suricata

Commit Graph

Author	SHA1	Message	Date
Pierre Chifflier	8dc3431d86	rust/dcerpc: convert parser to nom7 functions	4 years ago
Jeff Lucovsky	a3443845fb	log/stack: Propagate original signal Issue: 4550 This commit modifies the "stack trace on signal" to propagate the original signal received instead of always raising SIGABRT.	4 years ago
Pierre Chifflier	b5166bdb93	rust/ntp: upgrade dependency on ntp-parser	4 years ago
Victor Julien	251b52ab07	github: bump MSRV and minimum known version	4 years ago
Victor Julien	c1be27cb45	github: remove xenial build	4 years ago
Pierre Chifflier	fa63945bdc	rust/ike: convert parser to nom7 functions and upgrade dependency	4 years ago
Pierre Chifflier	3493537ec3	rust/rfb: convert parser to nom7 functions	4 years ago
Victor Julien	377ce6b679	codecov: fix informational; disable github annotations	4 years ago
Victor Julien	84d91e2e0d	app-layer: fix counter setup logic Completes `0ccf5b9147`	4 years ago
Victor Julien	27cd54dc0d	frames: address coverity issue Minor cleanups to assist coverity. Bug: #5065.	4 years ago
Modupe Falodun	786cf41599	detect-bytetest: remove unittests These tests are reimplemented as Suricata-Verify Task: 4911	4 years ago
Victor Julien	da7eff61cc	codecov: set to informational	4 years ago
Victor Julien	d1071c151c	ci: formatting errors are now fatal	4 years ago
Victor Julien	474e0e3644	sip: enable for 5061/udp	4 years ago
Victor Julien	1203750388	sip: add frames support Frames: - sip.pdu - sip.request_line - sip.response_line - sip.request_headers - sip.response_headers - sip.request_body - sip.response_body The `sip.pdu` frame is always created, the rest only if the record parser succeeded. Ticket: #5036.	4 years ago
Victor Julien	c96d22e8a1	frames: support UDP frames UDP frames point to the UDP packet payloads. The frames are removed after each packet. Ticket: #4983.	4 years ago
Victor Julien	97ef60cd9b	output/file: remove 'waldo' code It was no longer used after "file-store v1" was removed.	4 years ago
Victor Julien	f9c04992c3	file/store: warning grammer fixup	4 years ago
Victor Julien	b06bd1a1fe	htp: rearrange tx user data for more efficiency	4 years ago
Victor Julien	39b1f1aca6	output/lua: minor cleanups	4 years ago
Victor Julien	e5fd0d4f76	output/streaming: use unique thread data name	4 years ago
Victor Julien	b36683e04f	output/stats: use unique thread data name	4 years ago
Victor Julien	008f4aee69	output/packet: use unique thread data name	4 years ago
Victor Julien	dd1dc88c65	output/filedata: use unique thread data name	4 years ago
Victor Julien	c7db9aa50d	output/file: use unique thread data name	4 years ago
Victor Julien	45f13b3d01	output/tx: use unique thread data name	4 years ago
Victor Julien	0be99f3e35	output: minor header cleanups	4 years ago
Victor Julien	645a04c233	output: declare OutputLoggerThreadStore once	4 years ago
Victor Julien	0ccf5b9147	app-layer: fix error counter logic	4 years ago
Victor Julien	b0cad24705	github: enable dependabot for Rust/cargo	4 years ago
Modupe Falodun	cf5c58c075	detect-uricontent: convert unittests to FAIL/PASS APIs	4 years ago
Modupe Falodun	dc8908b282	detect-uricontent: remove unittests These tests are reimplemented as Suricata-verify Task: 4911	4 years ago
Modupe Falodun	26c9e66586	detect-engine-enip: remove unittests These test is reimplemented in Suricata-Verify Task: 4911	4 years ago
Victor Julien	609a7eaab2	app-layer: error counters Per app-layer error counters for: gap, parser, internal (AppLayerResult issues), alloc	4 years ago
Victor Julien	ae0b8d92da	flow/manager: remove dead code	4 years ago
Victor Julien	5618886aa9	stream: remove unused defines	4 years ago
Victor Julien	811b2cd334	doc: refresh main README; more accurate CI description	4 years ago
Modupe Falodun	d2dad66a2b	detect-dce-opnum: remove unittests These tests are reimplemented in Suricata-Verify Task: 4911	4 years ago
Jason Ish	b9a429e6ce	devguide: move image generation into sphinx setup While ReadTheDocs can't execute arbitrary scripts, we can install mscgen in the container that builds the docs (see .readthedocs.yaml). Then instead of calling generate-images.sh from the Makefile, move this into the setup function defined on conf.yaml, which will generate the scripts as part of a normal Sphinx workflow. This should give us an image generation solution that works on ReadTheDocs, and locally within anyones build system provided they have mscgen installed.	4 years ago
Philippe Antoine	4247605d87	smtp: check if we have a current transaction Ticket: 4948 This is not the perfect solution, but it prevents to trigger the assert, and keep the assert. A better solution would need to create transaction from the reponse parsing, in case a later command was buffered and not answered. But this would not be enough as NoNewTx prevents the creation of a new transaction for RSET...	4 years ago
Philippe Antoine	11d3af551b	doc: suricata.yaml fields about maximum transactions For HTTP2, MQTT and FTP.	4 years ago
Philippe Antoine	2ef4172437	ftp: limits the number of active transactions per flow Ticket: 4530 As for HTTP2 and MQTT. In FTP case, transactions are pipelined, not identified by an id. So, there are less chances of DOS by quadratic complexity.	4 years ago
Philippe Antoine	e42094f238	mqtt: make max transactions configurable Allows users to find balance between completeness of decoding and increases resource consumption, which can DOS suricata.	4 years ago
Philippe Antoine	4f90d4254e	http2: makes some settings configurable max-streams and max-table-size Allows users to find balance between completeness of decoding and increases resource consumption, which can DOS suricata.	4 years ago
Philippe Antoine	a8079dc978	mqtt: limits the number of active transactions per flow Ticket: 4530 So, that we do not get DOS by quadratic complexity, while looking for a new pkt_id over the ever growing list of active transactions	4 years ago
Philippe Antoine	5475212f21	http2: limits the number of active transactions per flow Ticket: 4530 So, that we do not get DOS by quadratic complexity, while looking for a new stream id over the ever growing list of active streams	4 years ago
Philippe Antoine	b39554b11f	fuzz: target for applayer cleans transactions Ticket: 4530 Otherwise, we timeout because we kept too many of them as Suricata would not	4 years ago
Aaron Bungay	a5d3a1f92c	src: use bool instead of int	4 years ago
Aaron Bungay	272786908c	smtp/mime: configurable url scheme extraction Parse extract-url-schemes from the mime config. e.g. 'extract-urls-schemes: [http, https, ftp, mailto]' Update MimeDecConfig struct to new url extraction fields. Change app-layer-smtp.c & util-decode-mime.c to initialize new struct fields for MimeDecConfig. Sets the default value for extract-url-schemes if not found in the config to 'extract-urls-schemes: [http]' for backwards compatibility. Uses the schemes defined in the mime config value for extract-urls-schemes to search for URLS starting with those scheme names followed by "://". Logs the URLS with the scheme + '://' at the start if the log-url-scheme is set in the mime config, otherwise the old behaviour is reverted to and the urls are logged with the schemes stripped. Removed unused constant URL_STR now that URLS are being searched for using extract-urls-schemes mime config values instead of just URL's starting with 'http://'. Added commented out new options for extract-urls-schemes and log-url-scheme to suricata.yaml.in. Update FindUrlStrings comments. Remove old outdated comments/commented code from FindUrlStrings. Update test case for mime which now needs schemes list to be set. Add Test Cases for FindUrlStrings() method. Feature: #2054	4 years ago
Victor Julien	6c240938b5	github-ci: replace failing CentOS 8 by AlmaLinux 8.4	4 years ago

1 2 3 4 5 ...

12882 Commits (6e90bf47397f0847518c3cc0921320f7684b289d) All Branches Search

12882 Commits (6e90bf47397f0847518c3cc0921320f7684b289d)

All Branches