aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,604 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '06b1d71032'
${ noResults }
Commit Graph

2604 Commits (06b1d71032f3b627058e4efe02dfd85ddb359094)
 

Author SHA1 Message Date
Victor Julien 06b1d71032 Small optimizations to IPV4 and TCP header parsing. 13 years ago
Eric Leblond 0256ca2422 af-packet: fix compilation on new systems. 
Inclusion of if_packet.h was missing when the support of new options
related to packet fanout is present in the file.
 13 years ago
Anoop Saldanha bf24272c28 changes to accomodate master rebase 13 years ago
Anoop Saldanha 997eaf42a8 add thread local storage support for smtp + remove pmq that was init/freed as part of smtp_state alloc to use the thread local data passed by the app layer engine 13 years ago
Anoop Saldanha 9a6aef459e modify all relevant app layer API calls to accomodate passing parser local storage argument 13 years ago
Anoop Saldanha d3468d88b0 app layer udp cleanup + update dcerpc udp todo 13 years ago
Anoop Saldanha 01a35bb604 introduce app layer local storage api support 13 years ago
Anoop Saldanha 87599bc78d minor changes in smtp parser decoder wrt direction check loop + add missing ifdef unittests 13 years ago
Anoop Saldanha 3a856fed12 update detection engine to compare flow alproto with sig_alproto, rather than sm alproto. 13 years ago
Anoop Saldanha 4d38a571cc smtp reply code mpm phase support added 13 years ago
Anoop Saldanha 4a6908d3e9 fix smtp parser handling fragmented lines + add new unittests to check the same 13 years ago
Anoop Saldanha 2b356dadff Support for tos keyword added 13 years ago
deltay 211193b0af Get pidfile from config file if not available in command options 13 years ago
Victor Julien 262a7300d7 flow: shrink Flow datatype 
Introduce a separate FlowAddress structure for holding the ipv4 or ipv6 address
that doesn't have the family in it like the Address structure. Instead, the
family is stored in the flow as a flag: FLOW_IPV4 and FLOW_IPV6.

Add macro's to check the family, copy the address, etc.

Update many unittests to reflect these changes. Introduce unittest helper
functions for creating and initializing a flow and freeing it again.

On 64 bit this shrinks the flow with 8 bytes.
 13 years ago
Victor Julien 06904c9024 App Layer cleanup 
Removal of per flow 'aldata' array. It contained a ptr for each ALPROTO. Instead now we have 2 ptrs in the flow: alparser and alstate.
Various cleanups and dead code removal from the app layer API.
Should safe 100+ bytes memory per flow on 64 bit.
Updated lots of unittests to reflect these changes.
 13 years ago
Victor Julien a0b532dc45 stream reassembly: simplify base_seq tracking for protocol detection. Shrinks TcpStream structure. 13 years ago
Victor Julien 7e3c15e54a stream: improve TCP ssn reuse cleanup. 13 years ago
Victor Julien 9769510ba3 flow: support requeue of flows from closed to new list for TCP ssn reuse. 13 years ago
Anoop Saldanha 4130c5e2b8 if flow has disabled app layer inspection, disable buffering the segments unnecessarily in inline reassembly 13 years ago
Anoop Saldanha 43cbed8c92 enable toclient alproto detection for inline reassembly 13 years ago
Anoop Saldanha f684b60127 if flow has disabled app layer inspection, disable buffering the segments unnecessarily 13 years ago
Anoop Saldanha 08bd8ec4e2 on failed alproto detection on both sides, only disable app layer inspection. No reassembly disabling for any direction 13 years ago
Victor Julien c9960473bb Fix stream reassembly engine rejecting valid packet for reassembly. 13 years ago
Victor Julien d9ad1b00b3 Clean up SID allocation for decoder and stream rules. 13 years ago
Anoop Saldanha 55ed6c2a55 disable session reassembly for either/both the directions, only when we have established failed proto detection in both the directions 13 years ago
Anoop Saldanha 4650bf7170 minor code cleanup. remove commented out code 13 years ago
Anoop Saldanha de9ad02b59 Remove leftover imap and msn toclient alproto PM contents 13 years ago
Anoop Saldanha caf26c2618 More updates to FFR code. Handle cases where we actually need to force stream reassembly and just have smsgs to be processsed by detection engine separately 13 years ago
Anoop Saldanha bc216a3396 fix/updates to app layer proto detection 13 years ago
Anoop Saldanha 78e6a7f713 enable toclient alproto detection. Detection all current alproto toclient PMP patterns 13 years ago
Anoop Saldanha 9c8d404db1 FFR update-fix. Fix check where we decide whether we need to send pseudo pkt or not 13 years ago
Anoop Saldanha b08b390bcd fix for bug 375 - update radix test that wrongly uses memset and sizeof 14 years ago
Victor Julien 3d845b6c77 Consider Windows new line chars as well when parsing rule files. Bug #374. 14 years ago
Eileen Donlon a92d15ed37 Fixed duplicate signature check 14 years ago
Anoop Saldanha 99baf18c8d updates to ac-gfbs search. Remove unnecessary casting of pointers 14 years ago
Anoop Saldanha 11e7dda59a updates to ac-gfbs search. Introduce handling cases where state_count is < 32k 14 years ago
Anoop Saldanha 708c4ad055 updates to ac-gfbs search. Combine output presence with mod goto table 14 years ago
Anoop Saldanha a4ea7e6197 updates to ac-gfbs search. Combine failure table along with mod goto table for better cache perf 14 years ago
Anoop Saldanha b69ac9514f updates to ac-gfbs search. Disable handling < 65k states separately. Now any state count would be given same treatment 14 years ago
Anoop Saldanha efb4c27b1f updates to ac-gfbs search. Add new unittests + fix cases where we have 2 patterns that are same but one is CS and other CI + Use SCMemcmp for state < 65k instead of custom memcmp 14 years ago
Anoop Saldanha 0920296aaa updates to ac-gfbs search. Remove unnecessary casting of pointers 14 years ago
Anoop Saldanha d149a5e806 updates to ac-gfbs search. Use SCMemcmp instead of the custom pattern searching used 14 years ago
Anoop Saldanha 47f2d6e07b updates to ac-gfbs search. Optimize pointer de-referencing for pid_pat_list 14 years ago
Anoop Saldanha 991f6d2d83 updates to ac-gfbs search. Optimize pointer de-referencing for frequently used pointers 14 years ago
Anoop Saldanha ffb925e3b3 indentation fixes for ac-gfbs 14 years ago
Anoop Saldanha e9eb0e502c updates to ac-gfbs search. Handle cases where we have a single entry for a state goto transition, just like how we handle for no entry for a particular state 14 years ago
Eric Leblond 9b75de3339 pfring: fix compilation when pfring is desactivated. 14 years ago
Eric Leblond 43ffd779f8 autotools: add libpcap dependencyto pfring for checks. 
PF_RING seems to depend on pcap if bfp filter is activated. For this
reason, not having the dependency during configure test causes a
failure in feature detection.
 14 years ago
Eric Leblond 0ac1cabf2a autotools: fix problem of pfring configuration. 14 years ago
deltay d5e254d504 Add pfring bpf filter, require pfring >= 5.1 14 years ago