suricata

Commit Graph

Author	SHA1	Message	Date
Gurvinder Singh	70b53a0293	fixed the ispayload inspecting func	16 years ago
Gurvinder Singh	78697ce502	avoid pm invocation	16 years ago
Gurvinder Singh	a991ab0a19	added sigmatch payload flag	16 years ago
Gurvinder Singh	94674c58f3	unit tests for no packet & payload inspection	16 years ago
Gurvinder Singh	bbb385422d	function to set packet flags	16 years ago
Gurvinder Singh	cc0b4f7181	initial version to support detection byepass	16 years ago
Victor Julien	bcc5bbef93	Yet more logging api usage changes.	16 years ago
Victor Julien	91bc83e5c6	More logging API usage changes.	16 years ago
Anoop Saldanha	f658ffbc9c	Order the signatures based on certain rule parameters like actions, flowbits, flowvar, pktvar, priority etc	16 years ago
Victor Julien	4cc24fe463	Improve the handling of addresses and ports. Properly detect !any, other full negation. Fix [80:!80] syntax errors being undetected.	16 years ago
William Metcalf	3cf1be8710	invalid negation unittests added	16 years ago
Breno Silva	27c61ac148	IpOpts Rule Keyword Signed-off-by: Brian Rectanus <brectanu@gmail.com>	16 years ago
Victor Julien	97a2f4e747	Improve error checking in detect, add comments.	16 years ago
Victor Julien	8a68520f55	Fix clang warnings.	16 years ago
William Metcalf	ace371665d	changed sigs for http logging to use established keyword	16 years ago
Victor Julien	0d0ffb9963	Reorganize header inclusions.	16 years ago
Victor Julien	1727d191a4	Add pktvar and flowvar tests to ip only unittest. Make output cleaner.	16 years ago
Pablo Rincon	3458c07f46	Changed SignatureIsIPOnly and added some unittests	16 years ago
Pablo Rincon	bdf119ade3	Adding window and isdataat keyword and some unittests	16 years ago
Brian Rectanus	ba4c2e599d	Add byte test to detection engine.	16 years ago
Brian Rectanus	02a8b583c9	Added byte_test and byte_jump support.	16 years ago
Victor Julien	733c3bcb8c	Fix "ip" rules not ending up in the tcp and udp sig group heads correctly.	16 years ago
Gurvinder Singh	ac53ca5b27	Stream Size rule option	16 years ago
Victor Julien	a39108843e	Small tm module API rename to reflect that Init/Deinit/ExitPrintStats are per thread calls.	16 years ago
Anoop Saldanha	22c0ec2bc5	Added support for the csum-<protocol> rules keyword to the detection engine. Keywords added are ipv4-csum, tcpv4-csum, tcpv6-csum, udpv4-csum, udpv6-csum, icmpv4-csum and icmpv6-csum	16 years ago
Victor Julien	6eaff4be12	Fixes for issues found by static code analyzer.	16 years ago
Victor Julien	1f782bb912	Fix pointer issue in sig loading.	16 years ago
Victor Julien	b26b5aa462	More cleanups.	16 years ago
Victor Julien	85abc3ef62	Complete removal of global de_ctx. UtRuntests now returns the number of failed tests or 0 on none. Program exits with code 1 on failed tests, code 0 otherwise. Removal of broken http uri test.	16 years ago
Victor Julien	1132ab635a	Rename all pmt->det_ctx.	16 years ago
Victor Julien	b9972a9d2c	Cleanups	16 years ago
Anoop Saldanha	244f5d547a	new registration functions for the stats api, with local thread storage for counter ids	16 years ago
Victor Julien	5501212e62	Fix sizeof printf related compiler warnings.	16 years ago
Brian Rectanus	fa5939ca91	64 bit cleanup part2	16 years ago
Anoop Saldanha	8af9f902e8	additional support for type qualifier for the stats api	16 years ago
William Metcalf	dd86b51dbc	added optional option to specify signature file to load	16 years ago
Breno Silva	c90b4e6fcd	Decode event rule	16 years ago
William Metcalf	a3510f2025	Made NFQ optional via --enable-nfqueue, --enable-logsigs will now load local.rules in the path other fixes	16 years ago
Victor Julien	c53dfea379	Improve the threading code to enable a single pcap file processing thread.	16 years ago
Victor Julien	51a9e36e10	Remove vips references. Rename to eidps.	16 years ago
Victor Julien	8397413942	Comment updates.	16 years ago
Victor Julien	9c7f5afa79	Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update.	16 years ago
Victor Julien	a0b390c541	Fix pktvar and http uri memory leaks.	16 years ago
Victor Julien	930aa4e038	Fix ip-only again: flowbit sigs were not handled correctly and tcp/udp sigs with ports set also were not.	16 years ago
Victor Julien	a93d51fcde	IP only rule loading optimization and counting fix.	16 years ago
Victor Julien	84aa365a3b	Fix iponly matching.	16 years ago
Victor Julien	2ecc7f2b4b	Use different rule grouping settings for toclient and toserver. Fix flowbits accounting.	16 years ago
Victor Julien	ff4b5a5db7	Add support for flowbits.	16 years ago
Victor Julien	657be002d1	Big detection engine update: scan improvements, b2g/b3g updates, bloom fixes, iponly detection implementation, dsize/flow grouping.	16 years ago
Victor Julien	5df5b35e90	Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups.	16 years ago
Victor Julien	b2eb954099	Add b3g 3gram BNDM pattern matcher. Fix multi queue nfq initialization. Improve speed of b2g and wumanber.	16 years ago
Victor Julien	ec39f5446c	Fix rule tree update. Fix bloomfilter error in b2g.	16 years ago
Victor Julien	1c0ad1d415	Add implementation of the Simple BNDM 2gram pattern matcher algorithm.	16 years ago
Victor Julien	efb10fc0d6	big update	16 years ago
Victor Julien	21364b34dc	Fix uricontent scan for copied siggroupheads.	16 years ago
Victor Julien	69e056e33f	Add the scanning to uricontent as well.	16 years ago
Victor Julien	fedcc397de	Detection engine improvement: don't run pattern matcher on packets with payload sizes less that the biggest content we need to match. Add some extra stats.	16 years ago
Victor Julien	0250642cc0	Fix negated variables, add tests.	16 years ago
Victor Julien	dce2c12915	Add Scan before Search to the detection engine.	16 years ago
Victor Julien	4c4862d838	Improve logging, add alert-output module, at module exit stats, add HTTP POST uri capture.	16 years ago
Victor Julien	43571f21a4	default to all.rules	16 years ago
Victor Julien	e0ed51d049	Small fixes and dbg additions.	16 years ago
Victor Julien	b064d0f435	Fix sig unittests	16 years ago
Victor Julien	27f236778a	make output more quiet	16 years ago
Victor Julien	c4f2fe4bd7	Implement per packet variables and switch the http stuff to it.	16 years ago
Victor Julien	edf8650a7e	Tunnel update.	16 years ago
Victor Julien	a454fe4fb7	Small fixes	16 years ago
Victor Julien	da3125e888	Fix a Floating point exception error.	16 years ago
Victor Julien	3f7195454b	Big detection engine update.	16 years ago
Victor Julien	54ffe2053e	Large detection engine update.	16 years ago
Victor Julien	f3a94413db	Properly support 'alert ip' rules. Add support for handling ip only rules differently.	16 years ago
Victor Julien	dee5ab1aa3	Fix uricontent mpm ctx comparison.	16 years ago
Victor Julien	fed6926809	Small cleanups	16 years ago
Victor Julien	dc48c58473	Switch to using a detection engine ctx.	16 years ago
Victor Julien	171c8c777d	Group signatures by protocol.	16 years ago
Victor Julien	45f83f7636	branching test	16 years ago
Victor Julien	eb1c4e4987	Large update to the detection engine. Greatly improve initialization speed and memory usage.	16 years ago
Victor Julien	0489370f5b	Big speedup of the initialization code for signatures. Contains WIP code as well.	16 years ago
Victor Julien	05fd319f6c	Add log-httplog module that logs http request uri's, hosts and useragents to a per line text format.	16 years ago
Victor Julien	eaaeb30cd6	Add noalert keyword for use with sigs that are used for capturing only.	16 years ago
Victor Julien	f0ed41fb0a	Support priority keyword, add priority to alert-fastlog.	16 years ago
Victor Julien	dc224cb2d2	Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented.	16 years ago
Victor Julien	d036264f80	Cleanup signature parsing and other detect.c parts.	16 years ago
Victor Julien	f1db87276c	Start on addr and proto parsing in rules.	16 years ago
Victor Julien	6c1f2071be	Add unittest registration to the threading modules api.	16 years ago
Victor Julien	41647a5430	small fixes for Wills patch	16 years ago
William Metcalf	559edc01e3	NFQUE drop support added with ident of 4 :-(	16 years ago
Victor Julien	b8ad4adf81	complete rename of address2 to address	16 years ago
Victor Julien	28b0d82169	Remove partial and broken address handling implementation now address2 is working.	16 years ago
William Metcalf	3488cf1a93	fixed sig written with ?<http_uri	16 years ago
William Metcalf	87411594e2	groups fixed for pcre < 7	16 years ago
Victor Julien	7aada782a4	WIP address matching stuff	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

1 2 3 4 5

243 Commits (692eb935ea02c32a596cd420fc1cbe99bbe8f6b4)