aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,483 Commits
8 Branches
165 Tags
224 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '689d05b10b'
${ noResults }
Commit Graph

1398 Commits (689d05b10bd92cbb5a7a4277c2592b95e48dd302)

Author SHA1 Message Date
Victor Julien 67429e523f Fix compiler warning about incomplete prototype. 16 years ago
Anoop Saldanha fa373516c5 fixes the offset case for content matches + a case not handled by the prevous fix for multiple relative content matches. fix for payload.c dcepayload.c and uri.c 16 years ago
Anoop Saldanha 92eb380594 multiple relative content matches changes for detect-engine-dcepayload.c and detect-engine-uri.c like how we did for detect-engine-payload.c 16 years ago
Anoop Saldanha 5fb6981e9e content handling changes in detect-engine-payload.c for multiple relative matches 16 years ago
Anoop Saldanha a059ff276e byte test and byte jump update dce matching option 16 years ago
Victor Julien 05d382f533 Fix broken stream engine config initialization: due wrong casts settings could be overwritten in memory. 16 years ago
Victor Julien ec277b292c Fall back to the old mutex based queue's to see if that fixes an obscure lockup at higher optimization levels in gcc in file pcap mode. 16 years ago
Victor Julien ecb5fd3298 Add missing util-validate.h 16 years ago
Pablo Rincon b8b511a54e Avoid mem allocations while searching on radix trees (temporal prefix) 16 years ago
Victor Julien 1d74797b17 Attempt to work around NULL packets we're seeing ending up in queues when the compiler has optimized our code. 16 years ago
Pablo Rincon 868d4614b9 Tag engine improvements. Output tags only on unified format. Added atomic counter for tagged hosts/sessions 16 years ago
Victor Julien 8cdd02877f Add unittests for ringbuffer. 16 years ago
Victor Julien e685579231 Add optional structure validation code. 16 years ago
Victor Julien b67fb5229b Fix pcap file auto flow pinned runmode (disabled by default). 16 years ago
Victor Julien 393acd77d2 Detection improvements: uricontent escaping now working, better negated pattern (content) handling. 16 years ago
Gurvinder Singh 154a8b1ed9 fixed the build failure with profiling enabled 16 years ago
Victor Julien 37eb2290b0 Add some checks for 'impossible' conditions that become possible after enabling optimizations :-/ 16 years ago
Victor Julien 017b95f9ef More thoroughly cleanup a Packet when we recycle it. Fixes a corner case where we'd have a invalid tcp packet but p->proto would still say IPPROTO_TCP because of a previous run. Fixes bug #187. 16 years ago
William Metcalf 5580f3d9c2 PacketQueue postp added to TmEcodes for ipfw and pf_ring to silence compiler warnings 16 years ago
William Metcalf 876057a4da missing flow init in DetectTagTestPacket04 fix ut lockup on older os's 16 years ago
Victor Julien 7454336ef5 Make SigWrapper private to detect-parse.c and rename to SigDuplWrapper to reflect it's use and purpose. 16 years ago
Anoop Saldanha 9ecade76b9 in case of duplicate signatures used the one with the latest revision 16 years ago
Pablo Rincon eedafa3a17 Adding unittests for anchored pcres for anchored 16 years ago
Pablo Rincon bcb0b9ef9b Moving urilen inspection to detect-engine-uri. Adding unittests for pcre /U and urilen, in combination with uricontent 16 years ago
Anoop Saldanha 36e4b1830e add pcre with U modifiers to the umatch sigmatch list. fix for bug 155 16 years ago
Gurvinder Singh 8852b83fa7 flowbits, flowvars, pktvars, flow flags and app layer info added to alert-debug.log 16 years ago
Pablo Rincon 95fef55507 Fix threshold handling ip addr 16 years ago
Victor Julien 580b09c2b8 Make sure we inspect all outstanding reassembled stream chunks (smsg) if the stream is shutting down. Make sure to do inspect signatures that use dsize against the tcp packet payload, even if that payload was already added to the stream. Likewise, the dsize signatures are not inspected against the reassembled stream. 16 years ago
Victor Julien a3ff0e7210 Don't scan TCP packet payload if it was added to the stream. Inspect the tcp stream with the correct packet. Should fix #184 and #185. 16 years ago
Victor Julien d500a52b58 Fix valgrind error in tls unittest. 16 years ago
Victor Julien cff0a0bda2 Fix segv conditions caused by broken flow cleanup code. 16 years ago
Pablo Rincon a8cb8d830b Fix for bug 186 and thresholding issue handling ip versions 16 years ago
Victor Julien 6eb7eea705 Fix a data race for packet pool packets when defrag/tunnel code needs a packet. 16 years ago
Victor Julien a4cb7fced0 Fix thresholding code for packets that are neither (valid) ipv4 and ipv6. 16 years ago
Jason MacLulich ae095e585b o Changed SCMalloc to DecodeThreadVarsAlloc in Decode thread initialization. (Ish) o Changed htons to noths. (Ish) o Added support for handling DAG cards running DSM modules and other non-standard ETH ERF types. o Added support for allowing gracefull restarts of the fetch thread if it fails to read an ERF properly. 16 years ago
William Metcalf d5590962ff change LogInfo to LogDebug for icmp seq matches 16 years ago
Victor Julien 38c9d843fd Compiler warning fix for tag, make sure we do timeout checks under lock protection as well. 16 years ago
Pablo Rincon b931895901 Fixing flow cleanup and ctx initialization 16 years ago
Pablo Rincon eed0ef6e69 Adding tag keyword support 16 years ago
Kirby Kuehl 83c2cdabcd remove printf 16 years ago
Kirby Kuehl f49c743d44 dont alloc 0 length fragment 16 years ago
Victor Julien 6d68d7a450 Disable condition based waiting in ringbuffers until we fix lockup issues. 16 years ago
Victor Julien 0231ec612d Atomic macro's typo fix. 16 years ago
Victor Julien 8615e87623 Fix dcerpc unittest, add comments. 16 years ago
Kirby Kuehl 3a985a9f5f fix smb leak 16 years ago
Kirby Kuehl 4545d755dd add uuid to uuid_list for udp 16 years ago
Kirby Kuehl c3b9305259 dcerpc udp support 16 years ago
Kirby Kuehl 22d44b0677 dcerpc udp support 16 years ago
Victor Julien 6519a86ec7 Move packet pool to ringbuffer, update packet pool api and ringbuffer api. Remove memset usage from PACKET_RECYCLE, add proper cleanup macros. 16 years ago
Victor Julien cb2fef8680 In the ringbuffers spin before the wait 16 years ago
Victor Julien c7a744c937 Split ringbuffer queue handler into multiple, for mrsw, srsw, srmw modes. 16 years ago
Victor Julien 1ad289dfff Add thread cond_t based waiting in the ringbuffer. 16 years ago
Victor Julien dce323b1f4 Fix SCondWait -> SCCondWait typo. 16 years ago
Victor Julien 167c0295af Merge different ringbuffer structures. 16 years ago
Victor Julien 012e602c3f Add a (disabled by default) flow pinned runmode for file pcap. 16 years ago
Pablo Rincon 6950537a76 Move rate_filter rule tracking data from Signature to Threshold context 16 years ago
Pablo Rincon 1ae36b9a6a Adding rate_filter support for threshold.config, multiline support and unittests 16 years ago
Victor Julien ca7f54de25 Make sure ICMP unreach packets are not inspected against the flow sgh as it's for the original protocol, not for the ICMP packet. Fixes #174. 16 years ago
Victor Julien b8fec77f37 Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id. 16 years ago
Victor Julien 26f69aa3a6 Bump version to 0.9.2. 16 years ago
Victor Julien e46b72758a Small decode-event code cleanup. 16 years ago
Victor Julien cdc9570f0e Have the detect.alerts counter count actual alerts. 16 years ago
Anoop Saldanha bbb5bf5c51 allow counters clubbing for detect TM 16 years ago
Victor Julien cb94748dab Add missing include resulting in a compiler warning. 16 years ago
William Metcalf 0e4235cc94 FLOW_DESTROY added to clean-up UT's that init flow 16 years ago
William Metcalf 9f0bf35cfd Set -std=gnu99 CFLAG always and Use -march=native by default if supported by installed version of gcc 16 years ago
Victor Julien 2f29b8a724 Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166. 16 years ago
Victor Julien 37442a8a84 Prefilter signatures before fully scanning them. 16 years ago
Anoop Saldanha 60668fd01d Reset the flags used during stateful detection in ContinueDetection(). Made the tests more descriptive as well 16 years ago
Anoop Saldanha bb8937477d dce tests to check SigMatchSignatures()'s working against new dce transactions 16 years ago
Victor Julien d6709b0961 Fix a segv caused by invalidly accessing the smsg_pmq array. 16 years ago
Victor Julien 8cea3779fa Move dce payload inspection to stateful detection engine. 16 years ago
Anoop Saldanha 015385c6bd changes to the dce parser stub data processed var. changed to stub data fresh var to indicate if the stub is fresh or not 16 years ago
Anoop Saldanha 45ea0d914e dce stub content keywords support using dcepayload.c support for all dce related content keywords 16 years ago
Anoop Saldanha 98433f407c dce rpc stub data held in separate buffers for request and response pdus 16 years ago
Victor Julien 31261e7583 Improve B2g performance by merging pattern array and hash. 16 years ago
Victor Julien 83b2c8abdb Improve stateful uri detection code. 16 years ago
Victor Julien 9dd753b5f3 Scan uricontent mpm on demand. 16 years ago
Victor Julien dd88e46f0c Fix detect engine state unittest, add another. 16 years ago
Victor Julien e8fce5f7fa Convert uricontent scanning to use the detect engine state. 16 years ago
Jason MacLulich 835630efbd Add initial support for reading packets from a DAG card, we only support reading from a single stream at this time. 
Use the --dag <dagname> cmd line option to specify from which DAG card to read pkts
from.

Issue at the moment with pkts being ejected during shutdown -- at the moment we
ignore any packets that are not of link type Ethernet.
 16 years ago
Victor Julien 49d68169ea Allow the user to disable setting cpu affinity and allow configuring the number of detect threads relative to the number of CPU's/CPU cores. 16 years ago
Victor Julien cb0bb668eb Add support for retrieving float and double variables from the configuration. 16 years ago
Victor Julien b60d2c4345 Fix flags mixup issue in the app layer. 16 years ago
Victor Julien ba12f3c109 Applayer to flow fixes and cleanups. 16 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 16 years ago
Ondrej Slanina 6bf7d76005 added possibility to run suricata as WIN32 service 16 years ago
William Metcalf cc76aa4bc6 properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks 16 years ago
Victor Julien a24f288074 Moving the stream content scanning to have it's own mpm ctx. 16 years ago
Victor Julien 9a08d6c11c Fixes to stream pattern matching. 16 years ago
Victor Julien a0c1209a44 Inspect the reassembled stream together with the packet payload in the same direction. 16 years ago
Victor Julien 9f95ab7441 Make sure a stream that has a failing app layer inspection module no longer stops reassembly, but only app layer inspection. This way we can continue to inspect the reassembled stream. 16 years ago
Victor Julien 81f2499834 Store stream msgs processed by the app layer in the tcp session so they can be inspected by the detection module as well. The detection module returns them to the pool. 16 years ago
Victor Julien 3005297af2 Check for being properly setup before activating a thread. Fixes a potential although unlikely null-dereference. 16 years ago
Victor Julien 6c6e6321fc Fix HTTP HEAD detection code. 16 years ago
Victor Julien fdd0f3939e Reduce size of event bit array in the packet structure. 16 years ago
Victor Julien c26434fef1 Move flow use cnt to atomic and outside of the flow mutex protection. 16 years ago
Victor Julien 87345e5c60 Switch flow memuse counter to the atomic api. 16 years ago
Victor Julien 749fc2613d Add subtracktion wrapper to the atomic api. 16 years ago
Victor Julien 3484e2abde Fix flow engine memory handling. 16 years ago