aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,095 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a3e2b35536'
${ noResults }
Commit Graph

76 Commits (a3e2b355369849aaff54d1273a8b7839b20e58af)

Author SHA1 Message Date
Victor Julien a3e2b35536 Add configure check for new htp 0.2.5 uri normalize hook. 14 years ago
Victor Julien 38a7d1777f Bump version to 1.1beta2 14 years ago
Eric Leblond 4e9231266a Compilation fix for OpenBSD and win32. 
This patch fixes compilation on OpenBSD platform. It is running
fine on a pcap file. The patch should also fix compilation on
WIN32 platform but this is not tested.
 14 years ago
Eric Leblond 0044bb221b Add suricata unittests to 'make check' 
This patch adds a run of suricata's unittests to 'make check'
 14 years ago
Eric Leblond 7c841e1d7c Add coccinelle check to 'make check' 
This patch adds coccinelle checking to the autotools
'make check'.
 14 years ago
Victor Julien c9f9e3f9a4 Add configure check for signed or unsigned nfq_get_payload, adapt code. 14 years ago
Eric Leblond 2600d203cc Fix typo in configure.in 
Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 1e600c1054 source-nfq: add simulated non-terminal NFQUEUE verdict 
This patch adds a new mode for NFQ inline mode. The idea is to
simulate a non final NFQUEUE rules.
This permit to do send all needed packets to suricata via a simple
FORWARD rule:
    iptables -I FORWARD -m mark ! --mark $MARK/$MASK -j NFQUEUE
And below, we have a standard filtering ruleset.

To do so, suricata issues a NF_REPEAT instead of a NF_ACCEPT verdict and
put a mark ($MARK) with respect to a mask ($MASK) on the handled packet.

NF_REPEAT verdict has for effect to have the packet reinjected at start
of the hook after the verdict. As it has been marked by suricata during
the verdict it will not rematch the initial rules and make his way to
the following classical ruleset.

Mode, mark and mask can be configured via suricata.yaml file with the
following syntax:
   nfq:
     repeat_mode: (false|true)
     mark: $MARK
     mask: $MASK
Default is false to preserve backward compatibility.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 72ec56ab23 source-nfq: autodetection of queue max length function 
Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Victor Julien 627c02e300 Use a different way of getting a short git rev that is compatible to older git versions. 14 years ago
Victor Julien e3bde3e95d Add a simple revision based on the git rev to the version number, like a build number. 14 years ago
Victor Julien 96ec2a76c6 Update version to 1.1beta1 14 years ago
Victor Julien 99ad338e91 Bump version to 1.0.2 15 years ago
Victor Julien 610b7702ba Bump version to 1.0.1 15 years ago
William Metcalf 9f1d779a28 pkg-config detection added to configure.in added to install doc except for OSX 15 years ago
Victor Julien a4951286e9 Bump version to 1.0.0 15 years ago
Victor Julien 1fb11e939a Improve configure messages. Make sure CUDA doesn't try to process packets that are too big. 15 years ago
Victor Julien e685579231 Add optional structure validation code. 15 years ago
Victor Julien 1dbbdce0be Add a -fno-tree-pre to our CFLAGS as it breaks the ringbuffers on Ubuntu 9.10/64 bit. 15 years ago
Jason Ish 9222386377 On Mac, don't use -march=native by default unless using gcc >= 4.3. 15 years ago
Victor Julien 26f69aa3a6 Bump version to 0.9.2. 15 years ago
William Metcalf 9f0bf35cfd Set -std=gnu99 CFLAG always and Use -march=native by default if supported by installed version of gcc 15 years ago
Jason MacLulich 835630efbd Add initial support for reading packets from a DAG card, we only support reading from a single stream at this time. 
Use the --dag <dagname> cmd line option to specify from which DAG card to read pkts
from.

Issue at the moment with pkts being ejected during shutdown -- at the moment we
ignore any packets that are not of link type Ethernet.
 15 years ago
William Metcalf e07e9e16ae Updates to allow for disabling options based on Pierre Chifflier's patch 15 years ago
Pierre Chifflier 4e84ffe2ea Fix autoconf code for Prelude option (Fix: #175) 
Third and forth arguments of AC_ARG_ENABLE are the actions to be done
if option was specified (respect. not given), NOT if option
is true (false).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 15 years ago
Jason Ish a098e39bed Display configuration summary at the end of ./configure. 15 years ago
William Metcalf 9ce1399db8 Add option for setting pcap buffer size if it is available 15 years ago
Victor Julien c73e9318b0 Bump version 0.9.1. 15 years ago
William Metcalf d0b23100d7 patch to configure.in for libhtp minimum version detection via PKG_CHECK_MODULES 15 years ago
Jason Ish 18e5ac8cde Basic rule profiling even though the results may be skewed by a bad rule in a grouping of rules. 15 years ago
William Metcalf 7d63fbdaea small CentOS 4 workarounds 15 years ago
Victor Julien bca75f6255 Bump version to 0.9.0. 15 years ago
Victor Julien 070ed778b8 Libcap-ng support by Gurvinder Singh and myself. Basic support for per thread caps is added, but not activated as it doesn't seem to work yet. Work around for incompatibility between libnet 1.1 and libcap-ng added. 15 years ago
Jan Jezek 366671a8ce Added inline mode support on Windows 15 years ago
Victor Julien 27bff56cd7 Bump version to 0.8.2 15 years ago
Jason Ish 12962c5969 ./configure option, --enable-unified-native-timeval to have unified outputs use a native timeval to be compatible with unpatched barnyard 1 on 64 bit systems. 15 years ago
Gerardo Iglesias Galvan 9f35a24a1f Set threads name. Fix bug #83 15 years ago
William Metcalf 3678dda185 libnet now optional 15 years ago
root ddf995da3b pfring support lb type, and now uses logging subsys 15 years ago
William Metcalf 260d0d7673 Steve Grub fixes... Thanx Steve! 15 years ago
William Metcalf 0fe4373b67 Rolled back to 0.2.x branch renamed htp to libhtp 15 years ago
William Metcalf f7111f3847 import of integrated htp lib and small libnet fixes 15 years ago
Jan Jezek fe6a72befc Code is now compilable on the Win32 platform 15 years ago
Victor Julien d281a6b8ac CUDA build system support & compile fixes 
- add configure support for CUDA
- make sure all code compiles if CUDA is disabled
- fix compiler warnings
 15 years ago
Pierre Chifflier eb33dc163f Prelude plugin: add detection in configure script 
Add the --enable-plugin option to configure script (disabled by default).

Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
 15 years ago
Nick Rogness 2b7b78f1bf Intial IPFW support FreeBSD and OSX 15 years ago
William Metcalf 22f3e3d818 added configure option for enabling march=native gcc 4.2 and later 15 years ago
Steve Grubb f853da7940 Get make distcheck working 
Hello,

Below is a patch that gets "make distcheck" working. Its against the
current code in git. The project version was set to 0.1 in configure,
I changed that to 0.8.1 just so its actually relevant. You might want
to set that to something else.

After checking this patch, I find that there are several source code
files in src/ that are not getting compiled:

-app-layer-detect.c
-app-layer-detect.h
-app-layer-http.c
-reputation.h

Are these new or abandoned? Anyways...here's the patch.

-Steve
 15 years ago
Victor Julien 42e8a01221 Make sure pcre PCRE_EXTRA_MATCH_LIMIT_RECURSION check works with strict compiler settings. 15 years ago
William Metcalf 5bde121754 --enable-gccprofile sets -pg flag detect presence of pcre recursion 15 years ago