aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
919 Commits
7 Branches
161 Tags
202 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '29d51a6182'
${ noResults }
Commit Graph

57 Commits (29d51a618242d5f26cdec319c8028d6b06c2837f)

Author SHA1 Message Date
Jason Ish e87d4f8a28 Split the defrag counters into ipv4 and ipv6. 16 years ago
Jason Ish 6b562f7aa6 Issue 82 - fragment counters. - number of fragments - number reassembled - number of timeouts 16 years ago
Pierre Chifflier 4515ae13e4 Add Prelude output plugin 
Add support for reporting alerts to the Prelude SIEM system, using
libprelude to send IDMEF (RFC4765) messages.

Each message contains the alert description and reference (using
the SID/GID), and a normalized description (assessment, impact,
sources etc.)

libprelude handles the connection with the manager (collecting component),
spooling and sending the event asynchronously. It also offers transport
security (using TLS and trusted certificates) and reliability (events
are retransmitted if not sent successfully).

This modules requires a Prelude profile to work (see man prelude-admin
and the Prelude Handbook for help).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 16 years ago
Pablo Rincon 51dc773eec Changing the veredict actions to flags to allow simultaneous veredict 16 years ago
Jason Ish 7d920a1254 Fix issue 65. 
- Update unit test to trigger the failure found in the issue 65 pcap.
- Increase pkt buffer to account for the IPv6 header, as a maximum
  size IPv6 datagram is 40 + 0xffff.
- Account for IPv4 header when checking where end of fragment lies.
- Second sanity check during re-assembly to check for writing past
  the end of the pkt buffer.
 16 years ago
Jason Ish 5076452707 Potential fix for issue 60. 
- Increase the packet buffer so it can hold the link header when we
  have maximum size IP datagrams.
- Fix ip header length and pkt length calculation for re-assembled
  packets.
 16 years ago
Eric Leblond db2d483d11 convert action_type to enum 
This patch converts packet action type to an enum. This will
provide some facilities and ease bad value detection by gcc.
 16 years ago
William Metcalf 8a64321340 raw pcap support additionl ipv4/6 validation 16 years ago
Victor Julien 9b90c553b5 Clean ip fields from packet as well when the packet is reused. Prevents issues with malformed packets that are rejected by the decoders before ipaddresses are set. 16 years ago
Victor Julien 9ececacda3 Fix packet timestamp handling for encapsulated packets. 16 years ago
Anoop Saldanha bc4df59414 Support for Classtype keyword and Classification Config file 16 years ago
Victor Julien 10cc9d5b6a Add icmp flow handling. 16 years ago
Victor Julien a8116f65c8 Fix packet flags field not being cleared properly when the packet is being reused. Add some debug statements and cleanup some. 16 years ago
Victor Julien 4824868766 Application layer detection improvements 
- improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it.
- add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.
 16 years ago
Victor Julien 493715c0d2 Implement alert sid storage in the flow so we can check previous alerts in the flow. 16 years ago
Gerardo Iglesias 991d421394 Changed printf's to logging API functions 16 years ago
Pablo Rincon e26833be3f Changing mutex/spinlocks/conditions naming types 16 years ago
Pablo Rincon 769022f4be Adding support for Mac OS X, FreeBSD, centrailizing mutex/spins/conditions in a macro API, and some unittests 16 years ago
Anoop Saldanha 8beef4a9fc stats upgrade. Added interval counters to the decoder module 16 years ago
Pablo Rincon 292a7e47ef ICMPv6 Decoder and unittests 16 years ago
Breno Silva 15a8f34d36 Gid Keyword 
Signed-off-by: Brian Rectanus <brectanu@gmail.com>
 16 years ago
Gurvinder Singh 71da019734 some minor changes 16 years ago
Gurvinder Singh bbb385422d function to set packet flags 16 years ago
Gurvinder Singh cc0b4f7181 initial version to support detection byepass 16 years ago
Victor Julien db9e693054 Small fixes to pfring patch. 16 years ago
Victor Julien a4fe971897 Fix datalink retrieval for pcap file mode and nfq mode for use in unified2. 16 years ago
Victor Julien 0d0ffb9963 Reorganize header inclusions. 16 years ago
Jamie a297225157 victor must be getting sick of PPPoE and ICMP 16 years ago
Victor Julien b6deadd2b4 Fixed a few missing places for tv->flags access. Changed mutex init for packets slightly. 16 years ago
William Metcalf 6095b8f2a1 fix for older libc's missing def for IPPROTO_DCCP 16 years ago
Anoop Saldanha 22c0ec2bc5 Added support for the csum-<protocol> rules keyword to the detection engine. Keywords added are ipv4-csum, tcpv4-csum, tcpv6-csum, udpv4-csum, udpv6-csum, icmpv4-csum and icmpv6-csum 16 years ago
Jamie 9adfe54620 more unit tests for pppoe - part I 16 years ago
Victor Julien e7f8a02484 Improve GRE counting. Actually use the GRE decoder. Register the GRE counter. 16 years ago
Breno Silva 9528e02e46 GRE support 16 years ago
Victor Julien 57f71f7e4b Pass the DecodeThreadVars to all Decoder functions properly. Improve the error handling. 16 years ago
Anoop Saldanha 244f5d547a new registration functions for the stats api, with local thread storage for counter ids 16 years ago
Brian Rectanus fa5939ca91 64 bit cleanup part2 16 years ago
Victor Julien 2e4cc2ad3d Convert tabs to spaces in PPPoE code. 16 years ago
Jamie 8817364ef6 initial PPPoE decoder commit 16 years ago
William Metcalf a3510f2025 Made NFQ optional via --enable-nfqueue, --enable-logsigs will now load local.rules in the path other fixes 16 years ago
Victor Julien 689bbfdc45 Rename all structure definitions in the "typedef struct _SomeStruct" format to "typedef struct SomeStruct_" to make the Doxygen output more useful. 
Remove the Trie multi pattern matcher code. It wasn't used anymore.
 16 years ago
William Metcalf 2ab8291ea8 Multi-Threading capable libpcap 16 years ago
Breno Silva dec11038c6 PPP Support 16 years ago
Victor Julien eb0a5d8762 Add Address copy macro. 16 years ago
Victor Julien 9c7f5afa79 Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update. 16 years ago
Victor Julien a0b390c541 Fix pktvar and http uri memory leaks. 16 years ago
Victor Julien 657be002d1 Big detection engine update: scan improvements, b2g/b3g updates, bloom fixes, iponly detection implementation, dsize/flow grouping. 16 years ago
Victor Julien c4f2fe4bd7 Implement per packet variables and switch the http stuff to it. 16 years ago
Victor Julien edf8650a7e Tunnel update. 16 years ago
Victor Julien 8cda70668c Tunnel fixes. 16 years ago