Philippe Antoine
5bbe99188b
ci: update rust version to 1.95
2 months ago
Philippe Antoine
891b17277e
ci: check dist rules
...
So that we catch if we add a typo like
app-layer-event:snmp.version_mismatchZZZ;
2 months ago
dependabot[bot]
00b5c2f579
github-actions: bump actions/upload-artifact from 7.0.0 to 7.0.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v7...v7.0.1 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: 7.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 months ago
Jason Ish
cdb02a2779
rust/dns: rustfmt
2 months ago
Jason Ish
f5bf76c0ee
examples/plugins/rust: add a rust example plugin
...
Only demonstrates EVE callbacks for now, but I plan to turn this into a
show case of a variety of callbacks a Rust plugin can do as we add Rust
bindings to the ffi crate.
3 months ago
Jason Ish
a11aaadd86
plugins: add --plugin command line option to load plugins
...
Add --plugin <PATH> to load an additional plugin from the command
line. This is more convenient than "--set plugins.X" especially when
you may already have a plugins loaded and you want to load an
additional one.
Ticket: 8463
3 months ago
Jason Ish
ecffd6cd54
github-ci: deny warnings in clippy check
...
We currently have some clippy warnings in the ffi crate. They output to
to the terminal but clippy exits with a success code. Typically we want
to fix this, so deny warnings which will cause clippy to exit with an
error code, failing ci.
3 months ago
Jason Ish
70994426d3
github-ci: add --workspace to cargo clippy --fix
...
--fix doesn't appear to apply to all sub-crates unless --workspace is
provided.
3 months ago
dependabot[bot]
bf6824cb49
github-actions: bump codecov/codecov-action from 5.5.2 to 6.0.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5.5.2 to 6.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](671740ac38...57e3a136b7 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 6.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 months ago
dependabot[bot]
5ff0ed977c
github-actions: bump actions/download-artifact from 8.0.0 to 8.0.1
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 8.0.0 to 8.0.1.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](70fc10c6e5...3e5f45b2cf )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: 8.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 months ago
Victor Julien
49b1382a8b
qa: add nfq based firewall test with live reload
3 months ago
Victor Julien
1c66eec656
qa: add script to test firewall bridge mode
3 months ago
Juliana Fajardini
6f0bb39aaa
workflows: add qa-simulation mode
...
As build flag to (some of the) checks that run suricata-verify:
- AlmaLinux 10 (schema, plugins)
- CentOS Stream 9
- Fedora 43 (Suricata Verify codecov)
- Fedora 43 (clang, debug, asan, wshadow, rust-strict, systemd)
- Fedora 43 (gcc, debug, flto, asan, wshadow, rust-strict)
- Fedora (non-root, debug, clang, asan, wshadow, rust-strict, no-ja)
- Ubuntu 22.04 (Debug Validation)
- Debian 12 (xdp)
- Debian 13 (xdp)
- Debian 12 MSRV
- PF_RING
Related to
Ticket #7885
4 months ago
Juliana Fajardini
17cd814911
workflows: fix minor typo
4 months ago
Victor Julien
bc4a055e73
github-ci: remove coveralls
...
Seems less reliable than codecov, so remove again.
4 months ago
Jason Ish
9cab99fbd3
rust: rust fmt derive crate
4 months ago
Jason Ish
468a13e052
log-cf-common: let mktime determine proper tz
...
In some timezones, LogCustomFormatTest01 was failing as we were
specifying the wrong setting for is_dst. Instead set it to -1 so mktime
can make the decision based on the environment. Appears to fix this test
for "Brazil/East" in the summer.
Add GitHub CI tests to test this specific test with a few different
timezones.
4 months ago
Jason Ish
551f6ded69
github-ci: update almalinux minimal build to use dist archive
...
Update the AlmaLinux recommended minimal build to use the pre built
distribution archive as this is the type of build the documentation is
targetting.
4 months ago
Jason Ish
87dba92bdd
github-ci: update debian/ubuntu minimal build to use dist
...
Update the Ubuntu/Debian minimal recommended build to use the
pre-built dist archive instead of building from git, as that is the
type of build this documentation targets.
Also use the ubuntu:22.04 container. The GitHub provided Ubuntu 22.04
VM appears to contain some new additions like a newer Rust that is not
found on a typical Ubuntu 22.04 installation.
4 months ago
Jason Ish
46d666cdde
github-ci: enable debug for ndpi, pfring and netmap builds
4 months ago
Victor Julien
2658a366ad
qa: move live tests into qa/live dir
...
They are not github specific.
4 months ago
Jason Ish
f711e57e8e
examples/lib/live: a lib example with live capture
...
Simple libpcap example for live capture. Allows listening on multiple
interfaces to show how multiple threads (workers) can be used.
Ticket: #8096
4 months ago
Jason Ish
02e4399059
github-ci: add debug validation to almalinux 10 build
...
After the distcheck, this build doesn't need unittests, so add
debug-validation, as this can trigger assertions in our lib examples
that are tested in this job
This triggers a debug-validation error in the custom library example.
Ticket: #8259
4 months ago
Victor Julien
3068089762
github-ci: disable libmagic on macos
...
5.47 is currently breaking CI, so disable during investigation.
Related to ticket #8342 .
4 months ago
Jason Ish
03f767a094
github-ci: re-enable rpm jobs
4 months ago
Victor Julien
33ddbc3244
github-ci: use --skip-branches in coverage consistently
...
Completes 02f6340972 .
4 months ago
dependabot[bot]
8df4e10018
github-actions: bump actions/download-artifact from 7.0.0 to 8.0.0
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 7.0.0 to 8.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](37930b1c2a...70fc10c6e5 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: 8.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
4 months ago
dependabot[bot]
cfde322f06
github-actions: bump actions/upload-artifact from 6.0.0 to 7.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
4 months ago
Lukas Sismis
d4434ef4e8
dpdk: add live run test suite
...
Add live tests to verify that mempool, mempool cache sizes, and
potentially other DPDK features are initialized correctly during the
startup.
Follows up on bugs found in mempool settings on real/bonded devices.
The tests are placed in the new folder qa/live/ after a comment
in https://github.com/OISF/suricata/pull/14896 which indicated other
live tests are going to be moved there as well.
Ticket: 8320
5 months ago
Victor Julien
02f6340972
github-ci: update cov builds
...
Use --skip-branches to avoid countless partial coverage in unittests.
Update from 22.04 to 24.04 and llvm 15 to 19 to support --skip-branches.
5 months ago
Jason Ish
ccd1df99fd
github-ci: add coveralls coverage uploads
5 months ago
Jason Ish
accaf68615
github-ci: fix cov-ut profile file collision
5 months ago
Jason Ish
65e87949c8
github-ci: ignore /github from coverage output
5 months ago
Jason Ish
8c99759dfe
github-ci: ignore /usr and /rustc in coverage
5 months ago
Jason Ish
d3b6bae140
github-ci: upload lcov coverage artifacts
5 months ago
Victor Julien
e991375b04
github-ci: for codecov netns check, account for cargo build dir
...
It's not in /root/ like with container based builds.
5 months ago
Jason Ish
e6513b5117
codecov: upload lcov reports to codecov
...
Seems to fix our issues with codecov.io.
5 months ago
Jason Ish
eab5931074
github-ci: merge rust.yml into existing builds.yml build
...
The Rust build in rust.yml was just an AlmaLinux 9 build with some extra
checks. Instead, use an existing AlmaLinux 9 build in builds.yml, make
it use Rustup (there are other AlmaLinux 9 builds that use the RPM), and
add the checks.
Saves us one build in CI.
5 months ago
Victor Julien
571681bc29
github-ci: add namespace bond tests with multiple nets
5 months ago
Victor Julien
a8cad83403
github-ci: add namespace af-packet bond test
5 months ago
dependabot[bot]
3a9682fd48
github-actions: bump actions/checkout from 6.0.1 to 6.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Commits](https://github.com/actions/checkout/compare/v6.0.1...v6.0.2 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 6.0.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
5 months ago
Victor Julien
49783fa9f7
github-ci: add namespace based IPS tests
...
Implementing a bridge test with af-packet IPS and a routing test
with iptables + nfqueue.
Very helpful explanation and guidance on network namespaces can be
found here: https://www.redhat.com/en/blog/net-namespaces
Sets up 3 network namespaces:
1. client - for running client tools like ping, curl, wget
2. server - for running a server, currently only Caddy
3. dut - for running Suricata, this namespace connects the client and
server namespaces
Validate IPS operations in 3 ways:
1. check return codes of the client tools
2. check Suricata's IPS stats
3. use tshark to validate expected drops
Run Suricata in AF_PACKET IPS mode for both autofp and workers mode. Do
the same for NFQUEUE.
Tshark's JSON output is used with JQ to validate that pings are dropped.
All tests are codecov enabled.
5 months ago
Philippe Antoine
b944e3b1ed
ci: update rust version to 1.93
6 months ago
dependabot[bot]
a0c91aa9f0
github-actions: bump actions/upload-artifact from 5.0.0 to 6.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: 6.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
dependabot[bot]
2deb1d25c4
github-actions: bump actions/cache from 4 to 5
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
dependabot[bot]
03ee55c99f
github-actions: bump actions/checkout from 6.0.0 to 6.0.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Commits](https://github.com/actions/checkout/compare/v6...v6.0.1 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 6.0.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
dependabot[bot]
1f28880ba1
github-actions: bump codecov/codecov-action from 5.5.1 to 5.5.2
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 5.5.1 to 5.5.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](5a1091511a...671740ac38 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-version: 5.5.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
dependabot[bot]
b4ed2da8ff
github-actions: bump actions/download-artifact from 6.0.0 to 7.0.0
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](018cc2cf5b...37930b1c2a )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
Victor Julien
984fc260c5
github-ci: update Fedora to 43
7 months ago
Ambre Iooss
3bcad5f364
windivert: upgrade to 2.0.0
...
WinDivert 2 was released in 2019. This introduced some minimal
changes to some functions arguments.
Bug: #8138 .
7 months ago