aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,444 Commits
8 Branches
154 Tags
166 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '189b521239'
${ noResults }
Commit Graph

8444 Commits (189b521239a2be4da2da833f9fd5b2474e4a9464)
 

Author SHA1 Message Date
Victor Julien 7783847467 template: fix setup detect script 7 years ago
Victor Julien 05d3a4db90 template: minor updates 
Merge inspect engine into keyword
 7 years ago
Derek d9a7a6d3e5 dns: fix last timestamp handling 
Fixes incorrect variable in ticket #2207

In app-layer-dns-tcp.c in the DNSTCPResponseParse function
a variable is set to last_req when it should be last_resp.
This makes it consistent with UDP DNS response parsing.
 7 years ago
Eric Leblond 8fa6e065bc af-packet: free bpf program 
This fixes a small memory leak when Suricata is running with a
BPF filter.
 7 years ago
Eric Leblond 7127ae2b44 af-packet: call thread deinit function 7 years ago
Eric Leblond 620f2540c6 prscript: update docker code 
Update docker code to latest docker python API. This patch
preserves backwrd compatibility with older versions.
 7 years ago
Andreas Herz c048ee6505 doc: reflect most recent cpu affinity settings 
Some settings like output-cpu-set never been used and detect got renamed
to worker. This reflects those changes already present in the yaml also
within the documentation.
 7 years ago
Mats Klepsland d363a165c1 app-layer-ssl: fix bug with >255 records in one stream 7 years ago
Andreas Herz a59390e8de rule-parser: bump sids within siggroup test 7 years ago
Andreas Herz a0ec5fe9b7 rule-parser: detect duplicate rev keyword 7 years ago
Andreas Herz ea02541913 rule-parser: detect duplicate sid keyword 7 years ago
Andreas Herz 0210d70550 rule-parser: detect duplicate classtype keyword 7 years ago
Victor Julien f47df5a671 afpacket: free ring mem on error 7 years ago
Alexander Gozman 39807b47cb Bug #2201: af_packet - treat BPF filter error as fatal 
There is no need to try to set erroneous BPF filter again and again. Such attempts
lead to constant mmap() calls without corresponding munmap() when 'use-mmap' is enabled.
 7 years ago
Julian f27b4fc8fe redis: support for rpush in list mode 
This adds a new redis mode rpush. Also more consistent config keywords orientated at the redis command: lpush and publish.
Keeping list and channel config keywords for backwards compatibility
 7 years ago
Mats Klepsland 23f8cc4a03 app-layer-tls: don't decode client certificates 
Decoding client certificate overwrites the validity dates from the
server certificate, so we therefore don't decode it, since we don't
do anything with it (right now) anyway.

Fixes Bug #2050
 7 years ago
Pierre Chifflier e4129c1568 Rust/Lua: cast value to arch-dependant type (fix build on x86, #2197) 7 years ago
Phil Young 17d9616fde napatech: Implementation of packet counters 
added util-napatech module which contains implementation threads
for processing statistics.  And modified source-napatech and
runmode-napatech to instantiate the threads.

napatech: Implementation of packet counters

napatech: implementation of statistics counters

napatech: Implementation of packet counters.

napatech: added util-napatech module

napatech: added utils-napatech module.

added include declaration and napatech specific structure when HAVE_NAPATECH
is defined.

Added util-napatech module to project.
 7 years ago
Phil Young 01801c6d7c napatech: configuration changes. 
Added comments describing parameter usage.
Changed example to use range formatting of streams.
 7 years ago
Phil Young 5f613e6e7d napatech: Added section describing packet counters. 7 years ago
Phil Young f6838f9085 napatech: Added description of hba usage. 7 years ago
Victor Julien ac12c04f11 detect-msg: cleanup error message 7 years ago
Andreas Herz 88a3ba52d6 rule-parser: ignore duplicated msg keyword 7 years ago
jason taylor 0f41172cc6 updated fedora libevent package names 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 7 years ago
Victor Julien b8428378ac changelog: update for 4.0.0 7 years ago
Victor Julien fc229430f8 doc: add rust and update version in install 7 years ago
Victor Julien 00d4ba5c9c dcerpc: improve stub buffer handling 
Stub data buffer could grow without limit depending on traffic.

This patch improves the handling. It honors the 'last frag' setting
and implements a hard limit of 1MB per buffer.

Bug #2186
 7 years ago
Victor Julien cd0fb1ab1a dcerpc: cleanup, remove unused field 7 years ago
Victor Julien 31daf43579 afl: add dcerpc entry points 
Add for requests and mix of request/responses.

Implement storing the files to disk and rereading them.
 7 years ago
Victor Julien e5eb0bbe32 stream/bypass: more liberal policy if no detection 
The reason the stream engine can't easily decide to bypass streams
is that there can be non-stream dependent rules that wouldn't match
if bypassing is done too aggressively.

However, if there is no detection engine, there is no reason to hold
back. In this case we can bypass as soon as the stream engine is done
with a session.
 7 years ago
Eric Leblond cc82ef065c af-packet: optimize BPF 
This patch turn on code optimization on BPF filter building by
libpcap. This allow to reduce the size of the BPF bytecode and
thus increase the size of BPF filter supported by Suricata.

Reported-by: Martijn van Oosterhout
 7 years ago
Eric Leblond 2979a0a2e1 app-layer-ssh: trigger bypass when done 
Trigger bypass when application layer will not inspect anymore.
 7 years ago
Jason Ish 6cfabb7863 autogen: cleanup rust strict warning 7 years ago
Jason Ish 7cc0067be0 Sample systemd unit file for Suricata. 
Create a sample systemd unit file based on the build time
configuration.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2138
 7 years ago
Jason Ish ddf6bce5d8 Sample logrotate configuration file. 
Create a sample logrotate configuration file with filenames
set for the configuration.
 7 years ago
Victor Julien dbd2d7c058 detect: more gracefully handle mpm prepare failure 
Exit with error instead of using the detection engine in a broken state.

Bug #2187
 7 years ago
Victor Julien e087d93883 detect: reject dsize rules that can't match 
Rules can contain conflicting statements and lead to a unmatchable rule.

2 examples are rejected by this patch:

1. dsize < content
2. dsize < content@offset

Bug #2187
 7 years ago
Sebastian Garcia d32ba60b51 Update public-data-sets.rst with stratosphere project 
Add the datasets of the Stratosphere project to the list.
 7 years ago
Victor Julien c02739e535 mingw: don't try to build unix socket 7 years ago
Victor Julien d1e839eabc windows: use wpcap instead of pcap 
Windows pcap libraries such as winpcap all use a library name of
wpcap instead of just pcap. Support this in configure.
 7 years ago
Victor Julien 8c31cd4bea win32: minor compile warning fixes 7 years ago
Victor Julien d1b6be99de mingw: fix random function 7 years ago
Victor Julien 5ea58fe3c4 cocci: add test to check for uint use 
uint is non-standard and not supported by MinGW. So ban it's use.

spatch file by Eric Leblond.
 7 years ago
Victor Julien afed6fe4a2 cleanup: remove all uint use 7 years ago
Victor Julien 90e612d3e4 cocci: ban memmem 7 years ago
Jason Ish 83c385a98f dnp3: use BasicSearch instead of memmem 
Mingw doesn't support memmem.
 7 years ago
Jason Ish fd025ba3f5 rust: require jansson for rust build 7 years ago
Jason Ish 16921b6b99 travis: enable strict rust; use rust 1.15.0 
Adds --enable-rust-strict to fail on warnings. Also update
the minimum Rust version from 1.7.0 to 1.15.0.
 7 years ago
Jason Ish 6a4cefb7c5 rust: --enable-rust-strict to turn warnings into errors 7 years ago
Jason Ish f715b0ae6b doc: add pid-file section to suricata.yaml doc 
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2104
 7 years ago