aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,537 Commits
8 Branches
165 Tags
223 MiB
main
main-7.0.x
main-8.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2d16abcf8b'
${ noResults }
Commit Graph

2402 Commits (2d16abcf8bf379e0177d520ac89b19799ed177ef)

Author SHA1 Message Date
Anoop Saldanha fe11e02f58 fix inspect id update bug. This should prevent unnecessary FPs for pipelined requests 14 years ago
Anoop Saldanha 4e44073c79 http logging module should log all txs in the list and not just the last complete tx available on EOF 14 years ago
Anoop Saldanha c13ad8c28a Provide a function to set the app layer tx eof flag. Use this in FFR code instead of diretly setting the flag. This cleans up the API as well 14 years ago
Anoop Saldanha b406af451b updates to http tx id vars. FFR now flags the app layer session for EOF when creating a pseudo packet for a flow 14 years ago
Anoop Saldanha 67be07bf15 fix threading issue in debug log. locked mutex isn't freed before returning. fixed 14 years ago
Anoop Saldanha d23e775ae2 fix threading bug. Main thread's restart TV code waiting on a failed TV. Now main thread sets the de_init flag before waiting on the failed thread. Thanks to Eric Leblond for reporting it 14 years ago
Anoop Saldanha 737122663c IPProto now doesn't accept sigs, which has both < and >, with < value being less than > value. Update affected unittests to reflect the change 14 years ago
Anoop Saldanha dae099893b more unittests for ipproto with multiple nots + some fixes 14 years ago
Anoop Saldanha 9887084370 support multiple ipprotos in the same sig + unittest 14 years ago
Anoop Saldanha a781fb9884 rewrite all ipproto keyword tests 14 years ago
Anoop Saldanha 8033a262a7 cleanup ipproto code 14 years ago
Anoop Saldanha caf450d325 fix ipproto keyword negation case - bug #340 14 years ago
Eric Leblond 79c329f81b alert-unified2: logging of stream segments. 
This patch adds the logging of stream segments. Among other
modifications, it uses a wrapper to fwrite to permit to update
file statistics in an automated manner. Some memcpy have also
been avoided by using pointer to the data.
 14 years ago
Eric Leblond 2fa837bcec alert-debuglog: Add logging of stream segments. 
This patch introduces logging of the stream segments in case of
a signature match on application layer.
 14 years ago
Eric Leblond 4f0cdf28a3 Introduce StreamSegmentForEach function 
This patch introduces a function called StreamMsgForEach which
can be used to run a callback on all segments of a stream. This
is currently only supported for TCP as this is the only streaming
aware protocol.
 14 years ago
Anoop Saldanha d68775d47d introduce bitmasks instead of alproto_masks for use by the probing parser. Remove all alproto_masks we had previouslys for PP 14 years ago
Victor Julien f5ef842752 Implement a counter for TCP packets with invalid checksums: tcp.invalid_checksum. Bug #311. 14 years ago
Anoop Saldanha d3989e7cee probing parser updated to always accept u32 buflens. Update all probing parser functions to accomodate this change 14 years ago
Anoop Saldanha 80d80000bb fix probing parser flag usage during protocol detection 14 years ago
Anoop Saldanha 432c3317d2 app layer probing parser updates 14 years ago
Anoop Saldanha d68f182ebd introduce SCPerfSyncCounters/SCPerfSyncCounters macro to synchronize counters 14 years ago
Anoop Saldanha f7b1972263 update broken stats.log. Use pktacqloop funcs in pcap-file, pfring, pcap-live, af-pkt to sync counters - bug #343 14 years ago
Victor Julien a1f68bf411 Fix detection engine informational message misrepresenting decoder only signatures. 14 years ago
Eric Leblond abddbe1c91 unitest helper: Fix copy of packet data. 
The copy of packet data was causing a memory corruption causing
weird crash.
 14 years ago
Victor Julien 7beb5cdf58 Add util-optimize.h to suricata-common.h so all code can use it. 14 years ago
Eric Leblond db42981a3d Fix suricata start when no interface is given. 
When no interface was specified on command line, the workers and
single mode where not able to start due to the fact there was no
registered interfaces.
 14 years ago
Eric Leblond 9aabf94c9f Suppress useless parameter in function 
ConfigParser is called in the parent function and it is thus not
necessary to send it to the per device function.
 14 years ago
Eric Leblond 58d7cb20eb pcap-info: fix compilation warning. 14 years ago
Eric Leblond 27f1d88374 Add pcap-info alert format. 
This patch adds a new alert format called pcap-info. It aims at
providing an easy to parse one-line per-alert format containing
the packet id in the parsed pcap for each alert. This permit to
add information inside the pcap parser.

This format is made to be used with suriwire which is a plugin for
wireshark. Its target is to enable the display of suricata results
inside wireshark.

This format doesn't use append mode per default because a clean file
is needed to operate with wireshark.

The format is a list of values separated by ':':
  Packet number:GID of matching signature:SID of signature:REV of signature:Flow:To Server:To Client:0:0:Message of signature
The two zero are not yet used values. Candidate for usage is the
part of the packet that matched the signature.
 14 years ago
Eric Leblond 1d1e7667ae util-runmode: rename mod_threads_conf to ModThreadsCount. 14 years ago
Eric Leblond 625a1e070f runmode: suppress printf 
This patch replaces printf by called to SCLogErroc.
 14 years ago
Eric Leblond 2596d3bcdd runmode: treat SCStrdup error. 14 years ago
Eric Leblond beaa909eb8 Add "workers" runmode. 
Previous commits have considerabily empowered the "single" mode which
could contain multiple threads. This behaviour was not a target for
this runmode and the following patch remedies to the situation by
introducing the "workers" mode where each thread do all the tasks
from acquisition to logging. This runmode is currently implemented
for af-packet and pf-ring.
 14 years ago
Eric Leblond 788fa1e5a1 pfring: Fix typo in help. 14 years ago
Eric Leblond 730a86e6b8 pfring: fix warning 
When PF_RING is disable this function is unused and thus trigger a
warning at compilation.
 14 years ago
Eric Leblond 3f75b10f79 Suppress useless code. 
This code was making a warning for some time now. This patch kills
it.
 14 years ago
Eric Leblond 45d5c3ca59 runmode: introduce configuration dereferencing. 
A devide configuration can be used by multiple threads. It is thus
necessary to wait that all threads stop using the configuration before
freeing it. This patch introduces an atomic counter and a free function
which has to be called by each thread when it will not use anymore
the structure. If the configuration is not used anymore, it is freed
by the free function.
 14 years ago
Eric Leblond 3261b814db Make SC_ATOMIC_[SUB|ADD] return result value 
This patch modifies the SC_ATOMIC_[SUB|ADD] to have them return
the value of the result. This permit to write test based on return
of the macro.
 14 years ago
Eric Leblond d3d99ffa13 Fix coding style and use SC* function. 
This patch fixes the coding style and uses Suricata function instead
of plain lic version.
 14 years ago
Eric Leblond f998fda4dd pfring: factorize iface and parser initialisation. 14 years ago
Eric Leblond cc7b80437a pfring: should not call free 14 years ago
Eric Leblond 93cf2b1690 pfring: add single mode. 14 years ago
Eric Leblond 77869a2df8 single runmode: add support for multiple capture threads 14 years ago
Eric Leblond c75fffe92d Improve help message 
Usage of command line has evolved with the introduction of long option.
This patch updates the description of the related options.
 14 years ago
Eric Leblond dc075a74a2 pcap: add --pcap option 
This patch adds a --pcap option which can be used to select or
an interface if an argument is provided or the interfaces defined
in the configuration file.
 14 years ago
Eric Leblond b2c281920f af-packet: should not call free 14 years ago
Eric Leblond 1aab2470db af-packet: factorise single mode. 14 years ago
Eric Leblond 63d614162c pcap: should not call free 14 years ago
Eric Leblond 491686c33e pcap: factorise single mode. 14 years ago
Eric Leblond abe99ee5f6 runmode: add factorisation function for single mode. 14 years ago
Eric Leblond c3ba992652 pfring: restore precedence of command line options. 14 years ago
Eric Leblond b2598f97e7 pcap: restore backward compatibility 14 years ago
Eric Leblond 21663acd3b pcap: use good var name for live-interface 14 years ago
Eric Leblond d3d8beb337 pcap: factorize runmode 
This patch factorizes auto and autofp runmodes for pcap.
 14 years ago
Eric Leblond d9d8286671 pfring: restore compatibility with v1.0 config 
Compatibility of pfring module with previous version was broken. This
patch restores backward compatibility.
 14 years ago
Eric Leblond a64dcfeba2 pfring: use factorisation function 
This patch convert pfring to pktacqloop and use the new factorisation
function. This also fixes commmand line parsing of pfring which is now
able to work like af-packet:
 - 'suricata -c s.yaml --pfring' start suricata with all interfaces in
 conf
 - 'suricata -c s.yaml --pfring=eth2' start suricata on eth2
 14 years ago
Eric Leblond cbb36b5182 af-packet: remove unused function 14 years ago
Eric Leblond 75c875b1ac af-packet: use factorisation function for Auto mode. 14 years ago
Eric Leblond 8bf0897b3c Add factorisation function for runmode. 
This patch adds a function which will be used to factorise the
Auto runmode between the different IDS mode.
 14 years ago
Eric Leblond d4d62f3099 http-uri: Remove useless function declaration. 14 years ago
Victor Julien 3401defbbb tag: fixes and cleanups 
Major fixes for the tag subsystem:

- Removed TimeGet call from tag packet runtime to safe a gettimeofday
- Removed unused lock from data type
- Fixed broken first packet skip logic
- Fix broken reference counter logic
- Fix memory leak on tag expiration
- Cleaned up code
 14 years ago
Anoop Saldanha b7b58074de fix ac unittest 14 years ago
Anoop Saldanha d6f9e06bbb update ac to behave the same way irrespective of the state count. Should improve performance. Also fix unittests to accomodate these changes 14 years ago
Anoop Saldanha dcaef183e8 fix compiler warning for printf format 14 years ago
Victor Julien bc5c9f4a52 Fix too many SMTP commands causing an integer overflow in the cmds_cnt variable, in turn causing an out of bounds memory write. 14 years ago
Victor Julien 9baa16af63 Convert flow memcap to u64. Bug #332. 14 years ago
Victor Julien 8208eacd79 Convert stream memcaps to u64. Bug #332. 14 years ago
Victor Julien 4c641f0deb Fix compilation with profiling enabled. 14 years ago
Anoop Saldanha 3ec7b75194 fix timestamps for pseudo packets created during FFR - bug 337 14 years ago
Anoop Saldanha 9d94bb38d5 refactor flow timeout code. fix ipv6 address assignment for pseudo pkt. 14 years ago
Anoop Saldanha 246a4e9fff for shutdown reassembly properly init the reassembly packet using PACKET_RECYCLE 14 years ago
Victor Julien 1a5931e878 pcap-log: fall back to sguil_base_dir option if 'dir' isn't set. Minor cleanups. 14 years ago
William Metcalf 3b3f5816bf You spin me right round baby, right round like a rotating packet capture right round. Oh, also log file size counters are now uint64_t 14 years ago
Victor Julien 6bad2dbd79 Don't match on IP only rules that use ports if packet is not (proper) TCP, UDP or SCTP. Rules out frags matching as well. 14 years ago
Anoop Saldanha 63ed36a892 Replace all reallocs with SCReallocs 14 years ago
Anoop Saldanha 4307ea2348 Replace all frees with SCFrees 14 years ago
Anoop Saldanha 797b1a44c7 Replace all strdup with SCStrdup 14 years ago
Anoop Saldanha 13ea299ee0 Replace all mallocs with SCMallocs 14 years ago
Eric Leblond de59c9f4b1 Add and use utility functions for checksum computing. 14 years ago
Eric Leblond a85dc9b0e2 Add support for replace keyword. 
This patch adds support for the replace keyword. It is used with
content to change selected part of the payload. The major point
with this patch is that having a replace keyword made necessary
to avoid all stream level check because we need to access to the
could-be-modified packet payload.

One of the main difficulty is to handle complex signature. If there is
other content check, we must do the substitution when we're sure all
match are valid. The patch adds an attribute to the thread context
variable to be able to deal with recursivity of the match function.

Replace is only activated in IPS mode and apply only to raw match.
 14 years ago
Eric Leblond 0c34a1c5e7 rewrite constants and add flag for replace 
This patch make use of bit shift to rewrite some of the mask constants.

It also delete an unused flag value and suppress the associated dead code.
The numeric value of the flag is now used by the flag needed for replace
code.
 14 years ago
Victor Julien 77b7089f79 Fix stream-events not working. Stream events won't fit our 'detection only' schema. Fixes #321. 14 years ago
pilcrow f5017e0d1a Always try PCRE_NO_AUTO_CAPTURE first for signature regexes. 
Many, many pcre: signatures specify (...) when the more efficient
(?:...) is all that is needed.  This change attempts to force
PCRE_NO_AUTO_CAPTURE on all unnamed capture groups, reverting to
capturing when necessary, e.g., when \1 is referenced.
 14 years ago
Victor Julien 60887131be Fix minor address parsing compiler warning. 14 years ago
Anoop Saldanha 8028392e9a fix mpm segv. Use sgh flags to check if the sgh has packet or stream mpm set or not 14 years ago
Anoop Saldanha 41d71a6d70 fix http http transaction id update. Update transactions as soon as we receive a callback on new request 14 years ago
pilcrow ed69eeab14 Safer macro parenthesization and do/while use 14 years ago
Eric Leblond bbd04fde30 NFQ: fix race condition at exit. 
A race condition was observed when leaving NFQ. This was caused by
the queue handle being accessed after been nullified. This patch
uses the handle mutex to protect the destruction and adds tests
on nullity to avoid crashed.
 14 years ago
Victor Julien 1ab6443e44 Fix compilation when profiling is enabled. 14 years ago
Anoop Saldanha b6ba944e6d Rearrange flow manager functions into flow-manager.[ch]. Some other minor changes/updates 14 years ago
Anoop Saldanha 7c729d2d53 some more code cleanup + comments added 14 years ago
Anoop Saldanha d14fdb1156 Remove the unnecessary unittest runmode check to get the test working. Modify tests to get it working around this 14 years ago
Anoop Saldanha 16884a0dea refix failing unittest 14 years ago
Anoop Saldanha 552e72e35e fix failing unittest 14 years ago
Anoop Saldanha 0957c0f8a4 shutdown timeout reassembly shouldn't check timeout flag set or not on flow 14 years ago
Anoop Saldanha 3f1c4efceb Add new flags var to tm module. TMs can now set flags to identify special properties. Also use these to identify receive TMs 14 years ago
Anoop Saldanha 54f6e4ff4d Merge thread kill functions. Merge slot's tm_id with the one used by packet profiling. Remove some junk unused code from ms sync pts. Timeout setup cleanup as well. packet q dbg_maxlen now u32 var. 14 years ago
Anoop Saldanha e335bdbfbc Code cleanup. All code to kill flow manager thread under one function now. 14 years ago
Anoop Saldanha 99a496e852 Indentation fixes 14 years ago
Anoop Saldanha e68ca2f32f Rewrite forced reassembly v2 using while loop instead of goto 14 years ago
Anoop Saldanha 6cc179fad8 flow mgr code doesn't have to bother on immediately exiting on seeing a suricata_ctl flag set 14 years ago
Anoop Saldanha b09c9751aa Now flow hash section can force reassemble flows as well 14 years ago
Anoop Saldanha 42493ee6b7 rename pseudo packet creation function. Shift the check for forced reassembly necessity on a session/direction to an inline function in the stream api 14 years ago
Anoop Saldanha 6c95526423 Introduce a new wrapper macro that wait loops till the flag(s) in question have been set 14 years ago
Anoop Saldanha a7acf9ea8f Remove all code introduced earlier concerned with ms sync points 14 years ago
Anoop Saldanha b0a588beeb Introduce another solution to solve stream timeout shutdown issue using thread flags. No more MSSyncPts 14 years ago
Anoop Saldanha aef957c6eb cleanup flow code and pseudo packet creation function 14 years ago
Anoop Saldanha f2bcf9ea2c modify post_pq packet handling. 
- Lock the q just once, once we have detected the presence of packet(s)
  in the queue.  Unlock it when we consume all packets from the q.
 14 years ago
Anoop Saldanha b4887943fb packet queue len member is now 32 bit unsigned from the previous 16 bit unsigned. Should take care of the overflow for now 14 years ago
Anoop Saldanha 9256c7bf0a always keep queue locked till we exit flowprune. Should prevent potential threading issues 14 years ago
Anoop Saldanha d4ba869a35 fix - we need to set direction flags for reassembly pseudo packet. Also reset local flags for every flow that is force reassembled in ForQ 14 years ago
Anoop Saldanha 4ef3679b13 Remove the macro for pktacqloop which is now replaced by an inline function 14 years ago
Anoop Saldanha edebdee1e5 update flow pruning - v6 14 years ago
Anoop Saldanha 99207c718d Avoid possiblity of potential engine idling from consumption of all packetpool packets - v1 
- Now forced reassembly uses only malloced packets.
 14 years ago
Anoop Saldanha 7d3e501f57 shutdown stream reassembly now avoids looking at flows that have already been processed by flow mgr reassembly 14 years ago
Anoop Saldanha a559bfc165 signal the post pq if possible, whenever pseudo packets are injected into engine flow. Also carry out post pq processing irrespective of packet retrieval from the flow. 14 years ago
Anoop Saldanha fd9bacb02d fix usage of htons to htonl in creation of pseudo packet 14 years ago
Anoop Saldanha 56fba8e275 move flow incr cnt while we actually create the pseudo packet in forced reassembly 14 years ago
Anoop Saldanha 51d2b64902 update flow pruning - v5 14 years ago
Anoop Saldanha c30dbff63d update flow pruning - v4 14 years ago
Anoop Saldanha 3b0142fa46 update flow pruning - v3 14 years ago
Anoop Saldanha 6dcb68abb0 update flow pruning - v2 14 years ago
Anoop Saldanha f197b32a55 update flow pruning - v1 14 years ago
Anoop Saldanha 272c2433ec Cleanup flow.c before further changes 14 years ago
Anoop Saldanha 8363533a02 support for forced stream reassembly for to be pruned flows 14 years ago
Anoop Saldanha 727a950e39 Move time elapsed right after we finish all packet processing 14 years ago
Anoop Saldanha 762ac0fe31 update conditional in shutdown forced reassembly to check for flows that required flow reassemly 14 years ago
Anoop Saldanha 15359dc47e Slot structure now holds the TV it belongs to 14 years ago
Anoop Saldanha 9552e6f696 Shutdown flow timeout reassembly now supports ipv6 14 years ago
Anoop Saldanha 54f8d56f48 Packet inspection keywords modified to not inspect pseudo packet 14 years ago
Anoop Saldanha c365bafbf6 We now inspect timed out streams + streams not processed as yet, at engine shutdown 14 years ago
Anoop Saldanha 56432cee16 Single thread kill also checks if inq is cleared before shutting down 14 years ago
Anoop Saldanha 8fa923c5ac - All threads also check to see if their inq is cleared before they shutdown. 14 years ago
Anoop Saldanha a844eecb0e - Updated all runmodes to use synchronization points, right before each thread(slot function) tries to de-init the thread. - Main thread now first disables receive thread(s) before it kills receive and rest of the threads. 14 years ago
Anoop Saldanha e567c2d002 Introduce master-slave synchronization support for ThreadVars 14 years ago
Anoop Saldanha 94c5ecb069 introduce inline function version of TmThreadsSlotProcessPkt macro. Retain the macro as well 14 years ago
Anoop Saldanha fd6faac196 update TmThreadsSlotProcessPkt with better error handling + post pq processing 14 years ago
Anoop Saldanha 3fb65f5ec2 fix local var usage for slot in tm-threads.c 14 years ago
Anoop Saldanha acbcee69ff support post pq packet processing in var slot 14 years ago
Victor Julien cc4e89fbe1 Profiling: convert all packet profile counters/variables to u64. Improve output for larger numbers. 14 years ago
Eileen Donlon e8c51e09e8 fixed bug 291 corrected reference to reference-config-file 14 years ago
Eileen Donlon 89599d3b9b fixed bug 288; corrected config boolean parsing problems 14 years ago
Eric Leblond de1d002ea6 Return OK when leaving cleanly. 14 years ago
Eric Leblond 2631e5f14f pcap: get rid of old API. 14 years ago
Eric Leblond 6f975d3248 pcap: add "autofp" runmode 
This patch adds "autofp" runmode. This runmode supports multiple
devices and uses the new CPU affinity system.
 14 years ago
Eric Leblond effa295489 pcap: add "single" runmode 
This patch adds support for the "single" mode to the pcap live
mode.
 14 years ago
Victor Julien e13181496c ip-only: added support for matching on ports. 14 years ago
Victor Julien 3d396e8b1e Update PCRE JIT code to support official JIT implementation in pcre-8.20-RC1. 14 years ago
Victor Julien 751a77a9be Make sure stream/engine-event signatures are recognized as such. 14 years ago
Victor Julien c590bba4a4 Undo tunnel reference counting using atomic operations. Revert to mutex based code. 14 years ago