suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	3c7ad453fe	classification: spelling	2 years ago
Victor Julien	29d59ee155	detect: spelling: SIG_FLAG_INIT_PRIO_EXPLICIT	2 years ago
Victor Julien	b31ffde6f4	output: remove error codes from output	3 years ago
Victor Julien	39f5c7f56a	error: use SC_EINVAL for invalid input	3 years ago
Philippe Antoine	3de99a214c	pcre2: migrate keywords parsing	4 years ago
Victor Julien	6ab323d323	detect: hide RegisterTests behind ifdef UNITTESTS Update all callers to more aggressively use UNITTESTS guards as well.	5 years ago
Victor Julien	26bcc97515	detect/keywords: dynamic version part of doc URL	5 years ago
Jeff Lucovsky	7f6af10fed	general: copyright bump	5 years ago
Jeff Lucovsky	4b0085b03c	detect: Update to take advantage of PCRE refactor This commit changes the keyword detectors to use the refactored PCRE modifications from detect-parse.[ch]	5 years ago
Victor Julien	89a717d41c	detect/classtype: implement strict parsing option	6 years ago
Victor Julien	523e91b231	detect/classtype: check size of rule input	6 years ago
Victor Julien	517834e327	classtype: use global defines for size limits	6 years ago
Victor Julien	99bdb54d9f	detect/classtype: show file and line for unknown classtype	6 years ago
Victor Julien	43b5234055	detect/priority: use global define for default prio	6 years ago
Victor Julien	954c43daf4	detect/classtype: allow undefined classtypes Effect of classification on Suricata's working is minimal. Impact of adding undefined classtypes is large: rules will fail to load completely. This also leads multiple lines of log output per rule, which in a large ruleset can lead to excessive output. This patch changes the classtype keyword behavior. Instead of erroring and invalidating a rule, we will merely warn. The undefined classtype is then defined with a default priority, so other rules using the classtype will not also warn. This way there will be just a single warning per missing classtype.	6 years ago
Victor Julien	323a747f39	classtype: increase id size Switch from u8 to u16 to allow for more classtypes. Rename Signature::class to Signature::class_id to make it clear it is an id.	6 years ago
Victor Julien	a37e09cbe0	detect/classtype: change duplicate classtype behavior Detect duplicate instances and use the one with the highest priority. Use new priority flag to make the logic around explicit priority sets easier to follow. Minor code cleanups. Also clean up unittests.	6 years ago
Victor Julien	bfee28db5e	detect/classtype: clean up error handling	6 years ago
Victor Julien	5e5761a29c	detect/classtype: warn on duplicate classtype Issue warning instead of erroring and invalidating the rule. It's not a very serious issue, so don't error out.	6 years ago
Victor Julien	282e1c2520	detect/classtype: fix parsing error checking	6 years ago
Shivani Bhardwaj	d801c3e588	detect: Make keyword description consistent Closes redmine ticket #3137.	6 years ago
Shivani Bhardwaj	b5b429c288	detect: Add missing keyword URLs and description Add missing keyword URLs and their description. Fix the ones that were incorrect. Partially closes redmine ticket #2974.	6 years ago
Andreas Herz	0210d70550	rule-parser: detect duplicate classtype keyword	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	39613778cd	detect: make setup/free/match funcs static where possible	9 years ago
Eric Leblond	a2e2f50fb9	documentation: fix list keywords URLs Update URLs in keyword definition to point to sphinx documentation.	9 years ago
Victor Julien	e67ae0f174	detect keywords: use parse regex util func	9 years ago
Jason Ish	796dd5223b	tests: no longer necessary to provide successful return code 1 pass, 0 is fail.	9 years ago
Victor Julien	393689ce44	classification: remove global from parsing Parsing code used a 'fd' global. Remove this.	10 years ago
Victor Julien	b2c4a50e39	Fix small memory leak in classtype parsing	12 years ago
Victor Julien	a7a77e32ca	Convert classtype keyword to pcre_copy_substring	12 years ago
Eric Leblond	6842545331	Add documentation url in list-keyword output. The output of the list-keyword is modified to include the url to the keyword documentation when this is available. All documented keywords should have their link set. list-keyword can be used with an optional value: no option or short: display list of keywords csv: display a csv output on info an all keywords all: display a human readable output of keywords info $KWD: display the info about one keyword.	13 years ago
Anoop Saldanha	6003c7cb6b	clean classification config API	13 years ago
Anoop Saldanha	420befb180	Changed my email address to anoopsaldanha at gmail dot com from my current one	14 years ago
Gurvinder Singh	cda664a8c4	memroy leaks fixes in detection module, app layer and counters	15 years ago
Victor Julien	7a6d4b57f0	Add support for class id in classification code. Submitted by firnsy@securixlive.com, thanks.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	8b30226914	Detection keyword cleanup	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gerardo Iglesias Galvan	ba6d807a6e	Improve information about errors on signature failure	16 years ago
Victor Julien	ecab1fae36	Remove contents of VRT classification.config.	16 years ago
Anoop Saldanha	011b74df63	Modify the classification config tests to use the buffer than a temp file and also fix an invalid free	16 years ago
Anoop Saldanha	bc4df59414	Support for Classtype keyword and Classification Config file	16 years ago
Victor Julien	ecf86f9c23	Rename to Suricata.	16 years ago
Victor Julien	0d0ffb9963	Reorganize header inclusions.	16 years ago
Victor Julien	5df5b35e90	Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups.	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

47 Commits (3c7ad453feeb6c703596b4fd62f2b82eaefc4ec3)