suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	9dc04d9fab	app layer: add support for per TX decoder events	12 years ago
Victor Julien	72e35efbc6	Reset app layer events when we start inspecting a new TX	12 years ago
Victor Julien	4c6463f378	stream: handle extra different SYN/ACK Until now, when processing the TCP 3 way handshake (3whs), retransmissions of SYN/ACKs are silently accepted, unless they are different somehow. If the SEQ or ACK values are different they are considered wrong and events are set. The stream events rules will match on this. In some cases, this is wrong. If the client missed the SYN/ACK, the server may send a different one with a different SEQ. This commit deals with this. As it is impossible to predict which one the client will accept, each is added to a list. Then on receiving the final ACK from the 3whs, the list is checked and the state is updated according to the queued SYN/ACK.	12 years ago
Victor Julien	1eed3f2233	ipv6: add event for ipv6 packet with icmpv4 header	13 years ago
Victor Julien	150b0c5ae0	ipv6: add option to detect HOP/DST headers with only padding. Detect unknown DST/HOP opts.	13 years ago
Victor Julien	e1321f9ae6	stream: change how retransmissions are handled and detected.	13 years ago
Victor Julien	bc37cb6b8e	stream: detect retransmissions on closewait and finwait2 states	13 years ago
Victor Julien	9094eb4783	stream: ignore ack value if ack flag is not set. Add stream.pkt_broken_ack event for when ack value is not 0 and ack flag not set.	13 years ago
Victor Julien	6f76ac176d	stream: add option to match on overlapping data Set event on overlapping data segments that have different data. Add stream-events option stream-event:reassembly_overlap_different_data and add an example rule. Issue 603.	13 years ago
Eric Leblond	def0270de7	decode: decode IPv6-in-IPv6 This patch adds decoding of IPv6-in-IPv6. It also adds some events for invalid packets. This patch should fix #514.	13 years ago
Eric Leblond	fd32159464	defrag: add some events relative to defragmentation	13 years ago
Eric Leblond	09fa0b9542	Add support for IPv4-in-IPv6 This patch adds support for IPv4-in-IPv6 and should fix #462.	13 years ago
Victor Julien	c44f4c13fc	stream: improve TCP flags handling	13 years ago
Victor Julien	b976ff228a	ipv6: fix an AH header parsing issue. Add decoder event for non-null reserved fields.	13 years ago
Anoop Saldanha	46e1145cff	minor code cleanup	13 years ago
Victor Julien	374947c354	ipv6: properly deal with packets containing a FH header that has offset 0 and no more frags flag set.	14 years ago
Victor Julien	7fa22e8453	Rename app_layer_events to app-layer-events. Misc fixes/changes.	14 years ago
Anoop Saldanha	5311cd4866	Support for smtp decoder events	14 years ago
Anoop Saldanha	eea5ab4a7a	Support for app layer decoder events added + app_layer_event keyword added	14 years ago
Victor Julien	ddfa5c49c6	Stream engine: gap handling Set a stream event for stream gaps. Add a (disabled by default) signature to the stream-event.rules.	14 years ago
Jason Ish	0385f72669	Use separate frag decoder events for IPv4 and IPv6.	14 years ago
Jason Ish	de1c40c44f	Set decoder event on fragment overlaps.	14 years ago
Jason Ish	6da9c64a28	Set decoder event when re-assembled fragments would exceed max IP packet size.	14 years ago
Victor Julien	3aeb86d836	Fix header_len in GRE decoder getting out of control in some cases.	15 years ago
Eric Leblond	17af1ca123	decode-event: Add SCTP event Almost empty now, because the only definition is packet too small.	15 years ago
Victor Julien	66c40f782c	Have reassembly errors also set a stream event.	15 years ago
Victor Julien	94fe0d5fa2	Add ACK validation to Reset/RST validation code.	15 years ago
Victor Julien	7af9c58af7	Improve ACK value validation, timestamp checking code. Overall layout.	15 years ago
Victor Julien	6ffb9da9be	Better support ack/psh data packets on several states. Updates to ack validation code.	15 years ago
Victor Julien	25f5589078	First round of adding 'stream events'. Basic stream tracking events added.	15 years ago
Victor Julien	fdd0f3939e	Reduce size of event bit array in the packet structure.	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	7c314e8d21	Switch decode-event comments to doxygen format	15 years ago
Gerardo Iglesias Galvan	2128310ebe	Add decode events and comments	15 years ago
Breno Silva	b02bb6b6b4	VLAN Support	16 years ago
William Metcalf	8a64321340	raw pcap support additionl ipv4/6 validation	16 years ago
Jamie	0dc471db9c	looking inside ICMP packets	16 years ago
Pablo Rincon	292a7e47ef	ICMPv6 Decoder and unittests	16 years ago
Jamie	a297225157	victor must be getting sick of PPPoE and ICMP	16 years ago
Breno Silva	9528e02e46	GRE support	16 years ago
Brian Rectanus	74cb73fc1d	Decode IPv4 options.	16 years ago
Victor Julien	4ec31e0445	Fix short IPv4 packets not getting detected in the decoder. Set decode event on short ipv6 packets.	16 years ago
Victor Julien	2e4cc2ad3d	Convert tabs to spaces in PPPoE code.	16 years ago
Jamie	8817364ef6	initial PPPoE decoder commit	16 years ago
Breno Silva	dec11038c6	PPP Support	16 years ago
Victor Julien	2c8df73d24	Add decoder events to ethernet and sll decoding.	16 years ago
William Metcalf	7006085195	udp decoding added icmp unreachables added to reject	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

49 Commits (055b422c28c753d067b06862149d6d0225318c8c)