suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	50aceb11eb	Clean up stateful detection code.	14 years ago
Anoop Saldanha	966119b6aa	support for http_raw_uri keyword + mpm engine	14 years ago
Victor Julien	e19f6ebaf4	Various fixes for issues reported by clang.	15 years ago
Victor Julien	1d971b53a6	Update all unittests	15 years ago
Victor Julien	f606621e8c	Fix the pseudo packet having the wrong proto set, causing massive fp's. Flag packets to be part of the established phase of a tcp session, so we won't prematurely inspect the app layer state.	15 years ago
Anoop Saldanha	c9897a44a4	fast pattern support for http_cookie. Also support relative modifiers	15 years ago
Anoop Saldanha	bbbedaf963	fast pattern support for http_method. Also support relative modifiers	15 years ago
Anoop Saldanha	7ec0382774	support fast pattern for http raw header. Also support relative modifiers for http raw header	15 years ago
Anoop Saldanha	c61c68fd36	mpm and fast pattern support for http_header. Also support relative modifiers for http_header	15 years ago
Anoop Saldanha	302011dbca	fix compilation issues with debug enabled.	15 years ago
Anoop Saldanha	5c6a65dc58	support relative modifiers for http_client_body. Introduce body processing engine in detect-engine-hcbd.[ch]	15 years ago
Anoop Saldanha	3d2f81d978	replace all Signature->dmatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_DMATCH]	15 years ago
Anoop Saldanha	a7353be20d	replace all Signature->amatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_AMATCH]	15 years ago
Anoop Saldanha	e0476242c6	replace all Signature->umatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_UMATCH]	15 years ago
Victor Julien	fc248ca7a1	Many small performance updates.	15 years ago
Victor Julien	1071a53210	Fix unittests after ip_proto keyword change.	15 years ago
Anoop Saldanha	ead29dc691	make detection engine use dce alstate(if present), on seeing smb traffic	15 years ago
Victor Julien	0d008c8135	Change stateful detection engine to be able to start the stateful detection separate from other sigs. Fixes bugs #213 , #214 , #215 .	15 years ago
Victor Julien	bfd167521e	Fix DCERPC over SMB/SMB2 detection issues. Fix not updating transaction id in a stream direction if there was no sgh.	15 years ago
Gurvinder Singh	154a8b1ed9	fixed the build failure with profiling enabled	15 years ago
Victor Julien	cff0a0bda2	Fix segv conditions caused by broken flow cleanup code.	15 years ago
Pablo Rincon	a8cb8d830b	Fix for bug 186 and thresholding issue handling ip versions	15 years ago
Victor Julien	b8fec77f37	Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id.	15 years ago
William Metcalf	0e4235cc94	FLOW_DESTROY added to clean-up UT's that init flow	15 years ago
Victor Julien	2f29b8a724	Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166 .	15 years ago
Anoop Saldanha	60668fd01d	Reset the flags used during stateful detection in ContinueDetection(). Made the tests more descriptive as well	15 years ago
Victor Julien	8cea3779fa	Move dce payload inspection to stateful detection engine.	15 years ago
Victor Julien	9dd753b5f3	Scan uricontent mpm on demand.	15 years ago
Victor Julien	dd88e46f0c	Fix detect engine state unittest, add another.	15 years ago
Victor Julien	e8fce5f7fa	Convert uricontent scanning to use the detect engine state.	15 years ago
Victor Julien	ba12f3c109	Applayer to flow fixes and cleanups.	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	15 years ago
Victor Julien	c26434fef1	Move flow use cnt to atomic and outside of the flow mutex protection.	15 years ago
Victor Julien	daea85e491	Lock detection state reset function properly.	15 years ago
Jason Ish	ea4b7cc33b	add profiling to stateful detection engine + other fixups.	15 years ago
Victor Julien	bc7c9d928f	Fix radix and stateful detect engine memory leaks.	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago

39 Commits (50aceb11ebcca39e753c4c10883d01989ddc819b)