suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	0b3220a0df	detect: improve inspect buffer handling Fix and Optimize cleanup. For the simple single inspect buffer optimize the cleanup by keeping track of the actually used buffers. This avoid looping over unused buffers. Fix the case of cleaning not being done after a tx if the next tx is also inspected in the context of the same packet. Fix cleanup of the multi-inspect buffers. Optimize in 2 ways. First like with single keep track of which multi-inspect buffers have been used. Second, keep a max of the buffers within a multi-inspect buffer. Use this max to limit (nested) looping.	7 years ago
Victor Julien	d3e5c15995	detect/template: move test to own file in src/tests/	7 years ago
Victor Julien	1bb8fcecec	detect/template: switch to v2 API, add MPM	7 years ago
Victor Julien	234d113838	detect/template: clean up unittest	7 years ago
Victor Julien	d14e51a4aa	detect/content: pass START/END flags to inspection	8 years ago
Victor Julien	05d3a4db90	template: minor updates Merge inspect engine into keyword	8 years ago
Victor Julien	ab1200fbd7	compiler: more strict compiler warnings Set flags by default: -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wcast-align -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char Fix minor compiler warnings for these new flags on gcc and clang.	8 years ago
Victor Julien	d304be5bc3	detect: register progress in inspect engines Register required progress so we can stop inspecting as soon as the progress isn't far enough yet.	8 years ago
Victor Julien	dfac5276b8	detect: remove unused SIGMATCH_PAYLOAD flag	9 years ago
Victor Julien	8bd1422948	detect: detect engine registration cleanup	9 years ago
Victor Julien	40851eecf0	template: dynamic buffer	9 years ago
Victor Julien	f370e88135	detect: move init only Signature members to init_data	9 years ago
Victor Julien	8a0bea872c	template_buffer: register inspect engine from keyword	9 years ago
Giuseppe Longo	675fa56497	app-layer: add ThreadVars to AppLayerParserParse To be able to add a transaction counter we will need a ThreadVars in the AppLayerParserParse function. This function is massively used in unittests and this result in an long commit.	9 years ago
Victor Julien	6530c3d0d8	unittests: replace SCMutex* calls by FLOWLOCK_*	9 years ago
Victor Julien	9030e89c94	detect: don't set alproto while registering keyword The field is not used except for some printing, and is wrong for many keywords.	9 years ago
Jason Ish	e878dd2231	app-layer templates: cleanups - cleanup file headers - add todo section - convert unit tests to new macros - add markers to remove disabled by default behaviour	9 years ago
Jason Ish	796dd5223b	tests: no longer necessary to provide successful return code 1 pass, 0 is fail.	9 years ago
Jason Ish	9697a09d21	template app-layer: disable if not in config file (default) Unlike other app-layer protocols which are enabled by default, disable this one by default as it likely shouldn't be enabled in production use of Suricata.	10 years ago
Jason Ish	06beca62f5	app-layer: template for application layer content inspection	10 years ago

20 Commits (8ca9c0e8f04598ebcbe72bafce1512b8fe2f554a)