aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,935 Commits
7 Branches
155 Tags
198 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'af4085b77b'
${ noResults }
Commit Graph

6935 Commits (af4085b77b56cbb41496956e5b23184b4528a094)
 

Author SHA1 Message Date
Victor Julien 2b10b8374c cmdline: fix --list-keywords and --list-app-layer-protos 
Ticket #1840
 9 years ago
Victor Julien ed483b4e13 output: don't register loggers for disabled protocols 9 years ago
Victor Julien 01913f6a56 app-layer: add AppLayerParserIsTxAware 
This function globally checks if the protocol is registered and
enabled by testing for the per alproto callback:
StateGetProgressCompletionStatus

This check is to be used before enabling Tx-aware code, like loggers.
 9 years ago
Victor Julien f302a6cf86 output: fix debug messages 9 years ago
Victor Julien b73098e990 smb: style fix in log message 9 years ago
Victor Julien 3bb408940f af-packet: improve threads selection logic 
Only use RSS queue count when cluster_qm is used. Only use core count
when cluster_flow is used.

Use a local variable to simplify the check so that we don't have to deal
with the extra flags.
 9 years ago
Victor Julien da8f9c1896 lua: add smtp for detection 9 years ago
Victor Julien 928cb1eba9 lua output: expose smtp functions to output scripts 9 years ago
Victor Julien 7501bf744f lua: SMTPGetRcptList use position as key, not value 9 years ago
tobiass1 7581f5129f Lua: SMTP support; Addresses feature ticket #1775; v5 9 years ago
Victor Julien ff3baeee90 lua: support smtp tx logging 9 years ago
Victor Julien 5e4d071b76 lua-output: don't crash on script setup error 9 years ago
Victor Julien 3c59d60049 cuda: make sure we don't use cuda in proto detect 9 years ago
Victor Julien 4111331ab0 af-packet: minor cleanups 9 years ago
Victor Julien 402bdf9b2b af-packet: test if fanout is supported before use 
Older system may pretend they can support FANOUT but then fail to
work at runtime. CentOS6 is an example of this. It would fail to
start up with the default configuration with errors like:

[15770] 21/6/2016 -- 16:00:13 - (tm-threads.c:2168) <Notice> (TmThreadWaitOnThreadInit) -- all 4 packet processing threads, 4 management threads initialized, engine started.
[15785] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
[15785] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[15770] 21/6/2016 -- 16:00:13 - (suricata.c:2664) <Notice> (main) -- Signal Received.  Stopping engine.
[15787] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
[15788] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
[15786] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1907) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Coudn't set fanout mode, error Protocol not available
[15789] 21/6/2016 -- 16:00:13 - (flow-manager.c:693) <Perf> (FlowManager) -- 0 new flows, 0 established flows were timed out, 0 flows in closed state
[15787] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[15788] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[15786] 21/6/2016 -- 16:00:13 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error

This patch adds a test that if run before the number of threads
is determined. If the test fails, only 1 thread is created.
 9 years ago
Victor Julien ab65b6f83b netmap: fix coverity warning 1362789 
** CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
/src/runmode-netmap.c: 247 in ParseNetmapConfig()

________________________________________________________________________________________________________
*** CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
/src/runmode-netmap.c: 247 in ParseNetmapConfig()
241         strlcpy(aconf->iface_name, iface_name, sizeof(aconf->iface_name));
242         SC_ATOMIC_INIT(aconf->ref);
243         (void) SC_ATOMIC_ADD(aconf->ref, 1);
244
245         /* Find initial node */
246         netmap_node = ConfGetNode("netmap");
>>>     CID 1362789:  Null pointer dereferences  (FORWARD_NULL)
>>>     Comparing "netmap_node" to null implies that "netmap_node" might be null.
247         if (netmap_node == NULL) {
248             SCLogInfo("Unable to find netmap config using default value");
249         } else {
250             if_root = ConfFindDeviceConfig(netmap_node, aconf->iface_name);
251             if_default = ConfFindDeviceConfig(netmap_node, "default");
252         }
 9 years ago
Andreas Herz e9a2a341ce util-threshold-config: parse suppress rules with spaces in ip list 
This modified regex allows spaces witihn the ip list for supress rules
like [10.0.0.1, 10.0.0.2]
 9 years ago
Jason Ish f0e22c91cb privs: add capability CAP_SYS_NICE. 
Allows the setting of thread priorities after dropping privileges.
 9 years ago
Victor Julien 6045420812 detect: reduce verbosity, don't warn on empty files 9 years ago
Victor Julien 46ac5ed7b7 pfring: move output to 'Perf' level 9 years ago
Victor Julien 18de4c9654 offloading: work around missing TOE support 9 years ago
Victor Julien 9b80c21d78 offloading: distinguish between csum and the rest 
As AF_PACKET handles csum offloading don't check for this type of
offloading. Other methods like pcap and netmap do require it to be
turned off.

Improve disable command suggestion wording.
 9 years ago
Victor Julien 03d46f1369 offloading: reduce verbosity 9 years ago
Victor Julien 507027845d afpacket: update offloading warning 9 years ago
Victor Julien 45fa25eb0c offloading: improve checks on FreeBSD 
Move FreeBSD specific (but not netmap specific) checks from the netmap
code to the general ioctl wrapper code.

Warn from the check functions now, so callers no longer need to.
 9 years ago
Victor Julien 33f8769001 offloading: move linux specific into their own func 9 years ago
Victor Julien 54bc471810 offloading: check for more offloading on Linux 9 years ago
Victor Julien b1d191b478 netmap: fix enabling promisc mode on FreeBSD 
In FreeBSD setting the IFF_PROMISC flag has no effect. Instead we
need to set the IFF_PPROMISC flag.
 9 years ago
Victor Julien 6c7bf006b7 netmap: redo config parsing 
Normally we parse the config per interface only. But to properly
setup the bridge, netmap also needs the config of it's peering
interface. Instead of using a complicated peering scheme like in
afpacket, simply parse the peers config too.
 9 years ago
Victor Julien 0e9134930d changelog: update for 3.1 and add missing 3.1rc1 tickets 9 years ago
Andreas Herz d0baa83d2b util-runmode: pass initdata to runmode workers for nfqueue 
The VerdictNFQ was missing the initdata which results in a segfault
within CaptureStatsSetup. This commit adds the passing of the initdata.
 9 years ago
Victor Julien f7124b1149 afpacket: disable tpacket-v3 by default 
It's still considered experimental at this point.
 9 years ago
Victor Julien 66346e4632 libnet: work around older libnet type difference 
Older libnet 1.1.x have a non-const type for libnet_init's dev
argument.
 9 years ago
Victor Julien 9119007d00 pfring: no longer link against rt and numa libs 9 years ago
Victor Julien a88359dcf0 detect: get proper legacy custom values. Issue #1804 9 years ago
Victor Julien 5c974f92a8 livedev: shorten devname at registration 9 years ago
Victor Julien b673e14411 afl: fix various --afl-* options 9 years ago
Victor Julien d4f8445564 Update Changelog for 3.1RC1 9 years ago
Victor Julien e76b334f8d http body: fix compression tests 9 years ago
Victor Julien 5ec885e451 http: set of response body decompress limit 
This is a per personality setting.
 9 years ago
Victor Julien ed7dc0c6b3 unittest: minor cleanup 9 years ago
Victor Julien b313f8ca7b http: update compression mismatch test 9 years ago
Victor Julien 439b62fe69 configure: cleanup configure output 
Don't present missing spatch as a warning. Remove verbose libnet
warnings as well.
 9 years ago
Andreas Herz 36e4126227 detect-filemagic: fix heap-use-after-free 
This fixes the heap-use-after-free issue with sm being freed without
being removed from the signature (s) list. Move the protocol check for
rules with filemagic before the alloc and make the error log more
precise.
 9 years ago
Victor Julien a309598721 netmap: work around mtu error on iface+ settings 9 years ago
Victor Julien 648a69759b netmap: don't set more than 1 thread on sw ring 9 years ago
Victor Julien 86d44cea96 netmap: code cleanup 9 years ago
Victor Julien ffba26d04a configure: don't set -march=native for powerpc 9 years ago
Victor Julien 0b6171854d yaml: improve affinity defaults 9 years ago
Victor Julien b5633b9bfd affinity: small cleanups to output & code 9 years ago