9348 Commits (9cce1995efd431a281b350565483636dbc83007e)

 

All Branches   

Search

Author	SHA1	Message	Date
Mats Klepsland	a8347e1bc2	app-layer-ssl: fix flow and inspection bypass for TLSv1.3	6 years ago
Mats Klepsland	3b73b7d542	app-layer-ssl: add 0-RTT support for TLSv1.3	6 years ago
Mats Klepsland	23993c18cd	app-layer-ssl: decode early data extension in ClientHello record ... Decode early data extension used by 0-RTT that is used to indicate that application data will be sent right after the ClientHello record.	6 years ago
Mats Klepsland	7556004a51	app-layer-ssl: use extension length when decoding extensions ... Pass extension length to functions decoding extensions, instead of passing the length left in the record. This enables us to also decode empty extensions.	6 years ago
Mats Klepsland	ee1de4c812	app-layer-ssl: handle all versions above TLSv1.2 as TLSv1.3 ... This makes it more likely to log custom versions of TLSv1.3 that doesn't comply with the draft version numbering.	6 years ago
Victor Julien	31b87d5f8f	tls: remove debug printfs	6 years ago
Mats Klepsland	16643befe7	detect-tls-ja3-hash: add another unit test ... Add unit test that covers the JA3 bug in TLS extensions decoding.	6 years ago
Mats Klepsland	fc53b2ecd5	app-layer-ssl: fix JA3 bug in TLS extension decoding	6 years ago
Mats Klepsland	89bd274f44	app-layer-ssl: fix JA3 bug in TLS version decoding	6 years ago
Victor Julien	215e37a9c0	capture: multidev is not experimental	6 years ago
Victor Julien	631ee383bb	flow/stream: 'wrong thread' as stream event & counter ... Set event at most once per flow, for the first 'wrong' packet. Add 'tcp.pkt_on_wrong_thread' counter. This is incremented for each 'wrong' packet. Note that the first packet for a flow determines what thread is 'correct'.	6 years ago
Victor Julien	588a56c8ba	smtp: fix clang -Wunreachable-code warning ... app-layer-smtp.c:756:12: error: will never be executed [-Werror,-Wunreachable-code] return 0; ^ 1 error generated.	6 years ago
Victor Julien	17e7d179d0	profiling/csv: update output format ... Update output to be: pcap_cnt,total,receive,decode,flowworker,threading,proto detect,flow, stream,app-layer,detect,tcp-prune,loggers,<detect stages>,<loggers> For TCP, the app-layer cost is not part of stream anymore.	6 years ago
Victor Julien	85f2486e0b	multi-tenant: document per tenant settings	6 years ago
Victor Julien	6781146556	test mode: parse interface list in test mode	6 years ago
Victor Julien	77c7cf0211	windivert: fix whitespace issue	6 years ago
Victor Julien	b86e176262	af-packet: suppress noisy info message	6 years ago
Victor Julien	d6460392c5	detect/transforms: fix doc urls	6 years ago
Victor Julien	3ba2c9fba7	pfring: multiple receive threads is not experimental	6 years ago
Victor Julien	57921d95d6	eve: improve error handling for Rust loggers ... Give useful warning message if Rust is not compiled in.	6 years ago
Victor Julien	24b18e47bd	pfring: minor cleanups	6 years ago
Victor Julien	4f84672d7c	stats: decoder/stream events as stats	6 years ago
Victor Julien	014056f686	detect/analyzer: add detection for sigs that could use http keywords	6 years ago
Victor Julien	127937b2dd	detect/analyzer: add debug statements	6 years ago
Victor Julien	c05459ce89	detect/analyzer: fix json analyzer being called on incomplete rules	6 years ago
Victor Julien	c62273f4fd	rust/smb: silence noisy debug messages	6 years ago
Victor Julien	6c97909a92	stream/events: log as stats	6 years ago
Victor Julien	fa06879563	detect/events: cleanup keyword	6 years ago
Victor Julien	5afeebf884	doc/flow: updates and cleanups to flow section	6 years ago
Victor Julien	2ae8d1a208	cocci/detect: add flags check to SigTableElmt	6 years ago
Victor Julien	ecb5d6419b	rules/transform: add to list-keywords	6 years ago
Victor Julien	72dd4a5f92	doc/rules: initial transforms documentation	6 years ago
Victor Julien	226fe5cab3	doc/performance: redo runmodes explanation	6 years ago
Victor Julien	17e2d39531	doc/install: update Rust info in generic install overview	6 years ago
Victor Julien	473688746b	doc/eve: add community id	6 years ago
Mats Klepsland	81cdcd315b	detect-ssh-software: fix url for keyword	6 years ago
Mats Klepsland	08efbdc632	detect-ssh-software-version: add description and url to keyword	6 years ago
Mats Klepsland	f4da3050f2	detect-ssh-proto-version: add description and url to keyword	6 years ago
Mats Klepsland	c58252bb3b	detect-ssh-proto: fix url for keyword	6 years ago
Mats Klepsland	e92fda37c9	doc: add documentation for SSH keywords	6 years ago
Victor Julien	fd13970bfa	changelog: update for 4.1rc2	6 years ago
Victor Julien	083908f3be	rust/ike2: free destate on tx free ... Bug #2604	6 years ago
Jason Ish	6f00ba0659	rust: fix (again) out of tree builds ... As the generated Cargo.toml is shipped as part of a release tarball, build from the source directory but set the cargo CARGO_TARGET_DIR to the build directory.	6 years ago
Pascal Delalande	64922a476e	doc: remove deprecated force-md5 flag from userguide	6 years ago
Travis Green	576b3b6a81	Added new classifications to classification.conf ... Added classifications from rule-writing community feedback.	6 years ago
Victor Julien	daaa90d515	rust/smb: suppress noisy messages	6 years ago
Victor Julien	c4d8508f51	eve/json: introduce community flow id ... Add support for community flow id, meant to give a records a predictable flow id that can be used to match records to output of other tools. Takes a 'seed' that needs to be same across sensors and tools to make the id less predictable.	6 years ago
Victor Julien	e956b484c5	eve/json: handle common options in central function	6 years ago
Victor Julien	df1ec82b55	eve/json: move common settings into it's own struct	6 years ago
Victor Julien	116c03cf17	nfs: use common json output structures	6 years ago