aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,131 Commits
7 Branches
161 Tags
210 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b08a7b9a66'
${ noResults }
Commit Graph

686 Commits (b08a7b9a66d04f21241e8d1b75e0c6ff9ae69d8c)

Author SHA1 Message Date
Philippe Antoine 31dccd1171 modbus: do not claim to handle gaps 4 years ago
Sascha Steinbiss d541b3d4a8 rust: fix warnings with nightly 4 years ago
Philippe Antoine 9e7ea631b2 dns: improve probing parser 
Checks opcode is valid
Checks additional_rr do not exceed message length
Better logic for incomplete cases
 4 years ago
Philippe Antoine 6f03ee2e47 dcerpc: handles bigger inputs than 2^16 
By comparing integers with the largest size
 4 years ago
Philippe Antoine 7d0a39412b detect: use u32 for InspectionBufferMultipleForList 
So that we do not have an endless loop casting index to
u16 and having more than 65536 buffers in one transaction

Changes for all protocols, even ones where it is impossible
to have such a pattern, so as to avoid bad pattern copy/paste
in the future
 4 years ago
Philippe Antoine b3c1f2ab48 nfs: improve probing parser 
Checks credentials flavor is known
 4 years ago
Philippe Antoine 39575e2cc9 modbus: use ascii character classes while parsin rule 
As the rust regex crate is unicode aware, which was
not the case of the C version
 4 years ago
Philippe Antoine ef5755338f rust: SCLogDebug is real nop when built as release 
Before, even if there were no outputs, all the arguments
were evaluated, which could turn expensive

All variables which are used only in certain build configurations
are now prefixed by underscore to avoid warnings
 4 years ago
Victor Julien 20e8f90981 http2: set Debug on structs 4 years ago
Victor Julien 3587033d9e files: construct with default, free on drop 
Update protocols.
 4 years ago
Victor Julien d757545f03 files: implement default support 4 years ago
Philippe Antoine fdab22d924 rust: fix app-layer parser flags 
This especially allows for SSH bypass to work
 4 years ago
Jeff Lucovsky aa8871a5be rust/default: Enable Default usage 4 years ago
Jeff Lucovsky 6028ca7827 nfs: Rework constructs to use Self/Default 4 years ago
Jeff Lucovsky aafb0a60b7 dhcp: Rework constructs to use Self/Default 4 years ago
Jeff Lucovsky 1ef0bd580b dcerpc: Rework constructs to use Self/Default 4 years ago
Jeff Lucovsky 00167121dc dns: Rework constructs to use Self/Default 4 years ago
Jeff Lucovsky 02dccb1529 smb: Rework constructs to use Self/Default 
This commit modifies the constructors to use Self and/or
Default::default() when feasible
 4 years ago
Jeff Lucovsky f502f21f9e rust/default: Enable Default usage in SMB 4 years ago
Shivani Bhardwaj 581cb6223d dcerpc/udp: Add rust registration function 
Get rid of the C glue code and move registration completely to Rust.
 4 years ago
Shivani Bhardwaj d7007424bd dcerpc/udp: Change fn sign as per rust registration requirement 
Registering parsers in Rust requires signatures to be a certain way and
compatible with C. Change signatures of all the functions.
 4 years ago
Shivani Bhardwaj bac69af7e4 dcerpc: Add rust registration function 
Get rid of the C glue code and move registration completely to Rust.
 4 years ago
Shivani Bhardwaj a0a09a102b dcerpc: Change fn sign as per rust registration requirement 
Registering parsers in Rust requires signatures to be a certain way and
compatible with C. Change signatures of all the functions.
 4 years ago
Shivani Bhardwaj dee972b863 rust/core: Make AppProto type u16 4 years ago
Shivani Bhardwaj d66ad96f0d applayer/rust: add extern AppLayerProtoDetectPMRegisterPatternCSwPP 4 years ago
Victor Julien d7c3ecb6f9 http2: remove dead code 4 years ago
Philippe Antoine b3c502d572 http2: remove assertion which can be wrong 
Brotli decoder stops consuming input it it reaches the
end of its input
 4 years ago
Simon Dugas c2720fc2fb modbus: fix quantity and count calculation 
The [Modbus Spec S6.11](https://modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf)
clearly states that the `count = quantity / 8` and not the other way
around. This is fixed in sawp-0.5.0.
 4 years ago
Philippe Antoine 999327ba1f http2: http.cookie keyword now works for HTTP2 4 years ago
Philippe Antoine df039555bc http2: http.host.raw keyword now works for HTTP2 4 years ago
Philippe Antoine 1e82d0b3c8 http2: http.method keyword now works for HTTP2 4 years ago
Philippe Antoine 017e39d8fd http2: makes all HTTP1 header keywords work 4 years ago
Simon Dugas a8a51dc004 modbus: add eve logging 4 years ago
Simon Dugas 8342641477 modbus: move tests from c to rust 
Move tests in a seperate commit so that we can use the previous one for
regression testing. This also gets rid of the temporary glue that made
the C tests work with the rust implementation.
 4 years ago
Simon Dugas a458a94dca modbus: move from C to rust 
Adds a new rust modbus app layer parser and detection module.

Moves the C module to rust but leaves the test cases in place to
regression test the new rust module.
 4 years ago
frank honza f83d51d0cb ike: set event for multiple server proposals 4 years ago
Philippe Antoine ca6e434e0b ftp: completely parses pasv and epsv responses 4 years ago
Philippe Antoine 6fe8bce3b0 http2: have filecontainer for both directions 4 years ago
Jason Ish c7f44447c9 dns: remove flood protection purging 
It doesn't look like flood protection is required with the
stateless parser anymore. It actually can get in the way of TCP
DNS when a large number of requests end-up in the same segment
where a TX can get purged before it has a chance to go through
the normal TX life-cycle.
 4 years ago
Shivani Bhardwaj c663ac6ddd dcerpc/tcp: improve detection 
Lately, some of the TLS data was misdetected as DCERPC/TCP because of
the pattern |05 00|. Add more checks in DCERPC probe function to ensure
that it is in fact DCERPC/TCP.
 4 years ago
Philippe Antoine d2d0e0adc9 rust: remove exported unused functions 4 years ago
Philippe Antoine 6da9a37285 rdp: correctly returns incomplete in parse_tc 
Adding the already consumed bytes
In case an incomplete tls handshake is handled with/after
a refular rdp t123_tpkt
 4 years ago
Philippe Antoine 3de0123ffb http2: adds check about dynamic headers table size 4 years ago
Philippe Antoine 1ca4f041bb http2: pass data through when decompression fails 
as is done for HTTP1
 4 years ago
Juliana Fajardini c6a35d09b7 templates: fix typos 
- *template*files[ch][rs]: fix typos
- scripts/setup-app-layer: fix typos
 4 years ago
Jason Ish 6853bf98fb dns: only register a single logger 
DNS no longer requires a logger to be registered for to-client and
to-server directions. This has not been required with the stateless
design of the Rust DNS parser.
 4 years ago
Philippe Antoine 0105d4f017 rust: bump bitflags dependency version 
So that lexical-core, needed by nom, and using bitflags
is used with version 0.7.5 instead of version 0.7.0
which fixed the fact that BITS is now a reserved keyword
in nightly version
 4 years ago
Philippe Antoine cb150e97d0 kerberos: fix probing parser tag condition 
according to the comment
 4 years ago
Sascha Steinbiss e2dbdd7fd5 ikev1: add ikev1 parser 4 years ago
frank honza ecdf9f6b0b ikev1: rename ikev2 to common ike 
Renaming was done with shell commands, git mv for moving the files and content like
find -iname '*.c' | xargs sed -i 's/ikev1/ike/g' respecting the different mixes of upper/lower case.
 4 years ago