the suricata configuration file. >>> >>> I've merged all of the patches except number "8" and "10" which >>> does >>> not apply with "git am". >>> >>> When simple adding the changes with "patch" the changes can be >>> applied >>> - any idea why this happened? >>> >>> Thanks in advance, >>> >>> -Stefan >>>> I have worked on suricata's configuration. >>>> >>>> My objective was to use more system resources (because suricata >>>> did >>>> not use much RAM, etc.) >>>> to make it faster and to be able to have some deeper decoding and >>>> matching. >>>> >>>> Please review these changes and let me know what you think. >>>> >>>> All in all, suricata should not use more than 1G of RAM which I >>>> think >>>> is a very good >>>> amount. If your system is weaker than that, there is no point in >>>> running an IPS. >>>> >>>> On my system in my office, this runs with a hand full of rules >>>> enabled from the >>>> Emerging Threats Community set at around 110MB of RAM. >>>> >>>> Michael Tremer (20): >>>> Revert "Suricata: detect DNS events on port 853, too" >>>> suricata: Set max-pending-packets to 1024 >>>> suricata: Set default packet size to 1514 >>>> suricata: Set detection profile to high >>>> suricata: Drop profiling section from configuration >>>> suricata: Drop some commented stuff from configuration >>>> suricata: Drop sections that require Rust >>>> suricata: Configure HTTP decoder >>>> suricata: Allow 32MB of RAM for DNS decoding >>>> suricata: Drop parsers I have never heard of >>>> suricata: We do not use any IP reputation lists >>>> suricata: Log to syslog >>>> suricata: Use the correct path for the magic database >>>> suricata: Use 64MB of RAM for defragmentation >>>> suricata: Use up to 256MB of RAM for the flow cache >>>> suricata: Log to syslog like a normal process >>>> suricata: Increase memory size for the stream engine >>>> suricata: Disable decoding for Teredo >>>> suricata: Start capture first and then load rules >>>> suricata: Fix syntax error >>>> >>>> config/etc/syslog.conf | 2 +- >>>> config/suricata/suricata.yaml | 282 +++++---------------------- >>>> ----- >>>> ---------- >>>> 2 files changed, 30 insertions(+), 254 deletions(-) >>>>