aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,755 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '743ed7626c'
${ noResults }
Commit Graph

1664 Commits (743ed7626c182e30a9ed0b9cad467c20418cd473)

Author SHA1 Message Date
Pablo Rincon fcff1ce7f4 Converting threadvar flags to atomic vars to avoid using the old spinlock 15 years ago
Anoop Saldanha b8f5a6a4fc throw out contents/uricnotents with invalid hex assembly 15 years ago
Anoop Saldanha 850f44022f invalidate sigs with content/uricontent strings ", "boo, boo" + fix parsing content strings of the format content: !\"boom\";" 15 years ago
Victor Julien 5a7efe5f97 Add comment and layout update to new fast_pattern code. 15 years ago
Anoop Saldanha a85fa6b792 support for fast_pattern only and fast_pattern:offset,length. Also support the new option for engine-analysis 15 years ago
Anoop Saldanha 0d741b9a55 fix for bug 227. For negated contents that have been added to mpm we might have pmq.pattern_id_array_cnt as 0. We can't ignore inspecting sigs if this is 0, in case the content added is negated 15 years ago
Jason Ish 9ad1924dba Track the max ticks for each rule. 
This is the highest tick count this rule used to evaluate in a single sample.
 15 years ago
Pablo Rincon b3a8f0a90f Fix asn1 decoder frame oob mem. Adding max stack frames to suricata.yaml 15 years ago
Victor Julien 25d1b6fec1 Adapt malloc macro's to only display errors during init, not during runtime. At runtime it could make us crawl if the system runs out of memory. 15 years ago
Victor Julien 22f770f3bf Better handle low memory conditions. 15 years ago
Victor Julien 21c8d27300 Disable expensive unittests that don't really test anything. 15 years ago
Anoop Saldanha 7abf3a2123 fix csum handling for tcp/dup 15 years ago
Victor Julien f1ea68e316 Store the first frag flag in the uuid as the pfc_flags field is overwritten. Part of fixing #206. 15 years ago
Pablo Rincon 14a12f5fb7 Adding atomic bitwise operations api and rwlocks support 15 years ago
Victor Julien b8a709cbe7 Fix setting hash size in the config for b3g. Part of fix for bug #222. 15 years ago
Anoop Saldanha e47a9b59e9 accept tcp packets with syn+urg+push 15 years ago
Gurvinder Singh f2f0b54d25 removed xref from the alert-fastlog 15 years ago
Victor Julien aa2c3118e3 Remove unused code from b2gm. 15 years ago
Gurvinder Singh 3eab715153 support for printing protocol names for known protocol 15 years ago
Victor Julien b81280524c change dcerpc warnings into debugs. 15 years ago
Victor Julien 4208bdf0f9 Fix unittest. 15 years ago
Victor Julien cbd4c298ed Initial version of a new bitmask based signature pre-filtering method. 15 years ago
Victor Julien 7e47d87e1a Small layout update 15 years ago
Victor Julien 66340be072 Fix pcre compilation with debug enabled. 15 years ago
Victor Julien 091f53ce4e Fix retval of SCMemcmp for non-SIMD implementation. 15 years ago
Victor Julien a75556dfe5 Add memcmp functions for SSE4.1 and SSE4.2. 15 years ago
Victor Julien 1859ed54c7 Add memcmp api with a plain memcmp function and a SSE3 accelerated memcmp. 15 years ago
Victor Julien 94898a91cc Reorganize SigMatchSignatures. 15 years ago
Victor Julien fc248ca7a1 Many small performance updates. 15 years ago
Victor Julien b4454b6846 Switch to b2gc as default pattern matcher as it uses less memory and is a little faster. 15 years ago
Victor Julien 57b098e98c Add padding to commonly used data structures. 15 years ago
Victor Julien 87f88867f4 Further improve B2gc. Add B2gm. Improve memory layout. 15 years ago
Victor Julien 4329261faa Fix setting hash size in the config for b2g pattern matcher. 15 years ago
Victor Julien 697167319e Change BloomFilter structure layout to reflect order of access. 15 years ago
Victor Julien 3971bcc83a Switch to faster tolower function for u8_tolower. 15 years ago
Victor Julien 9dfbab42f8 WIP B2gc 15 years ago
Victor Julien fc1687d875 Make sure the DetectHttpMethodData structure is properly initialized before using it. 15 years ago
William Metcalf 7b13ba9f9e Fixed broken nocase for http_method and http_header 15 years ago
Anoop Saldanha ea902cc7d7 fix bytejump segv from bug 237 15 years ago
Anoop Saldanha 38898d9b30 fix bytetest segv from bug 237 15 years ago
Anoop Saldanha 6e5a48c92c temporary fix, in case we still have any corner cases remaining in dce parser 15 years ago
Anoop Saldanha 24a88a689a fix opnum parsing for fragmented request dce pdus 15 years ago
Anoop Saldanha 1097de0d9d changed the endianness comparison to & for dcerpc pdus 15 years ago
Anoop Saldanha a3280c1a20 throw out malformed pdus, that result the parser having parsed the required data, but we still havne't thit the frag length limit for the parser 15 years ago
Anoop Saldanha 1aea3e56be for now ignore pdus with auth verifier. We will get back to this in the coming iteration 15 years ago
Anoop Saldanha fc37e9d6ee add internal ids to uuids. Use these internal ids to match uuids from bind and bind_ack. Create a new uuid list to hold all accepted uuids. Modifications to dce-iface to accomodate these changes as well + unittests 15 years ago
Anoop Saldanha 816d2ef0c0 if malformed pdus push the bytesprocessed beyond frag_length, that's a sure endless loop. Avoid it, by reseting the dce state on seeing this 15 years ago
Anoop Saldanha 5c5d8f8a5d indentation fix in DCERPCParseBINDCTXItem, following changes from the previous patch 15 years ago
Anoop Saldanha 38e26e5186 modify the dce parser to accept context ids that start with a non-zero value 15 years ago
Anoop Saldanha d57428471c fix endianness handling for bindacksecondaryaddrlen 15 years ago
Anoop Saldanha ba9355d688 Flag if we see a fragged pdu. Do not reset dce stub buffer, if we are dealing with fragmented pdus(holds good only for first frag request pdus). Also reset the dce state vars on seeing an invalid PDU. Some minor fixes with respect to endianess as well. 15 years ago
Anoop Saldanha 00f21252fa support fragmented pdus in dce + unittest 15 years ago
Anoop Saldanha ebc1f62050 some additional indentation changes in DCERPCParser 15 years ago
Anoop Saldanha c2bc8ca252 fix mem leak in tailq that holds dce uuids 15 years ago
Anoop Saldanha 1c443677b2 fix indentation in DCERPCParser 15 years ago
Anoop Saldanha fe700737a3 fix null dereference in detect parse test - clang fix 15 years ago
Gurvinder Singh 892dea31e4 added the counter for tcp.segment_memcap_drop to show the dropped segments count due to memory limit 15 years ago
Victor Julien 1c1c8cef89 Print engine uptime on the same line as date and time. 15 years ago
Gurvinder Singh 1d0492e2e7 added support to print the engine uptime in stats.log 15 years ago
Victor Julien e7cb7c6b97 Make outputs part of the flowpinned threads in the AutoFp runmode. 15 years ago
Victor Julien 99ad338e91 Bump version to 1.0.2 15 years ago
Victor Julien 0eb0d48f35 Disable broken unittests and fix one. 15 years ago
Victor Julien f1e6e80a1e Properly set tmp_ra_base_seq in streams. By Gurvinder. 15 years ago
Gurvinder Singh 6a5bc52461 support for several tcp evasion attacks. Thanks to Judy Novak and G2 Inc for reporting them 15 years ago
Victor Julien bc55fb27dc Compiler warning fix for memory macro's. Small layout changes. 15 years ago
Pablo Rincon 06a65cb460 moving http_client_body logic to use it per transactions. Adding unittests 15 years ago
Pablo Rincon ee34c70ad8 Reference atomic vars with SC_ATOMIC_EXTERN properly (considering if we support atomic operations or not) 15 years ago
Pablo Rincon 5c43db85ce Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection 15 years ago
Pablo Rincon 76af1b049b Make malloc errors on initialization stage a fatal error, resulting on a exit() call 15 years ago
Anoop Saldanha eb9adf8129 fix NULL indirection while parsing dce sigs - clang fix 15 years ago
Anoop Saldanha f094523eb1 clang fix - some minor fixes for unittests 15 years ago
Pablo Rincon bbab0f9987 Set default gid to 1 on Sig init 15 years ago
Pablo Rincon 8f3322ef73 Fix segv condition on DetectHttpMethodMatch (if the applayer unset the connp) 15 years ago
Pablo Rincon f225bd1428 Adding modifiers /C /H and /M to pcre (http cookie, header and method) 15 years ago
Victor Julien 1d73e1fb7e Small update to the ssh module: fix a valgrind warning and a couple of compiler warnings. Do a few small style updates. 15 years ago
Pablo Rincon 9d7baa7a9f Adding ssh app layer module with two new keywords: ssh.protoversion and ssh.softwareversion 15 years ago
Gurvinder Singh 0dab0e3935 fix the reassembly depth test (bug 216) 15 years ago
Victor Julien 610b7702ba Bump version to 1.0.1 15 years ago
Victor Julien 04d3832d8f Remove ports check and fix small typo. 15 years ago
Victor Julien a492518e7a Properly detect detect-event-only sigs. 15 years ago
Pablo Rincon 21d79b05ad Fix for bug221 (avoid considering sig as "decoder event only" if ports are specified). Now the sig gets grouped to get a sgh at SigMatchSignatures 15 years ago
Victor Julien f081577fe4 Revert yesterday's dcerpc commits as there were to many corner cases for it to go into 1.0.1. 15 years ago
Victor Julien 6299fbfb0f Fix stream msg content inspection not inspecting the correct id. 15 years ago
Anoop Saldanha 526a782002 temporary fix for dcerpc so that we don't loop endlessly, till we cover all cases with fragged pdus 15 years ago
Anoop Saldanha 361cf14f50 fix endless loop. Change dce parser to accept ctx ids that always start with a ctx with a 0 ctx id 15 years ago
Anoop Saldanha 8c774a1e2a fix 206. Keep a count of uuids that don't belong to the first frag. Change dce_iface to match against uuids based on any_frag setting 15 years ago
Anoop Saldanha 52bb4c0670 fix endless loop in dce parser. fix parsing error of secondaryaddrlen for bindack 15 years ago
Anoop Saldanha cda1efff29 fix mem leak in tailq that holds dce uuids 15 years ago
Anoop Saldanha 154a48fada parse fragmented dce rpc headers correctly. Also some other minor fixes 15 years ago
Anoop Saldanha c7fdc5ebda do not reset dce stub buffer, if we are dealing with fragmented pdus(holds good only for first frag request pdus) 15 years ago
Anoop Saldanha 73241fc86c support fragmented puds in dce + unittest 15 years ago
Anoop Saldanha 3ae45e5bbc fix indentation in DCERPCParser 15 years ago
Victor Julien c62a3d995e Fix signatures with trailing spaces being rejected by the regex. Add test. 15 years ago
Anoop Saldanha 60c770c434 make pcre respect discontinue_matching flag in content matching functions 15 years ago
Kirby Kuehl e8ecc94d6a fix multiple dcerpc fragments in one packet 15 years ago
Anoop Saldanha ce4bc5a63b some minor modifications to the b2g cuda tests 15 years ago
Victor Julien c25921edf0 Add config output for new stream settings. 15 years ago
Anoop Saldanha 3a0dadc0f3 Fix seg fault while running cuda tests. Don't set the alarm while running unittests, inside cuda-packet-batcher.c. Will result in a seg while the sig handler for ALRM in invoked 15 years ago
Anoop Saldanha 3536ba7348 fix seg fault due to premature cleanup/double cleanup for byte(jump|test), isdataat, on seeing no previous relative keywords 15 years ago
Pablo Rincon c1486d7f2e Fix bug 217 (segv on profiling summary if no rule was specified 15 years ago
Victor Julien d1ce1c502b Fix -Wall -Werror compilation after unittests update. 15 years ago
Pablo Rincon 0c3906a99b Fix for bug 204 (signature ordering with flowbit priority) 15 years ago
Victor Julien 1071a53210 Fix unittests after ip_proto keyword change. 15 years ago
Pablo Rincon 70bda6506d Fix for bug 180 (check proto specified at the IP hdr) 15 years ago
William f7ab84ca83 PF_RING hang at exit fix 15 years ago
Victor Julien 1bd2d59253 Merge decode and stream threads in RunModeIdsPcapAuto like in the file runmode. Fix these runmodes not adhering to the cpu affinity setting if CUDA is compiled in. 15 years ago
Anoop Saldanha ead29dc691 make detection engine use dce alstate(if present), on seeing smb traffic 15 years ago
Victor Julien 7acb97da9d Use same mpm prepare procedure for uricontent as for normal content. More cleanups. 15 years ago
Victor Julien 9ba11dbfbd Clean up detection engine mpm initialization phase. 15 years ago
Victor Julien 37ca07b687 Fix segv on loading signatures with unsupported combinations of pcre and the relative flag. 15 years ago
Victor Julien 0d008c8135 Change stateful detection engine to be able to start the stateful detection separate from other sigs. Fixes bugs #213, #214, #215. 15 years ago
Victor Julien 05ae4f99d8 Kick out invalid signature with uricontent and flow:to_client or flow:from_server. 15 years ago
Victor Julien a9e78871fe Really fix bug 205 this time, repair a broken unittest. 15 years ago
Pablo Rincon 34bb107f2c Fix for bug 207 (depth/offset not correctly updated on certain cases) 15 years ago
Victor Julien ef27234959 Comment out broken SSLParserTest03 test. 15 years ago
Victor Julien 196e572daa Make sure holding up to_client reassembly stops after the proto is detected or we're sure we'll never detect it. Fixes issues related to bug 205. 15 years ago
Victor Julien 689d05b10b Add missing protocol check in the sig matching process. This prevents FP's such as the one reported in bug #209. 15 years ago
Pablo Rincon 4c94a27b71 Fix bug 205 (at stream-tcp-reassemble) 15 years ago
Anoop Saldanha b7a57c5210 fix setting the right value for parsed bytes in case of fragmented BIND dce PDUs 15 years ago
Anoop Saldanha b94eaec7c2 implement relative pcre matching in detect-engine-(payload|uri|dcepayload).c. Also fix within/distance handling of RELATIVE_NEXT flag for uricontent 15 years ago
Anoop Saldanha 3a375aa43a fix relative contents with a negated content for detect-engine-(uri|dcepayload).c like how we did for detect-engine-payload.c 15 years ago
Anoop Saldanha ae3148aded fix false positives for a negated content case 15 years ago
Victor Julien 0219b767b8 Fix a content pattern matching bug related to signature grouping and mpm_ctx sharing. In certain conditions (signature combinations) the mpm_stream_ctx (the ctx that handles stream pattern scanning) wasn't properly setup. 15 years ago
Kirby Kuehl 18840bd96e properly handle bytecount of 0 15 years ago
Gurvinder Singh 7577823cdf support for stopping the evasion, which is caused by the use of TCP RST packets for linux based systems 15 years ago
Gurvinder Singh f0928a4555 support for enforcing the depth until when the reassembly will be performed 15 years ago
Victor Julien 13045683ff Reenable and fix AlpDetectTestSig5 15 years ago
Pablo Rincon c6e090f72c App layer proto specific sigs (use the app layer to match proto) 15 years ago
Victor Julien 102092a89c Make signature address matching more cache efficient. 15 years ago
Victor Julien 1eec149f5e Use Address structure in DetectAddress struct. 15 years ago
Victor Julien 66dee577d7 Force stream reassembly on streams where we didn't yet detect the protocol if the stream is closing. 15 years ago
Anoop Saldanha 07491f8887 add --list-cuda-cards option to list the cuda cards on the system. Add conf parameter to select the cuda device to use. Also change the threshhold limit to 2.4k packets to buffer 15 years ago
Anoop Saldanha 89e3d92cdb fix creating a static array of length 0 in SigMatchGetLastSMFromLists - clang fix 15 years ago
Gurvinder Singh 8b0ca4f628 support for seperate memcaps for reassembly and stream engine 15 years ago
Victor Julien c6ddcda7f8 Improve out of memory handling during initialization. 15 years ago
Victor Julien 718fecb6fc Better handle low memory conditions. 15 years ago
Victor Julien f07997fd4a Don't set negated uricontent signature flag twice. 15 years ago
Pablo Rincon b7076a8ea0 Don't avoid inspecting uricontents if we get no match. It can be negated uricontents (and urilens/pcre..). But at least skip the search if we get no match 15 years ago
Anoop Saldanha 016af36051 todo list for cuda-packet-batcher 15 years ago
Anoop Saldanha 42830d1c5b fixes for dce_stub_data and content data sig parsing + more unittests 15 years ago
Pablo Rincon 169cb22dc6 Updating other http modifiers for sigs with fast_pattern option 15 years ago
Pablo Rincon e7b537cec3 Fixing unittests for fast_pattern options compatibility 15 years ago
Victor Julien bfd167521e Fix DCERPC over SMB/SMB2 detection issues. Fix not updating transaction id in a stream direction if there was no sgh. 15 years ago
Victor Julien a4951286e9 Bump version to 1.0.0 15 years ago
Pablo Rincon cc8068be0a Print also the Signature raw string 15 years ago
Pablo Rincon 742f066fa2 Updating the http modifers that cannot be loaded with fast_pattern 15 years ago
Pablo Rincon 693d4f54eb Load signatures with incompatible fast_pattern option (due to design differences for optimization) 15 years ago
William Metcalf 50eb3cba6a seems to be a race between FlowTestPrune and FLOW_DESTROY in FlowTest0* comment out the later for now 15 years ago
Victor Julien b4db93fa94 Remove leftover printf. 15 years ago
Anoop Saldanha 673322f01f unittests for dce_stub_data content based singature parsing + fixes 15 years ago
Anoop Saldanha ce8d27425d fix signature parsing to how snort does it for content based keywords along with dce_stub_data 15 years ago
Victor Julien 1fb11e939a Improve configure messages. Make sure CUDA doesn't try to process packets that are too big. 15 years ago
Victor Julien e14331cbb2 Fix PACKET_RECYCLE not cleaning all of the packet. 15 years ago
Victor Julien 8d737310aa Use 'simple' queue for cuda too. Fix hanging in cuda mode. 15 years ago
Victor Julien 3c1ae607cf Fix cuda compilation. 15 years ago
Anoop Saldanha 33f4beb0bc batching of packets support for cuda b2g mpm. Supported for both 32 and 64 bit platforms 15 years ago
Victor Julien b3c22cd512 Improve app layer proto check. 15 years ago
Victor Julien 39cb1bdbda Fix app layer sigs being recognized as decoder event only or ip only. 15 years ago
Victor Julien 587a53b904 Disable per second counters as they are unreliable. 15 years ago
Pablo Rincon 8f9bcef0e2 This patch for app-layer-ssl fix the bug #198 (SSLParserTest01). It seems that with -O2 and -O3, the compiler doesn't handle the initialization correctly (weird..) 15 years ago
Pablo Rincon 7003dc5c0d Fix valgrind ctx error on asn1 test 06 15 years ago
Victor Julien d41b5645ef Make sure decoder event rules are inspected even if the packet is invalid and has no addesses or proto. Update fast log and alert debug log to display the alerts. Fixes #179. 15 years ago
Victor Julien 92858a211d Fix STREAM_EOF flag overwriting STREAM_START flag on short streams. This made us miss short HTTP sessions. 15 years ago
Victor Julien 634b328d38 In case of error in pcap file reading mode, we shut the engine down hard instead of gracefully. 15 years ago
Victor Julien 426a7de5f2 Fix compiler warning about incomplete prototype (2). 15 years ago
Victor Julien 18c923318a Fix bug where valid FIN packets would be rejected. 15 years ago
Victor Julien 67429e523f Fix compiler warning about incomplete prototype. 15 years ago
Anoop Saldanha fa373516c5 fixes the offset case for content matches + a case not handled by the prevous fix for multiple relative content matches. fix for payload.c dcepayload.c and uri.c 15 years ago
Anoop Saldanha 92eb380594 multiple relative content matches changes for detect-engine-dcepayload.c and detect-engine-uri.c like how we did for detect-engine-payload.c 15 years ago
Anoop Saldanha 5fb6981e9e content handling changes in detect-engine-payload.c for multiple relative matches 15 years ago
Anoop Saldanha a059ff276e byte test and byte jump update dce matching option 15 years ago
Victor Julien 05d382f533 Fix broken stream engine config initialization: due wrong casts settings could be overwritten in memory. 15 years ago
Victor Julien ec277b292c Fall back to the old mutex based queue's to see if that fixes an obscure lockup at higher optimization levels in gcc in file pcap mode. 15 years ago
Victor Julien ecb5fd3298 Add missing util-validate.h 15 years ago
Pablo Rincon b8b511a54e Avoid mem allocations while searching on radix trees (temporal prefix) 15 years ago
Victor Julien 1d74797b17 Attempt to work around NULL packets we're seeing ending up in queues when the compiler has optimized our code. 15 years ago
Pablo Rincon 868d4614b9 Tag engine improvements. Output tags only on unified format. Added atomic counter for tagged hosts/sessions 15 years ago
Victor Julien 8cdd02877f Add unittests for ringbuffer. 15 years ago
Victor Julien e685579231 Add optional structure validation code. 15 years ago
Victor Julien b67fb5229b Fix pcap file auto flow pinned runmode (disabled by default). 15 years ago
Victor Julien 393acd77d2 Detection improvements: uricontent escaping now working, better negated pattern (content) handling. 15 years ago
Gurvinder Singh 154a8b1ed9 fixed the build failure with profiling enabled 15 years ago
Victor Julien 37eb2290b0 Add some checks for 'impossible' conditions that become possible after enabling optimizations :-/ 15 years ago
Victor Julien 017b95f9ef More thoroughly cleanup a Packet when we recycle it. Fixes a corner case where we'd have a invalid tcp packet but p->proto would still say IPPROTO_TCP because of a previous run. Fixes bug #187. 15 years ago
William Metcalf 5580f3d9c2 PacketQueue postp added to TmEcodes for ipfw and pf_ring to silence compiler warnings 15 years ago
William Metcalf 876057a4da missing flow init in DetectTagTestPacket04 fix ut lockup on older os's 15 years ago
Victor Julien 7454336ef5 Make SigWrapper private to detect-parse.c and rename to SigDuplWrapper to reflect it's use and purpose. 15 years ago
Anoop Saldanha 9ecade76b9 in case of duplicate signatures used the one with the latest revision 15 years ago
Pablo Rincon eedafa3a17 Adding unittests for anchored pcres for anchored 15 years ago
Pablo Rincon bcb0b9ef9b Moving urilen inspection to detect-engine-uri. Adding unittests for pcre /U and urilen, in combination with uricontent 15 years ago
Anoop Saldanha 36e4b1830e add pcre with U modifiers to the umatch sigmatch list. fix for bug 155 15 years ago
Gurvinder Singh 8852b83fa7 flowbits, flowvars, pktvars, flow flags and app layer info added to alert-debug.log 15 years ago
Pablo Rincon 95fef55507 Fix threshold handling ip addr 15 years ago
Victor Julien 580b09c2b8 Make sure we inspect all outstanding reassembled stream chunks (smsg) if the stream is shutting down. Make sure to do inspect signatures that use dsize against the tcp packet payload, even if that payload was already added to the stream. Likewise, the dsize signatures are not inspected against the reassembled stream. 15 years ago
Victor Julien a3ff0e7210 Don't scan TCP packet payload if it was added to the stream. Inspect the tcp stream with the correct packet. Should fix #184 and #185. 15 years ago
Victor Julien d500a52b58 Fix valgrind error in tls unittest. 15 years ago
Victor Julien cff0a0bda2 Fix segv conditions caused by broken flow cleanup code. 15 years ago
Pablo Rincon a8cb8d830b Fix for bug 186 and thresholding issue handling ip versions 15 years ago
Victor Julien 6eb7eea705 Fix a data race for packet pool packets when defrag/tunnel code needs a packet. 15 years ago
Victor Julien a4cb7fced0 Fix thresholding code for packets that are neither (valid) ipv4 and ipv6. 15 years ago