suricata

Commit Graph

Author	SHA1	Message	Date
Mats Klepsland	4172c4c8ac	tls: add (mpm) keyword tls_cert_subject This keyword is a replacement for tls.subject.	9 years ago
Mats Klepsland	9b2717799c	tls: add (mpm) keyword tls_cert_issuer This keyword is a replacement for tls.issuerdn.	9 years ago
Mats Klepsland	a13df67864	detect: add (mpm) keyword for tls_sni Match on server name indication (SNI) extension in TLS using tls_sni keyword, e.g: alert tls any any -> any any (msg:"SNI test"; tls_sni; content:"example.com"; sid:12345;)	9 years ago
Victor Julien	bfe49b60f7	rule analyzer: add no/both direction warning	9 years ago
Victor Julien	0d3f671b55	detect: constify mpm/detect funcs	9 years ago
Victor Julien	2c8e8c2516	dns: rename type so it's purpose is more clear	10 years ago
Victor Julien	1ed8d7b538	detect analizer: fix minor coverity warning ** CID 1298889: Integer handling issues (NEGATIVE_RETURNS) /src/detect-engine-analyzer.c: 102 in EngineAnalysisFP()	10 years ago
Victor Julien	8d0b090150	engine-analysis: print fast_pattern summary When using engine analysis for print fast_pattern stats, print a short summary at the end containing per buffer: - smallest fp - biggest fp - number of patterns - avg fp len	10 years ago
Giuseppe Longo	41a1a9f4af	find and replace HSBDMATCH by FILEDATA This commit do a find and replace of the following: - DETECT_SM_LIST_HSBDMATCH by DETECT_SM_LIST_FILEDATA sed -i 's/DETECT_SM_LIST_HSBDMATCH/DETECT_SM_LIST_FILEDATA/g' src/* - HSBD by FILEDATA: sed -i 's/HSBDMATCH/FILEDATA/g' src/*	10 years ago
Victor Julien	d834173bb8	detect-flow: use dedicated flags The flow keyword used flag names that were shared with the Packet::flowflags field. Some of the flags were'nt used by the packet though. This lead to waste of some 'flag space'. This patch defines dedicated flags for the flow keyword and removes the otherwise unused flags from the FLOW_PKT_* space.	11 years ago
Ken Steele	8f1d75039a	Enforce function coding standard Functions should be defined as: int foo(void) { } Rather than: int food(void) { } All functions where changed by a script to match this standard.	11 years ago
Anoop Saldanha	127ef8f903	Use a typdef AppProto <-> uint16_t for representing app layer protocol. Some minor refactoring/cleanup, including renaming functions.	12 years ago
Ken Steele	d4dd18eb85	Clean up SCLocalTime() usage Remove cast of return type from SCLocalTime() as it is not needed. Replace last use of localtime_r() with SCLocalTime().	12 years ago
Eric Leblond	34abd818dd	Prefix util-conf function with Config	12 years ago
Eric Leblond	54006de40c	Use new function GetLogDirectory()	12 years ago
Victor Julien	43ba5a677e	DNS: enable mpm/fast_pattern support for dns_query	12 years ago
Anoop Saldanha	f58c6589b4	We now print content flags in engine fp analyzer.	13 years ago
Last G	8ae11f73b2	Added parentheses to fix Eclipse static code analysis Fixed bug in action priority (REJECT_DST had lowest prio)	13 years ago
Eric Leblond	86709f5e9d	rule analyser: display message for invalid signatures	13 years ago
Eric Leblond	c7cfbb71c9	engine-analyzer: fix typo in message	13 years ago
Eric Leblond	b0471fb8e4	rule analyser: add msg if rule is ipv4 or ipv6 only	13 years ago
Anoop Saldanha	7a7cd6999e	feature #558 . Print FP info in rule analysis + other cleanup.	13 years ago
Victor Julien	f1b6f7a9e6	rule analyzer: make analyzer aware of http_user_agent pcre flag /V.	13 years ago
Victor Julien	bd6b865473	rule analyzer: fix fast pattern analyzer reporting wrong filename (same as rule analyzer).	13 years ago
Anoop Saldanha	bf6cd48259	if a sig's set as stream sig only, don't updated it as both stream and pkt sig if offset/depth's present bug #495 - update rule analyzer to not warn on offset_depth-tcp_pkt update if sig is stream only bug #497 - rule_warnings fixed	13 years ago
Anoop Saldanha	7833883a8f	bug #496 - don't warn about offset/depth for packet sigs	13 years ago
Victor Julien	c2e484ae88	rule analyzer: fix detecting stream match	13 years ago
Anoop Saldanha	946a9ece32	rule analyzer updated for sigs with offset/depth set + alproto set	13 years ago
Victor Julien	850379552a	rule analyzer: minor cleanups. Fix warning-only setting, allow true/yes/enabled for yaml option.	13 years ago
Eileen Donlon	c81020e9a3	feature 349 rule analyzer v1	13 years ago

30 Commits (4172c4c8acbb94a9f2e4ca6614cd03aef77a7b67)