suricata

Commit Graph

Author	SHA1	Message	Date
Eric Leblond	9e54819121	yaml: suppress old variable in pfring section.	13 years ago
Eric Leblond	d492683aa4	autotools: error on autoreconf is an error	13 years ago
Eric Leblond	adbf85c4a9	autotools: fix detection with clang This patch improve detection of type of nfq_get_payload() by only converting to error the warning we have when using the wrong type.	13 years ago
Eric Leblond	e0ddcdd194	autotools: rename configure.in to configure.ac configure.in is deprecated since long and will be replaced by configure.ac. For more information, see: http://lists.gnu.org/archive/html/automake/2012-08/msg00023.html	13 years ago
Eric Leblond	452d3c4308	tm-thread: exit loop if suri want to quit	13 years ago
Eric Leblond	f389a1201f	tm-thread: run thread init function sequentially. On some setup you want to run each thread init function sequentially. For example, if I use flow_cpu load balancing on AF_PACKET, my target is to have CPU 0 (first socket in the group) to be link with the thread 0 in detect cpu set (first thread to be initialised). A good way to achieve this is to run only one thread init function at a time to avoid any possible race condition.	13 years ago
Victor Julien	e28835af91	Update Changelog to include 1.3.1 changes.	13 years ago
Victor Julien	f1b6f7a9e6	rule analyzer: make analyzer aware of http_user_agent pcre flag /V.	13 years ago
Victor Julien	e737e2dc56	http: after path double decoding, also normalize the path again. #504 .	13 years ago
Victor Julien	e839cea9e5	Http: don't double decode URI path and query by default. Instead add per server options to enable double decoding for both cases. #464 #504 .	13 years ago
Victor Julien	e0bfcb7dde	Only set SIG_FLAG_REQUIRE_STREAM if signature inspects TCP.	13 years ago
Victor Julien	bd6b865473	rule analyzer: fix fast pattern analyzer reporting wrong filename (same as rule analyzer).	13 years ago
Eric Leblond	11c3167583	stream-tcp: no checksum alert if validation is off This patch disables checksum alert if checksum-validation is set to no in the configuration file. Without this patch, when parsing a pcap which checksum offloading, it was not possible to get rid of event caused by checksum validation.	13 years ago
Victor Julien	c51a3aad17	stream: handle case where Suricata sees 3whs-ACK but server doesn't. Bug #523 .	13 years ago
Victor Julien	5cc8a09257	stream: fix unittest broken by new flags handling.	13 years ago
Victor Julien	ad827ad030	http: add more decoding unittests.	13 years ago
Victor Julien	4c6fd7ad4c	Bug #510 . Produce error if max-pending-packets is higher than 65534.	13 years ago
Victor Julien	6841171882	profiling: fix 'match' counter sometimes not incrementing. #460 .	13 years ago
Victor Julien	f9cde717e7	Use SCFree instead of free in DER decoder.	13 years ago
Victor Julien	c44f4c13fc	stream: improve TCP flags handling	13 years ago
Eric Leblond	09e709d1c5	af-packet: fix reconnect code Reconnect code was in a "work by luck" stage as we did not update the socket number after reconnect.	13 years ago
Anoop Saldanha	64fad5b36e	Update fast_pattern engine to not use negated content as fast_pattern if we have non-negated content in the sig. Noticing a good spike in perf with et_pro ruleset. Thanks to Will Metcalf for the suggestion.	13 years ago
Anoop Saldanha	fe4c66461f	bug #466 - Updated getticks() to serialize execution of rdtsc with cpuid	13 years ago
Anoop Saldanha	41bb3b95f9	bug 508 - List (ack \| cwr \| ecn) combination to be accepted by our stream engine. This isn't a perfect solution. More like we have patched this for the case we are in tcp's established state. The right solution would be to accept states based on the presence(using operator OR) of certain flags in the tcp header, rather than list out all possible flag combinations.	13 years ago
Anoop Saldanha	1c41672f5e	invalidate sigs if depth > content_length	13 years ago
Eric Leblond	8ebc625711	tls: fix keyword regular expression Space, dash and comma are valid.	13 years ago
Eric Leblond	a369f8c359	af-packet: loop on ring if there is data to read. This patch should bring some improvements by looping on the ring when there is some data available instead of getting back to the poll. It also fix recovery in case of drops on the ring because the poll command will not return correctly in this case.	13 years ago
Eric Leblond	4df509f87a	defrag: use IP ID in hash This patch fixes the collision issue observed on an intensive network trafic. When there is fragmentation it is the case for all data exchanged between two hosts. Thus using a hash func only involving IP addresses (and protocol) was leading to a collision for all exchanges between the hosts. At a larger scale, it was resulting in a packet loss. By using the IP ID instead of the protocol family, we introduce a real difference between the trackers.	13 years ago
Victor Julien	a5587fec2e	flow: remove unused prune-flows option	13 years ago
Anoop Saldanha	bf6cd48259	if a sig's set as stream sig only, don't updated it as both stream and pkt sig if offset/depth's present bug #495 - update rule analyzer to not warn on offset_depth-tcp_pkt update if sig is stream only bug #497 - rule_warnings fixed	13 years ago
Anoop Saldanha	b2f589527a	Set thread name Suricata-Main for main thread and LiveRuleSwap for live swap thread	13 years ago
Anoop Saldanha	a0bce6362e	bug 499 - update host os info enum map to use - instead of _ + add new unittests	13 years ago
Anoop Saldanha	7833883a8f	bug #496 - don't warn about offset/depth for packet sigs	13 years ago
Victor Julien	d8356c5ebd	Windows build and other misc fixes.	13 years ago
Victor Julien	2295777691	Update changelog for 1.3 release.	13 years ago
Eric Leblond	a3465fb971	Rename 'worker' running mode to 'workers' This patch renamed the 'worker' running mode into 'workers'. Thus, there is only one name in Suricata for the same thing. Backward compatibility is ensured by replacing "worker" by "workers" when the old name is used. A warning is printed in the log when the old name is used.	13 years ago
Anoop Saldanha	34f0897163	check if all packets are processed before disabling detect threads + kill all threads <= detect after FFR + other minor fixes	13 years ago
Victor Julien	be5fed869d	conf api: remove dead code	13 years ago
Victor Julien	c2e484ae88	rule analyzer: fix detecting stream match	13 years ago
Anoop Saldanha	946a9ece32	rule analyzer updated for sigs with offset/depth set + alproto set	13 years ago
Anoop Saldanha	960d421f9d	Update SigValidate() to allow http keywords to be specified in the right flow direction	13 years ago
Eric Leblond	ac092197b4	autotools: pthread deps is needed on ubuntu. It is weird but adding pthread in needed on ubuntu 1204.	13 years ago
Victor Julien	9f3e079bcf	Make live reloads optional and disabled by default.	13 years ago
Victor Julien	9d2e17fa98	stream: don't NULL dereference p->flow->protoctx in StreamTcpReassembleDepthReached	13 years ago
Victor Julien	43c7fd7585	file inspection: improve logging when stream.depth limit is reached. #493 .	13 years ago
Victor Julien	79d5ef3707	Improve warning if prelude output is selected but support not compiled in. #320 .	13 years ago
Victor Julien	e7b36051de	Improve pktvar keyword parsing and error handling.	13 years ago
Victor Julien	2179ac2595	Minor fixes for coverity issues.	13 years ago
Victor Julien	c4e5e1482e	Fix detect tag error handling.	13 years ago
Victor Julien	d840308ae2	file detect: improve cleanup	13 years ago

1 2 3 4 5 ...

3365 Commits (9e54819121ea5c9982e015011c6514408dd00343) All Branches Search

3365 Commits (9e54819121ea5c9982e015011c6514408dd00343)

All Branches