suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	1eed3f2233	ipv6: add event for ipv6 packet with icmpv4 header	13 years ago
Victor Julien	150b0c5ae0	ipv6: add option to detect HOP/DST headers with only padding. Detect unknown DST/HOP opts.	13 years ago
Victor Julien	e1321f9ae6	stream: change how retransmissions are handled and detected.	13 years ago
Victor Julien	bc37cb6b8e	stream: detect retransmissions on closewait and finwait2 states	13 years ago
Victor Julien	9094eb4783	stream: ignore ack value if ack flag is not set. Add stream.pkt_broken_ack event for when ack value is not 0 and ack flag not set.	13 years ago
Victor Julien	6f76ac176d	stream: add option to match on overlapping data Set event on overlapping data segments that have different data. Add stream-events option stream-event:reassembly_overlap_different_data and add an example rule. Issue 603.	13 years ago
Eric Leblond	def0270de7	decode: decode IPv6-in-IPv6 This patch adds decoding of IPv6-in-IPv6. It also adds some events for invalid packets. This patch should fix #514.	13 years ago
Eric Leblond	09fa0b9542	Add support for IPv4-in-IPv6 This patch adds support for IPv4-in-IPv6 and should fix #462.	13 years ago
Victor Julien	c44f4c13fc	stream: improve TCP flags handling	13 years ago
Victor Julien	b976ff228a	ipv6: fix an AH header parsing issue. Add decoder event for non-null reserved fields.	13 years ago
Victor Julien	374947c354	ipv6: properly deal with packets containing a FH header that has offset 0 and no more frags flag set.	14 years ago
Victor Julien	ddfa5c49c6	Stream engine: gap handling Set a stream event for stream gaps. Add a (disabled by default) signature to the stream-event.rules.	14 years ago
Eric Leblond	eb0d4e4d8b	Add stream events support to 'engine-event' keyword This patch adds the list of stream events (with associated keywords) to the list of events that can be treated by 'engine-event'.	14 years ago
Eric Leblond	e3a6d8955e	Introduce engine-event keyword This patch renames the 'decode-event' keyword to 'engine-event' and keep it for backword compatibility of rulesets. All DecodeEvent references in the code are replaced by EngineEvent version.	14 years ago
Eric Leblond	2ac8755382	Rename detect-decode-event to detect-engine-event This patch does a simple renaming of detect-decode-event file to the more global detect-engine-event name.	14 years ago

15 Commits (00a691fc1b1960d444d21125d21890143ebb6d30)