suricata

Author	SHA1	Message	Date
Victor Julien	adb5d05fb5	Fix a FP with negated filemagic inspection.	14 years ago
Victor Julien	f3fbc1a44c	file handling: filemagic matching improvement Magic buffer is a null terminated string. Allow matching on the final \0 using filemagic:"somevalue\|00\|"; so we can anchor to the end of the buffer.	14 years ago
Victor Julien	04ea70ccf7	file extract: pruning Add pruning of files in memory so we keep only memory what we really need. Fix magic logic. Reset file part of the de_state on receiving another file in the same tx.	14 years ago
Victor Julien	b402d97179	File carving -- enable reponse file extraction - Enable response body tracking - Enable file extraction for responses - File store meta file includes magic, close reason. - Option to force magic lookup for all stored files. - Fix libmagic calls thead safety.	14 years ago
Victor Julien	e1022ee5ae	file-extraction: Disconnect file handling from flow and move into the app layer state.	14 years ago
Victor Julien	9b62ec65ab	Make sure filemagic works properly regardless of filestore being in use for a flow.	14 years ago
Victor Julien	5945e652d6	Initial implementation of filemagic keyword.	14 years ago