suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	2f29b8a724	Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166 .	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	15 years ago
Gurvinder Singh	cda664a8c4	memroy leaks fixes in detection module, app layer and counters	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago
Gerardo Iglesias Galvan	9f4fae5b1a	Fix inconsistent use of dynamic memory allocation	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Gurvinder Singh	3ffbb4c3f4	fixed more api and logic erros in recent master	15 years ago
Victor Julien	cd7e5cebec	Improve http-cookie keyword unittests error handling. Fix memory errors in the tests too.	15 years ago
Gurvinder Singh	69a4fee757	fixed the API and logic error reported by clang tool	15 years ago
Victor Julien	78e15ea7fa	Explicitly test for ipv6 in the htp personalities code. Update all affected unittests to set addr family to the flow.	15 years ago
Anoop Saldanha	a9d3a85b56	support nocase and negation for http_cookie	15 years ago
Pablo Rincon	c7350a8ac6	Fixing some naming convention issues and incorrect error messages	15 years ago
Pablo Rincon	b708d7f65d	Adding Uricontent inspection with spm. Modifiers for uricontent are now supported	15 years ago
Victor Julien	99d5dc3d2a	Don't scan more cookie headers than necessary.	16 years ago
Victor Julien	297001c6d9	Only process a app layer sig if it has the proper state. Make sure a sig can't have conflicting sigmatches, such as ftpbouce and uricontent.	16 years ago
Victor Julien	ec47f840f3	Remove more scan references.	16 years ago
Victor Julien	7a8cd61fdf	Cleanups.	16 years ago
Victor Julien	dd846c9b0e	Remove all search code from the pattern matchers, cleanup mpm api, remove unused http code, more cleanups.	16 years ago
Victor Julien	8b30226914	Detection keyword cleanup	16 years ago
Victor Julien	b259e362cd	Convert uricontent to use new scanning methods as well. Move http_method and http_cookie keywords out of pmatch list for now.	16 years ago
Victor Julien	bef70a04ce	First stage of detect engine redesign: equal patterns share id's, search phase no longer used, new match verification phase.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Victor Julien	dc11247511	Change the way we replace contents by http_method and http_cookie, fixing #90 .	16 years ago
Gurvinder Singh	50f7d0a887	app layer htp logging and better htp request handling. removed recent_in_tx.	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Victor Julien	6a53ab9c5a	Stream engine memory handling update The stream engine memory handling needed updating as it didn't scale. Changes: - pools can now be initialized to size 0, meaning unlimited - stream engine uses a memcap setting. Sessions, segments and aldata is part of this, app layer state isn't. - memory is accounted using a global int that is spinlocked. - a counter for sessions that have not been picked up because of memcap was added. - all reassembly errors are converted to debug msgs.	16 years ago
Gurvinder Singh	356a8bf385	applayer uri match and modified http handling	16 years ago
Victor Julien	c352bff6fb	Remove unused conditional locking code from the app layer parsing code.	16 years ago
Pablo Rincon	705471e4ee	Adding single pattern matcher algorithms. If you cannot store a context for the patterns, use SpmSearch() macro. Adding unittests and stats	16 years ago
Victor Julien	4824868766	Application layer detection improvements - improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it. - add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.	16 years ago
Victor Julien	6fe5509617	Fix compiler warning when using HTP rev 68.	16 years ago
Victor Julien	79b15bd1cc	fix typo	16 years ago
Victor Julien	8cc792a3c7	Fix potential deadlock in http cookie match.	16 years ago
Victor Julien	d35dd1c4ea	Improve http cookie htp state checking before using it.	16 years ago
Gurvinder Singh	8287ebe12c	bug 21 fixing patch	16 years ago
Victor Julien	9fd46e9425	Support for sigs with both pkt and applayer detect Sets a flowbit with the sig id if the packet matches match. Checks on that if the app layer matches match. Currently misuses the flowbits api for this in a way that needs fixing.	16 years ago
Gurvinder Singh	0419ad7c9a	fixed 23 bug	16 years ago
Victor Julien	ecf86f9c23	Rename to Suricata.	16 years ago
Gurvinder Singh	85f054cac2	changed to DetectHttpCookieData	16 years ago
Gurvinder Singh	a0f184866c	http_cookie keywork support	16 years ago

1 2

91 Commits (54604c7bf29cad212283157250bdd5e4723d492d)