suricata

Commit Graph

Author	SHA1	Message	Date
Eric Leblond	7e09cdc265	Delay Detect threads initialization This patch modifies the init of Detect threads. They are now started with a dummy function and their initialisation is done after the signatures are loaded. Just after this, the dummy function is switched to normal one. In IPS mode, this permit to route packets without waiting for the signature to start and should fix #488. Offline mode such as pcap file don't use this mode to be sure to analyse all packets in the file. The patch introduces a "delayed-detect" configuration variable under detect-engine. It can be used to activate the feature (set to "yes" to have signature loaded after capture is started).	13 years ago
Anoop Saldanha	5f198e3a1d	Suricata shutdown updates + minor cleanup	13 years ago
Anoop Saldanha	34f0897163	check if all packets are processed before disabling detect threads + kill all threads <= detect after FFR + other minor fixes	13 years ago
Anoop Saldanha	5e02cb2365	slot_data updated as an atomic var no	13 years ago
Victor Julien	c0ac64e58c	pcap: make sure thread count is 1 if config is missing for a device.	13 years ago
Anoop Saldanha	bc6cf43840	#482 - use decode_flag for all decode TMs. Use the flag as a way to retrieve decode TMs from ThreadVars	13 years ago
Victor Julien	48da3bb48b	Make sure all fake packets have datalink type DLT_RAW. Make sure stream end packets set pkt size.	13 years ago
Anoop Saldanha	6c5b596ada	coverity fixes	13 years ago
Victor Julien	5c397e3a53	flow: add missing unlocks for rare error condition at flow shut down.	14 years ago
Victor Julien	19a7e7f395	flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default.	14 years ago
Victor Julien	db24258acf	Undo changes from `88b8f15663`. Atomic stack implementation had a-b-a problem.	14 years ago
Victor Julien	88b8f15663	Add atomic stack implementation. Convert flow spare queue to use this stack. Remove now unused flow-queue code.	14 years ago
Victor Julien	0150e66ede	flow engine: improve scalability Major redesign of the flow engine. Remove the flow queues that turned out to be major choke points when using many threads. Flow manager now walks the hash table directly. Simplify the way we get a new flow in case of emergency.	14 years ago
Victor Julien	0d6f33a15b	Move PACKET_RECYCLE outside of flow lock in FlowForceReassemblyForQ as it confuses static code checkers.	14 years ago
Victor Julien	bfb3f1b7cf	flow: Refactor how FlowPrune deals with forced timeouts, improving locking logic.	14 years ago
Victor Julien	372ab9c433	Another batch of minor fixed for issues found by Coverity.	14 years ago
Victor Julien	cdba2f50d1	Various fixes and improvements based on feedback by Coverity analyzer.	14 years ago
Victor Julien	8b1333a277	Add more flow lock assertions to the debug validation code.	14 years ago
Victor Julien	0983f1d0a6	Only force a pseudo packet inspection cycle for TCP streams in a state >= established.	14 years ago
Victor Julien	c4b34e6ef7	Fix various minor clang/scan-build warnings.	14 years ago
Victor Julien	e69c584317	Let timing out flow use pseudo packets also if state is not fully closed.	14 years ago
Anoop Saldanha	0cde8072f4	fix ffr shutdown segv. We need to supply stream TV the the stream engine	14 years ago
Anoop Saldanha	420befb180	Changed my email address to anoopsaldanha at gmail dot com from my current one	14 years ago
Victor Julien	262a7300d7	flow: shrink Flow datatype Introduce a separate FlowAddress structure for holding the ipv4 or ipv6 address that doesn't have the family in it like the Address structure. Instead, the family is stored in the flow as a flag: FLOW_IPV4 and FLOW_IPV6. Add macro's to check the family, copy the address, etc. Update many unittests to reflect these changes. Introduce unittest helper functions for creating and initializing a flow and freeing it again. On 64 bit this shrinks the flow with 8 bytes.	14 years ago
Anoop Saldanha	caf26c2618	More updates to FFR code. Handle cases where we actually need to force stream reassembly and just have smsgs to be processsed by detection engine separately	14 years ago
Anoop Saldanha	9c8d404db1	FFR update-fix. Fix check where we decide whether we need to send pseudo pkt or not	14 years ago
Victor Julien	404868c28b	Get rid of strcasestr call as win32 doesn't have it.	14 years ago
Victor Julien	9ac51900f6	Fix broken macro call.	14 years ago
Eric Leblond	6bf15bac31	Fix various packet access. The coccinelle based tests have detected invalid uses of access to Packet data. This patch fixes the detected problems.	14 years ago
Anoop Saldanha	c13ad8c28a	Provide a function to set the app layer tx eof flag. Use this in FFR code instead of diretly setting the flag. This cleans up the API as well	14 years ago
Anoop Saldanha	b406af451b	updates to http tx id vars. FFR now flags the app layer session for EOF when creating a pseudo packet for a flow	14 years ago
Victor Julien	4c641f0deb	Fix compilation with profiling enabled.	14 years ago
Anoop Saldanha	3ec7b75194	fix timestamps for pseudo packets created during FFR - bug 337	14 years ago
Anoop Saldanha	9d94bb38d5	refactor flow timeout code. fix ipv6 address assignment for pseudo pkt.	14 years ago
Anoop Saldanha	246a4e9fff	for shutdown reassembly properly init the reassembly packet using PACKET_RECYCLE	14 years ago
Anoop Saldanha	b6ba944e6d	Rearrange flow manager functions into flow-manager.[ch]. Some other minor changes/updates	14 years ago
Anoop Saldanha	7c729d2d53	some more code cleanup + comments added	14 years ago

37 Commits (12743ca5d7212851feed29e6fbf3e3e6f8f302eb)