suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	b113bdd9e3	src: remove unused headers-exported functions + remove double definition of IPPairLock Ticket: #4083	1 year ago
Jason Ish	44388f1b69	src: make include guards more library friendly Include guards for libraries should use a prefix that is meaningful for the library to avoid conflicts with other user code. For Suricata, use SURICATA. Additionally, remove the pattern of leading and trailing underscores as these are reserved for the language implementation per the C and C++ standards.	1 year ago
Jeff Lucovsky	11f9cc6524	detect/address: Expose DetectAddressCopy function	4 years ago
Victor Julien	42d112e7b6	detect/address: dead code removal and style cleanups	6 years ago
Victor Julien	007a461d69	detect/parse: track negation during address parsing Fix address negation detection not resolving variables when looking for the negation. This patch makes use of the actual parsing routines to relay this information to the signature parser. Bug #3389. Fixes: `92f08d85aa` ("detect/iponly: improve negation handling in parsing")	6 years ago
Alexander Gozman	2cf2387e31	rules: optimize bidir rules with same src/dst As an optimization, reset bidirectional flag for rules with same src and dst. If one created bidirectional rule like 'alert tcp any any <> any any ...', the rule was checked twice (for each packet in every direction). This is suboptimal and may give duplicated alerts. To avoid this, bidirectional rules are now checked for the same src and dst (addresses and ports) and if it's the case, the rule is treated as unidirectional and a corresponding message is logged.	7 years ago
Victor Julien	c79b9cb317	detect: constify address match functions	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	e072e70ea6	alert: fix rate_filter issues Fix rate_filter issues: if action was modified it wouldn't be logged in EVE. To address this pass the PacketAlert structure to the threshold code so it can flag the PacketAlert as modified. Use this in logging. Update API to use const where possible. Fix a timout issue that this uncovered.	9 years ago
Victor Julien	215d0d54c7	detect: optimize rule address parsing Many rules have the same address vars, so instead of parsing them each time use a hash to store the string and the parsed result. Rules now reference the stored result in the hash table.	9 years ago
Victor Julien	9bd8197009	detect-address: remove debug mem counters	9 years ago
Victor Julien	2be9ccfe9c	detect: pass DetectEngineCtx to address parsing Preparation for prefix handling in address parsing.	11 years ago
Anoop Saldanha	678763c3f4	bug #454 - global check to see if address and port vars are properly configured	13 years ago
Anoop Saldanha	e682796d03	feature #414 - support listing supported keywords. Remove support for dummy keywords __address__, __proto__, __port__. Remove support for recursive keyword and all references to it	14 years ago
Eric Leblond	8ff8ec4f82	Export some DetectAddress related function.	14 years ago
Victor Julien	102092a89c	Make signature address matching more cache efficient.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Anoop Saldanha	47ad1e5b2e	detect-engine-address.[ch] refactoring	16 years ago
Victor Julien	d6be6ceb19	Fixup artifact from automatic renames: rename DetectAddresssHead to DetectAddressHead.	16 years ago
Victor Julien	de8caa7964	Rename DetectAddressGroup* to DetectAddress*	16 years ago
Victor Julien	13dca5e8ce	Cleanup of address functions.	16 years ago
Victor Julien	e4c98c562c	Merge DetectAddressData and DetectAddressGroup	16 years ago
Victor Julien	5df5b35e90	Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups.	16 years ago
Victor Julien	3f7195454b	Big detection engine update.	16 years ago
Victor Julien	8b3d06fd92	Rename some detection engine related files.	16 years ago

25 Commits (22d05c289ca10fe11c7801e2f879a6f364ca61a7)