suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	4cde2355bd	Simplify flow resetting on de_ctx update. Detect ctx id starts at 1. So in a flow 0 means uninitialized (thus set) and if we detect flow is not equal to detect id, we reset the sgh storage and de_state.	13 years ago
Victor Julien	19a7e7f395	flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default.	14 years ago
Victor Julien	4157d9408d	Various small flow and host table fixes.	14 years ago
Victor Julien	3b79dac2b7	flow: fix atomic var not being initialized and destroyed.	14 years ago
Anoop Saldanha	5ffb050ada	Adapt flow tmqh counters to be atomic vars. Remove support for active flows q handler. Introduce SC_ATOMIC_SET	14 years ago
Anoop Saldanha	4e417b72b5	support flow q handler schedulers active_flows and active_packets. Support new yaml option autofp_scheduler. Support for printing q handler stats as well	14 years ago
Anoop Saldanha	e252048900	support for custom flow qhandlers - round robin support added	14 years ago
Victor Julien	db24258acf	Undo changes from `88b8f15663`. Atomic stack implementation had a-b-a problem.	14 years ago
Victor Julien	88b8f15663	Add atomic stack implementation. Convert flow spare queue to use this stack. Remove now unused flow-queue code.	14 years ago
Victor Julien	0150e66ede	flow engine: improve scalability Major redesign of the flow engine. Remove the flow queues that turned out to be major choke points when using many threads. Flow manager now walks the hash table directly. Simplify the way we get a new flow in case of emergency.	14 years ago
Victor Julien	e1022ee5ae	file-extraction: Disconnect file handling from flow and move into the app layer state.	14 years ago
Pablo Rincon	6d60b3a747	filename and fileext keywords	14 years ago
Victor Julien	06904c9024	App Layer cleanup Removal of per flow 'aldata' array. It contained a ptr for each ALPROTO. Instead now we have 2 ptrs in the flow: alparser and alstate. Various cleanups and dead code removal from the app layer API. Should safe 100+ bytes memory per flow on 64 bit. Updated lots of unittests to reflect these changes.	14 years ago
Anoop Saldanha	432c3317d2	app layer probing parser updates	14 years ago
Victor Julien	a5d9c86dd3	Shrink Flow structure with 20 bytes (on 32 bit) and reorder it. Clean up init, recycle, destroy macro's.	14 years ago
Anoop Saldanha	fe6e41e3ef	Removed FLOW_AL_NO_APPLAYER_INSPECTION. Moved it as FLOW_NO_APPLAYER_INSPECTION in Flow->flags. Turned Flow->flags into uint32_t and removed Flow->alflags	14 years ago
Victor Julien	136f55efc7	Fix a memory leak in flow recycle code causing the detection engine state not to be fully freed (recycled) but reference to memory removed anyway.	14 years ago
Anoop Saldanha	013d3aea1c	update ssl parser test. Some minor indentation changes	15 years ago
Victor Julien	cff0a0bda2	Fix segv conditions caused by broken flow cleanup code.	15 years ago
Pablo Rincon	a8cb8d830b	Fix for bug 186 and thresholding issue handling ip versions	15 years ago
Pablo Rincon	b931895901	Fixing flow cleanup and ctx initialization	15 years ago
Pablo Rincon	eed0ef6e69	Adding tag keyword support	15 years ago
Victor Julien	ba12f3c109	Applayer to flow fixes and cleanups.	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
Victor Julien	c26434fef1	Move flow use cnt to atomic and outside of the flow mutex protection.	15 years ago
Victor Julien	2fd31a1a11	Remove dsize grouping from detection engine grouping reducing memory usage. Store sgh in flow to reduce lookups. Reduce locking in alert handling. Increase default grouping values as we use less memory.	15 years ago
Pablo Rincon	29a6fc2f03	Adding some flow improvements and recovery on emergency mode	15 years ago
William Metcalf	2eef905c07	GPL and Copyright header updates.	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	6b36e23e45	Fix not decreasing the flow use_cnt reference counter in some cases from the app layer detection code. This caused some streams to never fully time out and thus clutter up the flow table and session pool.	16 years ago
Victor Julien	10cc9d5b6a	Add icmp flow handling.	16 years ago
Victor Julien	b102ea2123	Big update: - Implement "closing" state in flow. - Add protocol specific timeouts. - Lots of stream tracking updates, fixing a lot of out of window issues. - Stream reassembly fixes. - Implement a new IDS runmode with 4 stream and detect threads. - Added a BUG_ON macro that aborts the engine if the expression is true. - Better balance the flow queue handler for traffic that doesn't have flow (like icmp currently). - Simplify application level protocol in the Tcp Session. - Add some debugging memory counters.	16 years ago
Victor Julien	b4f0e82463	Small flow updates.	16 years ago
Victor Julien	9c7f5afa79	Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update.	16 years ago
Victor Julien	ff4b5a5db7	Add support for flowbits.	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

37 Commits (6efd37a388d73eadcdf48c65c6e553c61abc8ec5)