aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,617 Commits
7 Branches
161 Tags
202 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '844e4dba11'
${ noResults }
Commit Graph

42 Commits (844e4dba11867fb9f2b91292a9b73b10a5ec415a)

Author SHA1 Message Date
Victor Julien 80d62b59ec Fix drop (and other actions) not being applied to thresholded packets. Bug #613. 13 years ago
Victor Julien 82fc61770b threshold: allow threshold.config to override rule 
Allow threshold.conf to override rule thresholds in the following
cases:

- threshold.config rule uses threshold or event_filter AND
- threshold.config rule applies to a single signature (so no
  gid 0 or sid 0)

Confirmed to work with both threshold and detection_filter rule
keywords.

Part of bug #425.
 13 years ago
Eric Leblond e176be6fcc Use unlikely for error treatment. 
When handling error case on SCMallog, SCCalloc or SCStrdup
we are in an unlikely case. This patch adds the unlikely()
expression to indicate this to gcc.

This patch has been obtained via coccinelle. The transformation
is the following:

@istested@
identifier x;
statement S1;
identifier func =~ "(SCMalloc|SCStrdup|SCCalloc)";
@@

x = func(...)
... when != x
- if (x == NULL) S1
+ if (unlikely(x == NULL)) S1
 13 years ago
Victor Julien d8667448c1 threshold: allow suppression for sigs with threshold set. Part of #425. 13 years ago
Victor Julien d8356c5ebd Windows build and other misc fixes. 13 years ago
Anoop Saldanha cde31abe96 bug #455 - Warn users on signature event vars having precedence over threshold.conf ones 13 years ago
Victor Julien 988f22ee2e Free pcre study structs for classification, threshold and reference parsing. 13 years ago
Anoop Saldanha 0c24bbab0c code cleanup for live swap 13 years ago
Anoop Saldanha 83a8f6e03a cleanup threshold config de-init 13 years ago
Eric Leblond 2d22f667c2 config: use config file in sysconfdir by default. 13 years ago
Anoop Saldanha 5d22194299 fix failing rate filter unittest 13 years ago
Anoop Saldanha c34713321a fix rate filter alert suppression. Log error if rate filter has count of 0. Other minor fixes as well 13 years ago
Victor Julien c0a2cbd478 Move over src and dst thresholding to use host table. Fix a bug in threshold 'both' handling. 14 years ago
Victor Julien e237841a8e Fix compilation with profiling enabled. Minor unittest fixes. 14 years ago
Victor Julien de5c1d1491 Fix minor fgetc issue. 14 years ago
Victor Julien cdba2f50d1 Various fixes and improvements based on feedback by Coverity analyzer. 14 years ago
Anoop Saldanha eb07c345b8 code cleanup - replace SigMatchAppendThreshold with SigMatchAppendSMToList 14 years ago
Anoop Saldanha bbb9f35f26 code cleanup - replace SigMatchGetLastSM with SigMatchGetLastSMFromLists 14 years ago
Victor Julien c8c4a76dc6 Move threshold to it's own sig match list. 14 years ago
Victor Julien 28e15be526 Clean up default output. Use simpler output format for releases. 14 years ago
Victor Julien 2d16abcf8b Minor code cleanups fixing all GCC 4.6 compiler warnings for default, debug and unittests mode. 14 years ago
Victor Julien 362c25ec8a Fix potential suppression parsing issue found by CLANG. 14 years ago
Eric Leblond 685e0e1a63 Rename rule_type_t to ThresholdRuleType. 14 years ago
Eric Leblond 8787e6f6d0 suppress: use DetectAddress instead of DetectAddressHead 14 years ago
Eric Leblond 7938344e1b threshold: refactoring of parsing code 
This patch factorize the regular expression to be ease the parsing
process. It also adds a missing free and factorize exit code.
 14 years ago
Eric Leblond 03c185a3ad threshold: add suppress keyword 
This patch adds the suppress keyword to the threshold.config file.
The alerts are suppressed but the other elements like flowbits are
maintained.
 14 years ago
Eric Leblond a56f8dd6b2 doc: introduce doxygen group "threshold" 
This patch introduces a doxygen group to put together the documentation
relative to threshold. Group appear in a separate page and they can have
their own documentation. This is useful when a feature is splitted into
different files.
 14 years ago
Gerardo Iglesias Galvan c968ca0f85 Fix potential small issue with ftell and fseek 14 years ago
Gerardo Iglesias Galvan 44692c83aa Properly check retval for config and conversion function calls 14 years ago
Gerardo Iglesias Galvan 58f713254e Make sure return value of fgetc isn't truncated 14 years ago
Eric Leblond 277a384af7 Use already defined macro instead of integer 
Code was using a integer instead of the already defined macro.
 15 years ago
Victor Julien 3d60e9bfeb Clean up output. 15 years ago
Anoop Saldanha 82fd581b64 replace all sm lists (match, pmatch, dmatch, umatch, amatch, tmatch) with an array Signature->sm_lists[]. Replace all Signature->match instances in the engine with Signature->sm_lists[DETECT_SM_LIST_MATCH] 15 years ago
Anoop Saldanha f094523eb1 clang fix - some minor fixes for unittests 15 years ago
Pablo Rincon 6950537a76 Move rate_filter rule tracking data from Signature to Threshold context 15 years ago
Pablo Rincon 1ae36b9a6a Adding rate_filter support for threshold.config, multiline support and unittests 15 years ago
Gerardo Iglesias Galvan 9f4fae5b1a Fix inconsistent use of dynamic memory allocation 15 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 15 years ago
Pablo Rincon 3047135817 Moving inline functions to the .h files, so gcc can inline them correctly 15 years ago
Breno Silva 81abe635c8 Global Threshold config 15 years ago
Victor Julien 26e8a0a06a Cleanup global threshold code. 15 years ago
Breno Silva 67f2026279 Global Threshold config 15 years ago