Victor Julien
79d5ef3707
Improve warning if prelude output is selected but support not compiled in. #320 .
12 years ago
Victor Julien
e7b36051de
Improve pktvar keyword parsing and error handling.
12 years ago
Victor Julien
2179ac2595
Minor fixes for coverity issues.
12 years ago
Victor Julien
c4e5e1482e
Fix detect tag error handling.
12 years ago
Victor Julien
d840308ae2
file detect: improve cleanup
12 years ago
Victor Julien
4a9fa35cf2
filemd5: free hash during cleanup
12 years ago
Anoop Saldanha
b0b29fb85a
ac-bs and ac-gfbs mem cleanup
12 years ago
Anoop Saldanha
c1cc9188fd
more mpm engine mem cleanup
12 years ago
Anoop Saldanha
0eaf0b0129
mpm engine and ac mem free fixes
12 years ago
Nikolay Denev
50aba06530
Fix SCSetThreadName() macros in threads.h Add FreeBSD thread naming implementation.
12 years ago
Anoop Saldanha
cde31abe96
bug #455 - Warn users on signature event vars having precedence over threshold.conf ones
12 years ago
Victor Julien
ab421978f0
Free all sig match structs when freeing a signature.
12 years ago
Victor Julien
f4c7bd4e5b
Fix memleak in tag parsing.
12 years ago
Victor Julien
af97c36c08
Properly clean signature's ip only data.
12 years ago
Victor Julien
c7af0589bc
Fix a reload memleak in thread local detection engine ctx.
12 years ago
Victor Julien
19e3348cae
Fix a reload memleak in the duplicate sig detection hash.
12 years ago
Victor Julien
728c4f9ea0
Clean up packet pool at shut down.
12 years ago
Victor Julien
583ba460c4
Update Changelog for 1.3rc1 release
12 years ago
Anoop Saldanha
ba5f757c47
sc_atomic_cas replaced with sc_atomic_set
12 years ago
Victor Julien
0c98980e21
http: add unittest to test \r in header line.
12 years ago
Victor Julien
d236e68b62
htp: keep track of header line terminators so http_raw_header can reconstruct exact headers.
12 years ago
Victor Julien
3d12b74012
http_raw_header: add some debug code.
12 years ago
Victor Julien
a6471cdb9c
icmpv6: for ICMPv6 info messages set payload ptr and length to right after 4 byte hdr.
12 years ago
Victor Julien
4cf6bb3f4c
afpacket: fix compilation in debug mode.
12 years ago
Eric Leblond
c36aa041f3
Update coccinelle script to match syntax evolution.
12 years ago
Eric Leblond
0227a87fcb
cleaning: fix warning when building with clang.
...
clang was issuing some warnings related to unused return in function.
This patch adds some needed error treatment and ignore the rest of the
warnings by adding a cast to void.
12 years ago
Eric Leblond
6efd37a388
af-packet: use counter for drop and accept
...
This patch adds counters for kernel drops and accepts to af-packet
capture module. This information are periodically displayed in
stats.log:
capture.kernel_packets | RxAFP1 | 1792
capture.kernel_drops | RxAFP1 | 0
The statistic is fetch via a setsockopt call every 255 packets.
12 years ago
Eric Leblond
f2a6fb8a5a
af-packet: add support for BPF filter.
...
This patch adds support for BPF in AF_PACKET running
mode. The command line syntax is the same as the one
used of PF_RING.
The method is the same too: The pcap_compile__nopcap()
function is used to build the BPF filter. It is then
injected into the kernel with a setsockopt() call. If
the adding of the BPF fail, suricata exit.
12 years ago
Eric Leblond
c85ee1e3f6
af-packet: get datalink for each socket creation.
...
This patch will allow us to use the datalink when computing the filter.
It also fixes a potential issue where an interface data type change
after the interface if going down/up.
12 years ago
Victor Julien
59ec493f7c
http body inspection: force body inspection on stream eof.
12 years ago
Victor Julien
4d4671c470
default config: add engine-analysis.rules directive.
12 years ago
Victor Julien
2a4992e7a0
inline: fix unified2 alert direction selection
12 years ago
Victor Julien
87ec969b3d
filemd5: fix compilation if libnss isn't available
12 years ago
Victor Julien
c9e93ec52c
filemd5: add support code for md5 handling for signatures.
12 years ago
Victor Julien
8cd460dde5
Don't display a warning when log-pcap tries to remove an already removed file.
12 years ago
Anoop Saldanha
7109a056a5
http header won't inspect set-cookie headers. Set-cookie part of cookie keyword now. Also update the http header inspection engine
12 years ago
Victor Julien
988f22ee2e
Free pcre study structs for classification, threshold and reference parsing.
12 years ago
Anoop Saldanha
0c24bbab0c
code cleanup for live swap
12 years ago
Victor Julien
452114a859
Fix compiler warning.
12 years ago
Anoop Saldanha
2bc7d0792d
update clean up of old detection engine contexts for live rule swap
12 years ago
Anoop Saldanha
eee33866df
DetectEngineCtxFree() cleanup, also in main
12 years ago
Anoop Saldanha
c3eab5cf4e
Replace the old atomic sets using cas with the new sc_atomic_set macro
12 years ago
Anoop Saldanha
32183faa82
free flowvar entries in flow after live rule swap. Sync flowbits entries into packet struct to be used by alert debuglog when alert debuglog is enabled
12 years ago
Anoop Saldanha
8fb2040eee
disable live rule swap when -s or -S option's used at startup
12 years ago
Anoop Saldanha
31eb5fa2f6
Introduce util-signal.[ch]. Move our signal setup functions here
12 years ago
Victor Julien
4cde2355bd
Simplify flow resetting on de_ctx update. Detect ctx id starts at 1. So in a flow 0 means uninitialized (thus set) and if we detect flow is not equal to detect id, we reset the sgh storage and de_state.
12 years ago
Anoop Saldanha
6fa46d7526
If new ruleset requires any htp callbacks that aren't already set, don't load new ruleset; request user to restart suricata + disable setting fileinsepection flags unconditionally in main
12 years ago
Anoop Saldanha
e5edcfaca8
add unittest for atomic operation with void *
12 years ago
Anoop Saldanha
ecad4a24fa
live rule support added
...
To reload ruleset during engine runtime, send the USR2 signal to the engine, and the ruleset would be reloaded from the same yaml file supplied at engine startup
12 years ago
Anoop Saldanha
83a8f6e03a
cleanup threshold config de-init
12 years ago