suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	83b2c8abdb	Improve stateful uri detection code.	15 years ago
Victor Julien	e8fce5f7fa	Convert uricontent scanning to use the detect engine state.	15 years ago
Victor Julien	ba12f3c109	Applayer to flow fixes and cleanups.	15 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	15 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	15 years ago
Victor Julien	9f95ab7441	Make sure a stream that has a failing app layer inspection module no longer stops reassembly, but only app layer inspection. This way we can continue to inspect the reassembled stream.	15 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	15 years ago
Gerardo Iglesias Galvan	9f4fae5b1a	Fix inconsistent use of dynamic memory allocation	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Victor Julien	c3392b7c22	Fix checking for the stream GAP after the ssn ptr was initialized.	15 years ago
Victor Julien	9676273e6d	Kick out streams with gaps in them in the app layer parser until we add proper support.	15 years ago
Victor Julien	13e6c8035d	Make sure we don't leak memory on app layer protocols we detect, but don't parse. Fixed #132 . Thanks to Gurvinder Singh for pointing out where the issue was.	15 years ago
Pablo Rincon	f862de2ee6	Fixing some code reviews (Thanks to Steve Grubb)	15 years ago
Gurvinder Singh	8e444f1772	stream and application layer improvements	15 years ago
Victor Julien	3d7b882bde	Make sure all smsgs are handled every time, even in case or error. The fuzzer found an issue where unhandled messages remained in the queue leading to threading issues.	15 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Pablo Rincon	d0404d8447	Renaming errors with naming conventions	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Victor Julien	6a53ab9c5a	Stream engine memory handling update The stream engine memory handling needed updating as it didn't scale. Changes: - pools can now be initialized to size 0, meaning unlimited - stream engine uses a memcap setting. Sessions, segments and aldata is part of this, app layer state isn't. - memory is accounted using a global int that is spinlocked. - a counter for sessions that have not been picked up because of memcap was added. - all reassembly errors are converted to debug msgs.	16 years ago
Gurvinder Singh	356a8bf385	applayer uri match and modified http handling	16 years ago
Victor Julien	c352bff6fb	Remove unused conditional locking code from the app layer parsing code.	16 years ago
Pablo Rincon	705471e4ee	Adding single pattern matcher algorithms. If you cannot store a context for the patterns, use SpmSearch() macro. Adding unittests and stats	16 years ago
Victor Julien	cae8e06cb9	Properly lock app layer result pool and add some debugging code for memory tracking.	16 years ago
Gurvinder Singh	66cc392177	init b46	16 years ago
Victor Julien	4824868766	Application layer detection improvements - improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it. - add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.	16 years ago
Gurvinder Singh	d8433c7255	fixed-pool-error-and-tcp-state-transition	16 years ago
Victor Julien	ecf86f9c23	Rename to Suricata.	16 years ago
Victor Julien	18fe3818dc	Remove need_lock from app layer parsers.	16 years ago
Victor Julien	ba7e8012af	Add some debugging and simplify locking for app layer slightly.	16 years ago
Gurvinder Singh	fc2f7f29fa	app layer htp error handling and fixes for memory leaks and segv	16 years ago
Victor Julien	d388444ac3	Use updated mutex calls.	16 years ago
Gurvinder Singh	ad3e463974	updated error info ouput	16 years ago
Gurvinder Singh	1b39e602d0	fixed port info	16 years ago
Pablo Rincon	e26833be3f	Changing mutex/spinlocks/conditions naming types	16 years ago
Pablo Rincon	769022f4be	Adding support for Mac OS X, FreeBSD, centrailizing mutex/spins/conditions in a macro API, and some unittests	16 years ago
Gurvinder Singh	c1e485cc44	app layer error handling	16 years ago
Victor Julien	574bcea09d	initial version of better error checking/handling in the app layer code	16 years ago
Victor Julien	f1f7df0766	First iteration of doing app layer detection.	16 years ago
Gurvinder Singh	a16e7b7455	tls no reassembly support	16 years ago
William Metcalf	5fc3005103	added check for full al_parser_table	16 years ago
root	f3e3d3873f	fix smb and dcerpc unit tests	16 years ago
Victor Julien	4914d8d903	Small stream fixes.	16 years ago
Victor Julien	bcc5bbef93	Yet more logging api usage changes.	16 years ago
Victor Julien	91bc83e5c6	More logging API usage changes.	16 years ago
Victor Julien	b3cb29b758	Fix engine lockup due to mutex locking error.	16 years ago
Victor Julien	4170ec8955	Make locking of the flow optional in the app layer subsys so we can also pass locked flows to it.	16 years ago
Victor Julien	5ecd187b6f	Tie app layer parsing to the stream engine.	16 years ago
Victor Julien	b102ea2123	Big update: - Implement "closing" state in flow. - Add protocol specific timeouts. - Lots of stream tracking updates, fixing a lot of out of window issues. - Stream reassembly fixes. - Implement a new IDS runmode with 4 stream and detect threads. - Added a BUG_ON macro that aborts the engine if the expression is true. - Better balance the flow queue handler for traffic that doesn't have flow (like icmp currently). - Simplify application level protocol in the Tcp Session. - Add some debugging memory counters.	16 years ago
Victor Julien	086ba5f49b	Add 'BySize' field parser. Add stub tls parser.	16 years ago
Victor Julien	7715e8f0fc	Work around some Tcp session free issues in the app layer parsers.	16 years ago

1 2

56 Commits (9f0bf35cfdcf1c852922f31a0fd1df936afc0fb8)