aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,037 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2fe2d82506'
${ noResults }
Commit Graph

15037 Commits (2fe2d82506f5697d45ce28642bd3bb3780f3b369)
 

Author SHA1 Message Date
Juliana Fajardini 049aed529f meta-docs: update links 
Readme and PR template was still pointing to the redmine wiki and
readthedocs, replace with docs.suricata links.
 2 years ago
Victor Julien 6c7a209087 doc: security policy 2 years ago
Jason Ish f511b176bf github-ci: don't build docs in almalinux:8, centos:8 
Our docs require a newer version of Sphinx.
 2 years ago
Jason Ish 500a7abf57 doc/support-status: add support status page 
Convert the wiki page,
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Support_Status
into a page that is versioned along with the user guide.

Includes many updates to reflect our current support status.
 2 years ago
Jason Ish ad94ebddb7 doc/userguide: avoid horizontal scroll on rtd 
Add CSS to avoid horizontal scroll in tables on ReadTheDocs. This will
wrap the text instead.

Also, vertically align to top so if a cell does wrap, other cells that
do not wrap don't place the text in the middle of the cell.
 2 years ago
Victor Julien 389f166d78 file: remove FILE_USE_DETECT flag 
All implementations were converted to use the logic, so the flag itself
can be removed.
 2 years ago
Jeff Lucovsky 59fea84956 detect/file: Remove centralized proto definition 
Issue: 4145

Remove centralized protocol definitions for file handling in favor of
consolidated file access handling.
 2 years ago
Jeff Lucovsky f735e309e2 detect/file_data: Consolidate file handling 
Issue: 4145

Consolidate file handling for all protocols that use file objects for
file_data.

Make sure http_server_body / http.response_body for HTTP1 continue
to inspect the actual body. For HTTP2, http.response_body acts as
an internal alias for `file_data`.
 2 years ago
Jeff Lucovsky 2fd0025ede detect/file: Filehandler registration logic 
Add file handler registration functions for consolidated file handling.

Issue: 4145
 2 years ago
Jeff Lucovsky f2e2576ff4 file/htp: Add logic for file access 
Set file inspection sizes and marker for use with detect logic when
opening files by name or as part of a range.

Issue: 4145
 2 years ago
Jeff Lucovsky 82b585d202 file: Window and edge adjustments 
Issue: 4145

Adjust edge and window values after considering file size/inspected
values.
 2 years ago
Victor Julien 9ca4ef5dbe detect/engine: minor debug cleaup 2 years ago
Victor Julien 3fb92eec6f detect/mpm: remove useless checks 
The pattern store has already done these checks before.
 2 years ago
Jeff Lucovsky f1ddd310f7 mpm: Use typedef for mpm registration 
Issue: 4145
 2 years ago
Shivani Bhardwaj d4e674b390 rust: fix clippy warnings 2 years ago
Victor Julien 0068b81269 rust: update cargo.lock 2 years ago
Juliana Fajardini 9900bdc162 userguide/eve: format and reorganize alert section 
The `field action` portion seemed to be comprised of a more generic
section that followed it. Also formatted the section for lines to be
within the character limit.
 2 years ago
Juliana Fajardini 0437173848 output/drop: add verdict field 
Related to
Bug #5464
 2 years ago
Juliana Fajardini 53b8defd79 output/alert: add verdict field 
Related to
Bug #5464
 2 years ago
Juliana Fajardini d9c430d73d misc: fix typos & update copyright years 2 years ago
Shivani Bhardwaj 789353bc1e util/mime: skip over any invalid char 
For certain edge case handling for spaces, spaces were handled
particularly in the remainder processing functions. Make sure that now
that as per RFC 2045, util-base64 would skip over any invalid char, the
edge cases in MIME processor also be handled the same way.

This completes the work done in e46b033.

Ticket 6135
Ticket 6207
 2 years ago
Philippe Antoine 60db5e981c http2: do not append data after closing file 
Ticket: #6211

Completes commit 02dece5db5

Once a http2 stream has end of stream flag, we close the file.
If we see new data frames with this stream id, the new_chunk
function should ignore them as the file was already closed.
 2 years ago
Andreas Herz 24bcaf07ae doc/upgrade: add more 6 to 7 changes and minor improvements 
Issue: #5473
 2 years ago
Jeff Lucovsky 0a7ae99e49 config/swf: SWF deprecation warning message 
Issue: 6183

Issue a deprecation warning if SWF decompression is enabled.
 2 years ago
Victor Julien 3e53d5eea4 flow/hash: fix and cleanup key/flow_id getters 
Bug: #6205.
 2 years ago
jason taylor 62170d2fb9 doc: hyperscan information updated 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
jason taylor c95fce39f0 doc: add multi buffer support note to keyword docs 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
jason taylor 88960e909d doc: add multiple buffer matching documentation 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Jason Ish 0b5dc58e15 doc/userguide: more eve http upgrade notes 
Add more information with a examples of how the changes to EVE HTTP
logging may affect users.
 2 years ago
jason taylor 19a0b2b0d2 userguide: add details about tcp flow pass 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Victor Julien ce055111fe requirements: use libhtp 0.5.45 2 years ago
Victor Julien 2cac440f7d detect/filemagic: fix thread ctx registration; reloads 
Make sure thread ctx registration happens and id remains correct
in case of reloads.

To do so, move id var into the detect ctx.
 2 years ago
Victor Julien 8417d407be detect: more compact layout of DetectEngineCtx 2 years ago
Victor Julien 377f2d7e1e detect: reduce failure_fatal to bool to save space 2 years ago
Victor Julien fd36459c96 spm: reduce spm_matcher size to uint8_t 
No more space is needed.
 2 years ago
Victor Julien 7d0851b0c2 detect: create more strict rule validation 
Don't allow control characters other than LF, CR, TAB.
 2 years ago
Victor Julien a1401ab81b detect/iponly: fix minor warning with unittest but no debug 2 years ago
Victor Julien 7f822ba053 github-ci: run cocci in fedora 38 2 years ago
Jeff Lucovsky 690b65ae88 detect/byte_math: Permit var name for bytes value 
Issue: 6145

Modifications to permit a variable name to be used for the byte_math
bytes value.
 2 years ago
Jeff Lucovsky fb847d8bb0 detect/byte_math: Use proper index for rvalue var 
Use the proper index for extracting the rvalue variable value.
 2 years ago
Jeff Lucovsky 47e268d609 detect/byte_math: Document bytes variable name 
Issue: 6145

Document that byte_math accepts a variable name for bytes (optional)
 2 years ago
Jeff Lucovsky 3a4554fc2b detect/byte-jump: Document var usage for nbytes 
Issue: 6105
 2 years ago
Jeff Lucovsky 3f118188e9 detect/bytejump: Allow nbytes to be a variable 
Issue: 6105

This commit adds the ability for nbytes to be a variable when used with
the byte_jump keyword.
 2 years ago
Jeff Lucovsky 73b943276e doc/byte_test: Document byte_test variable usage 
Issue: 6144

This commit updates the byte_test documentation now that a variable name
can be used for the nbytes value.
 2 years ago
Jeff Lucovsky da866356c0 detect/byte_test: Allow nbytes value to be a variable 
Issue: 6144

This commit allows the byte_test keyword to accept an existing
variable name for a value (the value may still be specified directly as
an integer).

All nbytes values are subject to the same value constraints as before
- 23 if included with string
- 8 otherwise
 2 years ago
Lukas Sismis c339e7600a dpdk: improve handling of SOCKET_ID_ANY in DPDK 22.11+ 
Suricata complained that NIC is on different NUMA node than the CPU
thread. However, sometimes DPDK might be unable to resolve NUMA
location and as a result operate with any NUMA node that is available.
Current implementation reported NUMA ID as -1 which could have been
confusing to users.

Ticket: #6115
 2 years ago
Lukas Sismis 2fdc0e497e dpdk: refactor log messages 
Be more consistent with the log message format,
remove some unnecessary device name queries.

Ticket: #6116
 2 years ago
Lukas Sismis 3d54a103d0 dpdk: improve DPDK thread handling 
Ticket: #6106
 2 years ago
Lukas Sismis 5a3ecbde62 doc: update install instructions 
Ticket: #5987
 2 years ago
Jason Ish fa8baa35b1 requirements: suricata-update 1.3.0 2 years ago