aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,061 Commits
7 Branches
161 Tags
206 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6fc075d4ae'
${ noResults }
Commit Graph

138 Commits (6fc075d4ae243cb4b36350fe67e1e4b3115be9b0)

Author SHA1 Message Date
Victor Julien 892a8a4985 Make stream inline use the chunk size settings. 15 years ago
Victor Julien 4f5aad1476 Enforce configurable minimum chunk size in raw stream reassembly. Minor stream cleanups, unittest updates. 15 years ago
Victor Julien 936b34ddf6 Remove minimum init chunk length code, set a default limit of 2560 to the minimum chunk size, allow toclient raw reassembly to start even if toserver hasn't started yet. 15 years ago
Victor Julien 8faacb727d Account for seg list not always being empty when stream closes. 15 years ago
Victor Julien ecfa2d0176 Only remove segments from segment list if they are completely before ra_base_seq. 15 years ago
Victor Julien 5bdf16380d Make sure we actually remove no longer required segments. 15 years ago
Victor Julien 7f45a4fd58 Fix missing segment flag, fix 2 unittests broken after previous stream changes. 15 years ago
Victor Julien 4a7f6079d5 Change segment removal in stream engine to not discard segments right away. Now they are only removed if they are fully before ra_base_seq. 15 years ago
Victor Julien b233105cc2 Fix a issue in stream reassembly causing the segment list getting into a inconsistent state. 15 years ago
Victor Julien a8db8b334b Remove debug stream testing code from non-debug builds. 15 years ago
Victor Julien 48c7f18453 Fix bug in the segment insert code causing an inconsistent segment list in some overlap conditions. 15 years ago
Victor Julien 05539d7357 Fix a reassembly overlap issue. Fix a inline reassembly gap handling issue. 15 years ago
Victor Julien e92ab40d39 Fix compilation for non-DEBUG case. 15 years ago
Victor Julien 2db06cc79e Improve Inline reassembly wrt to GAP handling. Add more tests. 15 years ago
Victor Julien 4c82c0e750 Improve RawInline reassembly: remove unnecessary segments from the stream in an earlier stage. Test this properly. 15 years ago
Victor Julien 3a774165fa Initial version of a inline raw reassembly function that reassembles in a sliding window. Introduce new unittest helpers for stream reassembly. 15 years ago
Victor Julien abdffadc1c Add a new app layer reassembly function that is for inline use, and use it when the stream engine is in inline mode. 15 years ago
Victor Julien bff70eed6d Update to depth code. Get segment from the correct pool when a payload is truncated. 15 years ago
Victor Julien 66c40f782c Have reassembly errors also set a stream event. 15 years ago
Victor Julien 0f072648e6 Another iteration of the reassembly depth enforcement, now considering retransmissions. 15 years ago
Victor Julien 16cd31a408 Remove unused pseudo packet reassembly code. 15 years ago
Victor Julien bf88a6de09 Add depth comment. 15 years ago
Victor Julien a26768ce7a Change the way the reassembly depth is enforced. Ignore retransmissions, get rid of per session counter. 15 years ago
Victor Julien aa04d9eefb Improve stream gap handling. Instead of giving up as soon as we see a gap we now wait much longer before we decide it's a gap. 15 years ago
Victor Julien 2849d2b1d3 Initial code for stream 'inline' mode: packets that are (partly) overlapping with already accepted packets (meaning in the streams seg list) are rewritten to make sure they contain the exact same data. 15 years ago
Victor Julien 8b5f553a35 Inspect a pseudo packet upon receiving a RST so that we are sure both sides of the TCP session are inspected. 15 years ago
Gurvinder Singh 55a863359c support for pseudo packet creation from reassembled stream segments 15 years ago
Victor Julien 44e678b86b Comment out disabled unittests. 15 years ago
Victor Julien 1d971b53a6 Update all unittests 15 years ago
Victor Julien b0901ab30d Fix compilation with --enable-debug 15 years ago
Victor Julien 61a9936d55 Inspect a pseudo packet upon receiving a RST so that we are sure both sides of the TCP session are inspected. 15 years ago
Gurvinder Singh 00f21f34e8 support for pseudo packet creation from reassembled stream segments 15 years ago
Victor Julien 8fa5a2c025 Split applayer and raw stream reassembly 
Split stream reassembly in 2 parts: a part that sends ack'd data to the app
layer parsers as soon as it's available, and another part that queues up
data into larger chunks for raw inspection.
 15 years ago
Victor Julien dda6d3e07b Add error counters. 15 years ago
Victor Julien 4ae7144876 Fix 2 cases where overlapping data in the stream engine wouldn't be properly handled potentially causing the wrong data being used in stream reassembly. 15 years ago
Eric Leblond 1db4aadd16 Supress usage of Packet declaration in tests. 
For convenience, a massive usage of 'Packet p;' declaration has
been done in the tests function. Although this was completely
legal, this is not possible anymore because of the new Packet
allocation structure. This massive patch modifies all suricata
files to use a SCMalloc allocated pointer to Packet instead.

This patch has been done using coccinelle (http://coccinelle.lip6.fr)
which is a semantic patching tool. This ensures that things like call
to SCFree() should have not been forget because the semantic patch
explicitly forces the call to SCFree(p) before each return. With this
patch all unittests are running fine with a small and a big default
packet size.
 15 years ago
Gurvinder Singh 892dea31e4 added the counter for tcp.segment_memcap_drop to show the dropped segments count due to memory limit 15 years ago
Gurvinder Singh 6a5bc52461 support for several tcp evasion attacks. Thanks to Judy Novak and G2 Inc for reporting them 15 years ago
Victor Julien 1d73e1fb7e Small update to the ssh module: fix a valgrind warning and a couple of compiler warnings. Do a few small style updates. 15 years ago
Pablo Rincon 9d7baa7a9f Adding ssh app layer module with two new keywords: ssh.protoversion and ssh.softwareversion 15 years ago
Gurvinder Singh 0dab0e3935 fix the reassembly depth test (bug 216) 15 years ago
Victor Julien a9e78871fe Really fix bug 205 this time, repair a broken unittest. 15 years ago
Victor Julien 196e572daa Make sure holding up to_client reassembly stops after the proto is detected or we're sure we'll never detect it. Fixes issues related to bug 205. 15 years ago
Pablo Rincon 4c94a27b71 Fix bug 205 (at stream-tcp-reassemble) 15 years ago
Gurvinder Singh f0928a4555 support for enforcing the depth until when the reassembly will be performed 15 years ago
Victor Julien 66dee577d7 Force stream reassembly on streams where we didn't yet detect the protocol if the stream is closing. 15 years ago
Gurvinder Singh 8b0ca4f628 support for seperate memcaps for reassembly and stream engine 15 years ago
Victor Julien 92858a211d Fix STREAM_EOF flag overwriting STREAM_START flag on short streams. This made us miss short HTTP sessions. 15 years ago
Victor Julien a3ff0e7210 Don't scan TCP packet payload if it was added to the stream. Inspect the tcp stream with the correct packet. Should fix #184 and #185. 15 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 15 years ago