aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,026 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '535938d7f6'
${ noResults }
Commit Graph

96 Commits (535938d7f67715ec67ab0c8dd99aa3a670f89d0a)

Author SHA1 Message Date
Andreas Herz 26130d903f doc: add note about cpu prio overwrite behavior 2 years ago
jason taylor 19a0b2b0d2 userguide: add details about tcp flow pass 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Shivani Bhardwaj aeb408dd9d doc: fix typo encryption-handling 2 years ago
liaozhiyuan a748164d58 dpdk: support multiple same EAL arguments 
DPDK apps can specify multiple arguments of the same
type. YAML format only allows unique keys within a single
node. This commit adds support for multiple EAL arguments
of the same type to be used within suricata.yaml.

Ticket: #5964
 2 years ago
Jason Ish 4a97461f9a doc/userguide: notes about Lua rules being disabled by default 2 years ago
Juliana Fajardini f83c67bbb5 doc: add missing rule to engine-analysis section 
The first report didn't have an example rule to go with.
 2 years ago
Lukas Sismis 1c3cb1e8cc docs: refactor DPDK docs and add performance tuning section 
Ticket: #5857
Ticket: #5858
 2 years ago
Lukas Sismis 03319263db docs: wrap DPDK doc section at 80 chars 2 years ago
Lukas Sismis d0bf3ba638 dpdk: add configure option 
Ticket: #5859
 2 years ago
Victor Julien 0903536fd6 doc: spelling 
Thanks to Josh Soref.
 2 years ago
Philippe Antoine 9bd2b72e2b doc: explain where tls.store stores certificates 
By adding a reference/link to the doc about the suricata.yaml
config section pecifying the directory where the certificates
are stored
 2 years ago
Victor Julien c0d9b3c078 doc/userguide: spelling 2 years ago
Morris Chan b9aac6dd18 yaml: grammar fixup 2 years ago
Jeff Lucovsky 0ad6d4358f add to doc/pfring: Document additional cluster types 2 years ago
Jeff Lucovsky b1918168f9 doc/pfring: Document additional cluster types 
This commit adds brief discussion for additional cluster types for use
with the pf-ring packet source.

Newly added:
- cluster_inner_flow
- cluster_inner_flow_2_tuple
- cluster_inner_flow_4_tuple
- cluster_inner_flow_5_tuple

Issue: 5975
 2 years ago
Juliana Fajardini 31066c7c3b docs: clarify exception policy's supported values 
As flow.memcap-policy and defrag.memcap-policy do not support flow
actions, clarify that in the documentation. Also fix some typos, and
add missing values in some places where the exception policies were
explained.

Related to
Bug #5940
 2 years ago
Philippe Antoine b52293b609 dcerpc: config limit maximum number of live transactions 
As is done for other protocols

Ticket: #5779
 2 years ago
Juliana Fajardini 918bd7435c userguide/config: update log format symbols list 
There were some possible format options missing after the recent changes
in the log format.
 2 years ago
Philippe Antoine 55c4834e4e smb: configurable max number of transactions per flow 
Ticket: #5753
 2 years ago
Jason Ish 48f0fd3c74 doc/userguide: update logging section for time formats 
- Update fragment of configuration file to match suricata.yaml with
  new default-log-format.
- Document new %z format specifier.
 2 years ago
Philippe Antoine a003640ecf security: prevents process creation 
with setrlimit NPROC.

So that, if Suricata wants to execve or such to create a new process
the OS will forbid it so that RCE exploits are more painful to write.

Ticket: #5373
 2 years ago
Lukas Sismis a4a69c3e71 doc/dpdk: add IPS setup docs for DPDK mode 
Ticket: #5511
 2 years ago
Juliana Fajardini 6f294f2f2d userguide: minor rewording and typo fixes 
Some of these were recently introduced, some were highlited after the
applayer sections got merged. Some paragraphs seem to have been changed
due to trying to respect character limits for lines. Also includes a
typo pointed out by one of our community members via Discord.
 2 years ago
Philippe Antoine af40873127 pgsql: config limit maximum number of live transactions 
As is done for other protocols

Ticket: #5527
 2 years ago
Philippe Antoine fe91506320 doc/http2: suricata.yaml max-streams parameter 
Ticket: #4949
 3 years ago
Juliana Fajardini bbd968c738 exceptions: add reject support to exception policy 
This enables the usage of 'reject' as an exception policy. As for both
IPS and IDS modes the intended result of sending a reject packet is to
reject the related flow, this will effectively mean setting the reject
action to the packet that triggered the exception condition, and then
dropping the associated flow.

Task #5503
 3 years ago
Juliana Fajardini ef54f36e34 userguide: briefly introduce exception policy opts 
Added them in the configuration section so folks can be more aware of
them, while a more complete documentation isn't around.

Related to
Task #5475
 3 years ago
Juliana Fajardini 3c74e443bd userguide: update defrag settings options 
We were still mentioning that there were only three options.
 3 years ago
Juliana Fajardini 0cc040cf61 userguide: merge sections about AppLayer Parsers 
We had two sections under the suricata.yaml configuration section
describing settings for application layer parsers. This merges them into
one and also fixes a few subsection title levels.

Task #5364
 3 years ago
Andreas Dolp db73a12540 doc/tls: Add documentation for TLS logging 3 years ago
Andreas Dolp e4163c4e02 doc: Fix typos 3 years ago
Eric Leblond 6f06f7c22c doc: add info about capture_file key 3 years ago
Eric Leblond 0c7e4c13a1 doc: add conditional pcap logging info 3 years ago
Juliana Fajardini 1956dc3d5d userguide: explain alert queue behavior and stats 
Added sections along packet-alert-max config section explaining
packet alert queue overflow (when Suri reaches packet alert max), when
alerts are discarded etc.

Since from the user perspective it shouldn't matter how we process the
alert queue, the term "replace" is used, even though there's not exactly
a replacing action happening, with the queue bein pre-processed before
being appended to the Packet.

Also described the associated stats and added an explanation on when to
change packet-alert-max.

Task #5178
 3 years ago
Juliana Fajardini 49542d0f1b doc/userguide: explain packet-alert-max config 
Task #4207
 3 years ago
Jason Ish 7d6bc60abb doc/userguide: document ftp max-line-length 3 years ago
Victor Julien 976748b777 doc/smb: add resource limits section 3 years ago
Andreas Dolp d4144c04cd Doc: Fix typo in documentation of suricata.yaml. 3 years ago
Jeff Lucovsky 117e11b0ae doc: Describe per-thread stack size config setting 
Issue: 4550

This commit documents the new per-thread stack-size setting. Some
systems have a small default value that is not suitable for Suricata's
multi-threaded architecture and adjustment may be required.
 3 years ago
Philippe Antoine 8adf172ab8 nfs: limits the number of active transactions per flow 
Ticket: 4530
 3 years ago
Philippe Antoine 11d3af551b doc: suricata.yaml fields about maximum transactions 
For HTTP2, MQTT and FTP.
 3 years ago
Andreas Dolp f714484591 Doc: Fix typos in documentation of suricata.yaml. 3 years ago
Jason Ish 8071d8239e doc: update rule section to current default 
Update the rule section to better describe whats seen in a default
install of Suricata including a link to the rule management section.
 3 years ago
Jeff Lucovsky 93842aa14a doc/yaml: Signal-termination option description 3 years ago
Juliana Fajardini de0ce26e3f userguide: update references to Suricata website 
Many places were still referencing the old Suricata page.
Used git grep with replace to update them. Checked that new links work.
Left old references when they were only documentation examples (for
output or unittests).

Task#4915
 3 years ago
Juliana Fajardini 7b20488d4e userguide: fix low-hanging typos Config page 3 years ago
Lukas Sismis dab3274263 dpdk: add documentation for the DPDK runmode 
Briefly present the DPDK runmode through configuration file.
 3 years ago
Lukas Sismis e4b5239202 doc: fix typo in "Stream engine" documentation 3 years ago
Jason Ish 2cff811609 doc: remove prelude and document as removed 4 years ago
Philippe Antoine a04b5566a6 http: makes decompression time limit configurable 4 years ago