aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,205 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '02e19502c7'
${ noResults }
Commit Graph

3205 Commits (02e19502c7ecd46ae43b1aa7f168f1f80a02a486)
 

Author SHA1 Message Date
Eric Leblond c3eaa6cc60 Add per-interface counter for invalid checksum. 
This patch adds a per-device counter for invalid checksum as
well as a simple packet counter.
 13 years ago
Eric Leblond 745b61171a Introduce LiveGetDevice function 13 years ago
Eric Leblond e893e860d4 Rename LiveGetDevice to LiveGetDeviceName 
The function LiveGetDevice is returning a point to
the name of the interface. This patch renames it to
LiveGetDeviceName which is more appropriate.
 13 years ago
Eric Leblond 1d1271fd38 pcap: add support for checksum verif mode 
This patch adds support for checksum verification mode.
Auto mode is not yet supported.
 13 years ago
Eric Leblond 6062e00c2b af-packet: add support for checksum verif mode 
This patch adds support for checksum verification mode.
Auto mode is not yet supported.
 13 years ago
Eric Leblond 551cb3e4c2 decode: introduce checksum mode enum. 13 years ago
Eric Leblond 623bb38d1c af-packet: Fix typo in error message. 13 years ago
Eric Leblond 8d635ddfc2 detect-csum: incomplete checksum is a valid checksum 
This patch modify checksum match to not alert on packet with
incomplete checksum. They will be checksummed later and thus
can be considered as valid one.
 13 years ago
Eric Leblond 67f791e891 af-packet: add variable to disable offloading detection 
This flag adds variable to disable offloading detection. The effect
of the flag is to avoid to transmit auxiliary data at each packet.
This could result in a potential performance gain.
 13 years ago
Eric Leblond f6ddaf3341 af-packet: parse message to find lack of checksum 
Emitted packet can have checksum offloading. This patch reads
af-packet message parameter to see if the kernel has sent a non
checksummed packet.
 13 years ago
Eric Leblond 5dc46ae7c7 pf-ring: Mark emitted traffic as non checksummed 
The traffic sent by an interface is potentially offloaded. This
patch adds detection of TX packets and set the corresponding flag.
 13 years ago
Eric Leblond 81bc6f5518 Treat incomplete checksum. 
Checksum of local traffic is often offloaded to the network device.
This causes some problems on parsing of this traffic. This patch
introduces a PKT_INCOMPLETE_CHECKSUM flag which can be used to
indicate that the checksum is not computed/correct for good reason.
 13 years ago
Victor Julien 9324ed7b90 Fix icmpv6 ip-only rule not firing. #363. 13 years ago
Anoop Saldanha 517040c4af indentation fix 13 years ago
Anoop Saldanha 37b223645a fix detection engine for alert stability. Fix cases where we have multiple rules having same pattern. We should see good perf increase(~5%) with this change, now that we avoid unnecessary inspection" 13 years ago
Anoop Saldanha 42bc22cfa5 indendation fix 13 years ago
Anoop Saldanha ecc7a769a7 reclaim mpm contexts if no patterns are added to it, even in non-full mode 13 years ago
Anoop Saldanha 1389cf6913 update cuda mpm to support per proto mpm contexts. Fix faulty stream mpm usage of cuda 13 years ago
Anoop Saldanha 92643f6110 introduce separate mpm ctxs for tcp/udp/other_protos 13 years ago
Anoop Saldanha a5dec3cb2e refactor all http mpm engine code 13 years ago
Anoop Saldanha 34cf557abf fix indentation 13 years ago
Anoop Saldanha 5b91cec4ae remove unnecessary if/else checks 13 years ago
Victor Julien ada4066238 Add counters for SYN, SYN/ACK and RST TCP packets. Issue #251. 13 years ago
Victor Julien 298289f43f Let flow:only_stream and flow:no_stream set the require packet and require stream flags. Toss out sigs with conflicting settings. Rename flow:stream_only to flow:only_stream. Fixes #261. 13 years ago
Victor Julien c04f45ccb9 Add tcp-pkt and tcp-stream 'protocols' to force a signature to inspect only packet or stream data. 13 years ago
Victor Julien 2c62b50ed5 Fix 2 compiler warnings. 13 years ago
Mike Pomraning cfced01641 Use strlcpy 13 years ago
Mike Pomraning b5c11bd9fa Document new "filetype" argument for 'fast', 'http-log', etc. 13 years ago
Mike Pomraning 914b10a8e6 Touch up Makefile for SCConfLogOpenGeneric. 13 years ago
Mike Pomraning dfec9c0f6a Switch 'fast', 'http-log', 'drop' and 'alert-debug' to SCConfLogOpenGeneric. 13 years ago
Mike Pomraning dec34afa40 SCConfLogOpenGeneric() abstraction for regular and AF_UNIX logs. 
util-logopenfile.[ch] implements the abstraction; util-error.[ch]
modified to include a socket-specific error code; output.h adds a
default filetype for logs ("regular").
 13 years ago
Victor Julien a1cb769205 Switch log-file module to use new absolute path detection code. 13 years ago
Victor Julien 4cbaeb408c Add functions to determine whether a path is absolute or relative. 13 years ago
Victor Julien a397599fbb file extraction: add waldo option to file log module. This will store the last used file_id so extracted files won't get overwritten is Suricata is restarted. 13 years ago
Victor Julien effe01ae7b Add Init and DeInit calls to the thread module API. 13 years ago
Eric Leblond 7fb78a0ff6 Fix compilation warning. 13 years ago
Victor Julien 08f3ef7685 Reshuffle version printing so -V prints it only once. 13 years ago
Eric Leblond 1bebb9831d logging: don't display debug message before setting params. 13 years ago
Eric Leblond 05f562fdc3 logging: use SCLogDebug instead of printf 
This patch uses SCLogDebug instead of printf to enable filtering
of the log message by the log filtering option.
 13 years ago
Eric Leblond 9545a56426 ipfw: suppress poll before sendto 
Calling poll before using sendto seems a bit overkill.
 13 years ago
Eric Leblond 6f1b40dd4b ipfw: don't use socket lock in 'worker' mode 
This patch is the IPFW version of NFQ latest patch.
 13 years ago
Eric Leblond 58855494c1 nfq: do not use mutex in 'worker' mode 
Using a mutex on the queue handle is not necessary in 'worker' mode
as there is no concurrent access to it.
 13 years ago
Eric Leblond ef3951d914 runmode: export running mode 
This will permit to put some optimisation in different components.
This is done via the RunmodeGetActive() function.
 13 years ago
Victor Julien c908574545 Use strtoul instead of strtol for sid parsing. Fixes parsing of really large sid numbers. Fixes #393. 13 years ago
Victor Julien c1a40447c1 IP Only cleanup: make most functions static. Add error message on address parsing issues. 13 years ago
Victor Julien e0cf2ccb91 Fix invalid direction error message. 13 years ago
Victor Julien 801f92f705 Disable the drop.log in the default config. 13 years ago
Eric Leblond db19680794 pcap: fix auto runmode 
This patch fixes initialization of a pointer. The lack of it was
causing an invalid interface value to be given to suricata (in
the case no interface was given on the command line).

Reported-by: Delta Yeh <delta.yeh@gmail.com>
 13 years ago
Eric Leblond 3d558bf06f pcre: compile jit by default if available. 13 years ago
Victor Julien 5a769c02ee Stream engine: handling packets with ACK|CWR. 13 years ago