suricata

Commit Graph

Author	SHA1	Message	Date
Eric Leblond	dd038c1906	Modify files to avoid direct pckt payload access This patch implements the needed modification of payload access in a Packet structure to support the abstraction introduced by the extended data system.	15 years ago
Victor Julien	3409513a44	Fix FlowTest* unittests to fail sometimes.	15 years ago
Victor Julien	fc248ca7a1	Many small performance updates.	15 years ago
Pablo Rincon	5c43db85ce	Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection	15 years ago
William Metcalf	50eb3cba6a	seems to be a race between FlowTestPrune and FLOW_DESTROY in FlowTest0* comment out the later for now	15 years ago
Victor Julien	cff0a0bda2	Fix segv conditions caused by broken flow cleanup code.	15 years ago
William Metcalf	0e4235cc94	FLOW_DESTROY added to clean-up UT's that init flow	15 years ago
Victor Julien	2f29b8a724	Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166 .	15 years ago
Victor Julien	ba12f3c109	Applayer to flow fixes and cleanups.	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	15 years ago
Victor Julien	c26434fef1	Move flow use cnt to atomic and outside of the flow mutex protection.	15 years ago
Victor Julien	87345e5c60	Switch flow memuse counter to the atomic api.	15 years ago
Victor Julien	3484e2abde	Fix flow engine memory handling.	15 years ago
Pablo Rincon	b491ef2be0	Removing FlowAllocDirect since it's not needed anymore	15 years ago
Victor Julien	2fd31a1a11	Remove dsize grouping from detection engine grouping reducing memory usage. Store sgh in flow to reduce lookups. Reduce locking in alert handling. Increase default grouping values as we use less memory.	15 years ago
Pablo Rincon	29a6fc2f03	Adding some flow improvements and recovery on emergency mode	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago
Gerardo Iglesias Galvan	9f4fae5b1a	Fix inconsistent use of dynamic memory allocation	15 years ago
Victor Julien	53b388b669	Improve flow hash debugging, switch to csv output.	15 years ago
Victor Julien	548a3b2c93	Improve flow hash debugging functions. Make sure ICMP errors don't create flows. Handle ICMP DEST UNREACH errors in the flow they are sending the error about.	15 years ago
Victor Julien	2dc5405d3a	Add debug code for tracking flow hash distribution. Only add ICMP DEST_UNREACH packets to the flow engine.	15 years ago
Victor Julien	0ebf7cbc5e	Convert flow bucket lock from mutex to spinlock. Locks should be very short, so spinlocks should be faster.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	070ed778b8	Libcap-ng support by Gurvinder Singh and myself. Basic support for per thread caps is added, but not activated as it doesn't seem to work yet. Work around for incompatibility between libnet 1.1 and libcap-ng added.	15 years ago
Victor Julien	fc2029ef58	Fix small memuse counter issue in flow subsys, remove emergency printfs	15 years ago
Jason Ish	00974d157b	Fix issue 131. Flow-timeouts likely don't need to be a sequence, but rather mappings. We'd only need a sequence if you wanted to list something like "tcp" twice which I don't think makes sense for configuration section. Also fixup flow.c to not attempt to use the sequence, and put the timeouts into their correct place.	15 years ago
Victor Julien	958b61ab85	Fix errors in the unittests reported by valgrind's drd tool. Add explanation of a FP.	15 years ago
Victor Julien	eeb98c6900	Move SCSetThreadName to proper functions.	15 years ago
Gerardo Iglesias Galvan	9f35a24a1f	Set threads name. Fix bug #83	15 years ago
Victor Julien	ae2698c9cc	Properly cleanup used mutexes and condition vars in the flow subsys.	15 years ago
Victor Julien	5e3f072fa6	Clean up flow mutexes after use.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gurvinder Singh	bf236e4567	better htp memory handling & flow valgrind error fixed	16 years ago
Victor Julien	f7f33ec889	Fix the flow manager sleeping for way too long in some situations.	16 years ago
Pablo Rincon	7f250a814a	Fixing redeclaration of run_mode	16 years ago
Pablo Rincon	5592189c04	Loading flow settings from config	16 years ago
Victor Julien	cae8e06cb9	Properly lock app layer result pool and add some debugging code for memory tracking.	16 years ago
Pablo Rincon	c80160b96d	More examples of unittest helper functions usage reference	16 years ago
Victor Julien	27a138d862	Suppress some flow messages.	16 years ago
Victor Julien	9ececacda3	Fix packet timestamp handling for encapsulated packets.	16 years ago
Victor Julien	6b36e23e45	Fix not decreasing the flow use_cnt reference counter in some cases from the app layer detection code. This caused some streams to never fully time out and thus clutter up the flow table and session pool.	16 years ago
Victor Julien	b7bac14040	Fixup code to compile with -Wall -Werror -Wextra -Wno-unused-parameter compiler options.	16 years ago
Victor Julien	6beee776ca	Move rand seed code into util-random	16 years ago
Pablo Rincon	6224c30548	Adding preseending to rands	16 years ago
Victor Julien	10cc9d5b6a	Add icmp flow handling.	16 years ago
Victor Julien	a8116f65c8	Fix packet flags field not being cleared properly when the packet is being reused. Add some debug statements and cleanup some.	16 years ago
Victor Julien	4824868766	Application layer detection improvements - improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it. - add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.	16 years ago
Victor Julien	ecf86f9c23	Rename to Suricata.	16 years ago

1 2

94 Commits (4bf43823549f0848604be688d401d2fd2e7798bb)