suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	ada4066238	Add counters for SYN, SYN/ACK and RST TCP packets. Issue #251 .	14 years ago
Victor Julien	e6af837b25	Convert StreamTcpSetEvent function into macro. Eases debug.	14 years ago
Anoop Saldanha	4650bf7170	minor code cleanup. remove commented out code	14 years ago
Anoop Saldanha	caf26c2618	More updates to FFR code. Handle cases where we actually need to force stream reassembly and just have smsgs to be processsed by detection engine separately	14 years ago
Anoop Saldanha	9c8d404db1	FFR update-fix. Fix check where we decide whether we need to send pseudo pkt or not	14 years ago
Victor Julien	b8659daef7	Add stream engine counters Added stream counters: - tcp.reassembly_memuse -- current memory use by reassembly in bytes - tcp.memuse -- current memory use by stream tracking in bytes - tcp.reused_ssn -- ssn reused by new session with identical tuple - tcp.no_flow -- TCP packets with no flow - indicating flow engine memory at its limits	14 years ago
Eric Leblond	4f0cdf28a3	Introduce StreamSegmentForEach function This patch introduces a function called StreamMsgForEach which can be used to run a callback on all segments of a stream. This is currently only supported for TCP as this is the only streaming aware protocol.	14 years ago
Victor Julien	f5ef842752	Implement a counter for TCP packets with invalid checksums: tcp.invalid_checksum. Bug #311 .	14 years ago
Victor Julien	8208eacd79	Convert stream memcaps to u64. Bug #332 .	14 years ago
Anoop Saldanha	42493ee6b7	rename pseudo packet creation function. Shift the check for forced reassembly necessity on a session/direction to an inline function in the stream api	14 years ago
Anoop Saldanha	c365bafbf6	We now inspect timed out streams + streams not processed as yet, at engine shutdown	14 years ago
Victor Julien	4f5aad1476	Enforce configurable minimum chunk size in raw stream reassembly. Minor stream cleanups, unittest updates.	14 years ago
Victor Julien	3a774165fa	Initial version of a inline raw reassembly function that reassembles in a sliding window. Introduce new unittest helpers for stream reassembly.	15 years ago
Victor Julien	66c40f782c	Have reassembly errors also set a stream event.	15 years ago
Victor Julien	61a9936d55	Inspect a pseudo packet upon receiving a RST so that we are sure both sides of the TCP session are inspected.	15 years ago
Gurvinder Singh	6a5bc52461	support for several tcp evasion attacks. Thanks to Judy Novak and G2 Inc for reporting them	15 years ago
Pablo Rincon	5c43db85ce	Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection	15 years ago
Gurvinder Singh	f0928a4555	support for enforcing the depth until when the reassembly will be performed	15 years ago
Gurvinder Singh	8b0ca4f628	support for seperate memcaps for reassembly and stream engine	15 years ago
Victor Julien	05d382f533	Fix broken stream engine config initialization: due wrong casts settings could be overwritten in memory.	15 years ago
Anoop Saldanha	015385c6bd	changes to the dce parser stub data processed var. changed to stub data fresh var to indicate if the stub is fresh or not	15 years ago
Anoop Saldanha	45ea0d914e	dce stub content keywords support using dcepayload.c support for all dce related content keywords	15 years ago
Victor Julien	ba12f3c109	Applayer to flow fixes and cleanups.	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	6a53ab9c5a	Stream engine memory handling update The stream engine memory handling needed updating as it didn't scale. Changes: - pools can now be initialized to size 0, meaning unlimited - stream engine uses a memcap setting. Sessions, segments and aldata is part of this, app layer state isn't. - memory is accounted using a global int that is spinlocked. - a counter for sessions that have not been picked up because of memcap was added. - all reassembly errors are converted to debug msgs.	16 years ago
Gurvinder Singh	d8433c7255	fixed-pool-error-and-tcp-state-transition	16 years ago
Gurvinder Singh	d2765511ce	async stream handling support	16 years ago
Gurvinder Singh	88fbfb3e65	fix an issue	16 years ago
Gurvinder Singh	892ace6b37	stream flag function made public	16 years ago
Victor Julien	b102ea2123	Big update: - Implement "closing" state in flow. - Add protocol specific timeouts. - Lots of stream tracking updates, fixing a lot of out of window issues. - Stream reassembly fixes. - Implement a new IDS runmode with 4 stream and detect threads. - Added a BUG_ON macro that aborts the engine if the expression is true. - Better balance the flow queue handler for traffic that doesn't have flow (like icmp currently). - Simplify application level protocol in the Tcp Session. - Add some debugging memory counters.	16 years ago
Gurvinder Singh	ced5157dc9	Flow get state protocol specific	16 years ago
Gurvinder Singh	a4ad7939d2	proto specific free function	16 years ago
Gurvinder Singh	55cdf8947e	some modification in protocol specifc timeouts and free funtion	16 years ago
Gurvinder Singh	6824eddb0f	New function for task3	16 years ago
Anoop Saldanha	8af9f902e8	additional support for type qualifier for the stats api	16 years ago
Victor Julien	9c7f5afa79	Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update.	16 years ago

37 Commits (218b5d3ba032f8b7e158ab2325d13b51e0007450)