aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,036 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0b3f6c464a'
${ noResults }
Commit Graph

3036 Commits (0b3f6c464a07df13a2b81c5fcf9535ce3db14bb1)
 

Author SHA1 Message Date
Eric Leblond 491686c33e pcap: factorise single mode. 14 years ago
Eric Leblond abe99ee5f6 runmode: add factorisation function for single mode. 14 years ago
Eric Leblond c3ba992652 pfring: restore precedence of command line options. 14 years ago
Eric Leblond b2598f97e7 pcap: restore backward compatibility 14 years ago
Eric Leblond 21663acd3b pcap: use good var name for live-interface 14 years ago
Eric Leblond d3d8beb337 pcap: factorize runmode 
This patch factorizes auto and autofp runmodes for pcap.
 14 years ago
Eric Leblond c3c20dd041 pcap: add new config style 14 years ago
Eric Leblond 78467f1846 Update configuration file to new pfring format. 14 years ago
Eric Leblond d9d8286671 pfring: restore compatibility with v1.0 config 
Compatibility of pfring module with previous version was broken. This
patch restores backward compatibility.
 14 years ago
Eric Leblond a64dcfeba2 pfring: use factorisation function 
This patch convert pfring to pktacqloop and use the new factorisation
function. This also fixes commmand line parsing of pfring which is now
able to work like af-packet:
 - 'suricata -c s.yaml --pfring' start suricata with all interfaces in
 conf
 - 'suricata -c s.yaml --pfring=eth2' start suricata on eth2
 14 years ago
Eric Leblond cbb36b5182 af-packet: remove unused function 14 years ago
Eric Leblond 75c875b1ac af-packet: use factorisation function for Auto mode. 14 years ago
Eric Leblond 8bf0897b3c Add factorisation function for runmode. 
This patch adds a function which will be used to factorise the
Auto runmode between the different IDS mode.
 14 years ago
Anoop Saldanha de635b5866 remove trailing whitespace from conf file 14 years ago
Eric Leblond 2fc58a48a5 Doxygen: Include documentation of define dependant code. 
Generated documentation for unittests and other module was not
generated because doxygen was not assuming the define to be set.
This patch adds the necessary define for unittests and does the
same for NFQ, PFRING, IPFW, AF_PACKET and Prelude. This also adds
a variable that permit parallelisation of dot file generation.
 14 years ago
Eric Leblond d4d62f3099 http-uri: Remove useless function declaration. 14 years ago
Victor Julien 3401defbbb tag: fixes and cleanups 
Major fixes for the tag subsystem:

- Removed TimeGet call from tag packet runtime to safe a gettimeofday
- Removed unused lock from data type
- Fixed broken first packet skip logic
- Fix broken reference counter logic
- Fix memory leak on tag expiration
- Cleaned up code
 14 years ago
Anoop Saldanha b7b58074de fix ac unittest 14 years ago
Anoop Saldanha d6f9e06bbb update ac to behave the same way irrespective of the state count. Should improve performance. Also fix unittests to accomodate these changes 14 years ago
Anoop Saldanha dcaef183e8 fix compiler warning for printf format 14 years ago
Victor Julien bc5c9f4a52 Fix too many SMTP commands causing an integer overflow in the cmds_cnt variable, in turn causing an out of bounds memory write. 14 years ago
Victor Julien 9baa16af63 Convert flow memcap to u64. Bug #332. 14 years ago
Victor Julien 8208eacd79 Convert stream memcaps to u64. Bug #332. 14 years ago
Victor Julien 4c641f0deb Fix compilation with profiling enabled. 14 years ago
Anoop Saldanha 3ec7b75194 fix timestamps for pseudo packets created during FFR - bug 337 14 years ago
Anoop Saldanha 9d94bb38d5 refactor flow timeout code. fix ipv6 address assignment for pseudo pkt. 14 years ago
Anoop Saldanha 246a4e9fff for shutdown reassembly properly init the reassembly packet using PACKET_RECYCLE 14 years ago
Victor Julien 1a5931e878 pcap-log: fall back to sguil_base_dir option if 'dir' isn't set. Minor cleanups. 14 years ago
William Metcalf 3b3f5816bf You spin me right round baby, right round like a rotating packet capture right round. Oh, also log file size counters are now uint64_t 14 years ago
Victor Julien 6bad2dbd79 Don't match on IP only rules that use ports if packet is not (proper) TCP, UDP or SCTP. Rules out frags matching as well. 14 years ago
Anoop Saldanha 63ed36a892 Replace all reallocs with SCReallocs 14 years ago
Anoop Saldanha 4307ea2348 Replace all frees with SCFrees 14 years ago
Anoop Saldanha 797b1a44c7 Replace all strdup with SCStrdup 14 years ago
Anoop Saldanha 13ea299ee0 Replace all mallocs with SCMallocs 14 years ago
Eric Leblond de59c9f4b1 Add and use utility functions for checksum computing. 14 years ago
Eric Leblond a85dc9b0e2 Add support for replace keyword. 
This patch adds support for the replace keyword. It is used with
content to change selected part of the payload. The major point
with this patch is that having a replace keyword made necessary
to avoid all stream level check because we need to access to the
could-be-modified packet payload.

One of the main difficulty is to handle complex signature. If there is
other content check, we must do the substitution when we're sure all
match are valid. The patch adds an attribute to the thread context
variable to be able to deal with recursivity of the match function.

Replace is only activated in IPS mode and apply only to raw match.
 14 years ago
Eric Leblond 0c34a1c5e7 rewrite constants and add flag for replace 
This patch make use of bit shift to rewrite some of the mask constants.

It also delete an unused flag value and suppress the associated dead code.
The numeric value of the flag is now used by the flag needed for replace
code.
 14 years ago
Victor Julien 77b7089f79 Fix stream-events not working. Stream events won't fit our 'detection only' schema. Fixes #321. 14 years ago
pilcrow f5017e0d1a Always try PCRE_NO_AUTO_CAPTURE first for signature regexes. 
Many, many pcre: signatures specify (...) when the more efficient
(?:...) is all that is needed.  This change attempts to force
PCRE_NO_AUTO_CAPTURE on all unnamed capture groups, reverting to
capturing when necessary, e.g., when \1 is referenced.
 14 years ago
Victor Julien 60887131be Fix minor address parsing compiler warning. 14 years ago
Anoop Saldanha 8028392e9a fix mpm segv. Use sgh flags to check if the sgh has packet or stream mpm set or not 14 years ago
Anoop Saldanha 41d71a6d70 fix http http transaction id update. Update transactions as soon as we receive a callback on new request 14 years ago
pilcrow ed69eeab14 Safer macro parenthesization and do/while use 14 years ago
Eric Leblond bbd04fde30 NFQ: fix race condition at exit. 
A race condition was observed when leaving NFQ. This was caused by
the queue handle being accessed after been nullified. This patch
uses the handle mutex to protect the destruction and adds tests
on nullity to avoid crashed.
 14 years ago
Victor Julien 1ab6443e44 Fix compilation when profiling is enabled. 14 years ago
Anoop Saldanha b6ba944e6d Rearrange flow manager functions into flow-manager.[ch]. Some other minor changes/updates 14 years ago
Anoop Saldanha 7c729d2d53 some more code cleanup + comments added 14 years ago
Anoop Saldanha d14fdb1156 Remove the unnecessary unittest runmode check to get the test working. Modify tests to get it working around this 14 years ago
Anoop Saldanha 16884a0dea refix failing unittest 14 years ago
Anoop Saldanha 552e72e35e fix failing unittest 14 years ago