suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	0f072648e6	Another iteration of the reassembly depth enforcement, now considering retransmissions.	15 years ago
Victor Julien	16cd31a408	Remove unused pseudo packet reassembly code.	15 years ago
Victor Julien	a26768ce7a	Change the way the reassembly depth is enforced. Ignore retransmissions, get rid of per session counter.	15 years ago
Victor Julien	7af9c58af7	Improve ACK value validation, timestamp checking code. Overall layout.	15 years ago
Gurvinder Singh	00f21f34e8	support for pseudo packet creation from reassembled stream segments	15 years ago
Victor Julien	8fa5a2c025	Split applayer and raw stream reassembly Split stream reassembly in 2 parts: a part that sends ack'd data to the app layer parsers as soon as it's available, and another part that queues up data into larger chunks for raw inspection.	15 years ago
Victor Julien	c64b9362cf	Remove unused stream flag.	15 years ago
Pablo Rincon	4c94a27b71	Fix bug 205 (at stream-tcp-reassemble)	15 years ago
Gurvinder Singh	7577823cdf	support for stopping the evasion, which is caused by the use of TCP RST packets for linux based systems	15 years ago
Gurvinder Singh	f0928a4555	support for enforcing the depth until when the reassembly will be performed	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
Victor Julien	a0c1209a44	Inspect the reassembled stream together with the packet payload in the same direction.	15 years ago
Victor Julien	9f95ab7441	Make sure a stream that has a failing app layer inspection module no longer stops reassembly, but only app layer inspection. This way we can continue to inspect the reassembled stream.	15 years ago
Victor Julien	81f2499834	Store stream msgs processed by the app layer in the tcp session so they can be inspected by the detection module as well. The detection module returns them to the pool.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Gurvinder Singh	8e444f1772	stream and application layer improvements	16 years ago
Victor Julien	9b422c443e	Fix up initialization and hopefully make the SEQ macro's fix up an 64bit issue we're seeing...	16 years ago
Victor Julien	54b9663cd1	TCP streams: support falling back to 3WHS when we were led to believe we were in 4WHS mode. Add unittests.	16 years ago
Victor Julien	2af6ed0c8c	Support newly reported 4WHS TCP setup.	16 years ago
Gurvinder Singh	d2765511ce	async stream handling support	16 years ago
Gurvinder Singh	f2213b066f	fast track stream handling and its unitests	16 years ago
Gurvinder Singh	71da019734	some minor changes	16 years ago
Gurvinder Singh	bbb385422d	function to set packet flags	16 years ago
Gurvinder Singh	cc0b4f7181	initial version to support detection byepass	16 years ago
Gurvinder Singh	c06b2849fb	fixed unit tests and add the comments	16 years ago
Gurvinder Singh	37b4682407	target based paws handling	16 years ago
Gurvinder Singh	45cb8f5f0c	changed flag name	16 years ago
Gurvinder Singh	3350245f75	timestamp support	16 years ago
Victor Julien	301522f316	Add TCP_GET_WSCALE macro for easy access to wscale. Update StreamTcp to use it. Default to wscale 14 (max) in case of midstream as there seems to be no reliable way to predict wscale if we missed it.	16 years ago
Gurvinder Singh	aa87f70470	stream size match function and unittests	16 years ago
Victor Julien	b102ea2123	Big update: - Implement "closing" state in flow. - Add protocol specific timeouts. - Lots of stream tracking updates, fixing a lot of out of window issues. - Stream reassembly fixes. - Implement a new IDS runmode with 4 stream and detect threads. - Added a BUG_ON macro that aborts the engine if the expression is true. - Better balance the flow queue handler for traffic that doesn't have flow (like icmp currently). - Simplify application level protocol in the Tcp Session. - Add some debugging memory counters.	16 years ago
Gurvinder Singh	6824eddb0f	New function for task3	16 years ago
Brian Rectanus	fa5939ca91	64 bit cleanup part2	16 years ago
Gurvinder Singh	994473cea0	Target Based Stream Reassembly with comments	16 years ago
Victor Julien	689bbfdc45	Rename all structure definitions in the "typedef struct _SomeStruct" format to "typedef struct SomeStruct_" to make the Doxygen output more useful. Remove the Trie multi pattern matcher code. It wasn't used anymore.	16 years ago
Victor Julien	1c2240cfeb	Stream reassembly update and WIP code for L7 modules.	16 years ago
Victor Julien	668e9514d7	Pool update. Stream reassembly start.	16 years ago

37 Commits (6fc075d4ae243cb4b36350fe67e1e4b3115be9b0)