aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,168 Commits
7 Branches
161 Tags
206 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c4d9cb02ec'
${ noResults }
Commit Graph

13168 Commits (c4d9cb02ec5521bf051ebef6d0fcd986b6cc3b51)
 

Author SHA1 Message Date
Philippe Antoine c4d9cb02ec util: better hex print function 
Without dangerous snprintf pattern identified by CodeQL
even if this pattern is not a problem in those precise cases,
it may easily get copy pasted in a dangerous place, so better
get rid of it and make CodeQL happy
 3 years ago
Philippe Antoine 6058792bee rust: make suricata context const 
So that it is read only and its pointers do not get modified
 3 years ago
Philippe Antoine 5a00acece2 ftp: remove temporary fields from state 
As input, input_len and direction only last for the scope of
one call of AppLayerParserParse, it is not necessary to keep them
in FtpState which lives longer, so we consume less memory.
 3 years ago
Philippe Antoine 6224e283fa modbus: bump up rust crate version 
So that probing parser is more strict and does not accept unknown
function code as valid modbus.

Ticket: #5377
 3 years ago
Jason Ish c8a5207083 detect: introduce "like" ip-only signature type 
Rules that look like they should be IP-only but contain a negated rule
address are now marked with an LIKE_IPONLY flag. This is so they are
treated like IPONLY rules with respect to flow action, but don't
interfere with other IPONLY processing like using the radix tree.

Ticket: #5361
 3 years ago
Philippe Antoine d5abaf0b38 decode: fix integer warning 
Newly introduced warning.
Regular cast as value is checked just before.

Ticket: #4516
 3 years ago
Philippe Antoine 717e51b7cf defrag: fix integer warnings 
Ticket: #4516
 3 years ago
Philippe Antoine 2d761810db rust: cbindgen first verifies existing bindings 
So as not to recompile every C file inclusing rust.h
 3 years ago
Philippe Antoine ced96a8aad detect: parsing avoiding infinite loop 
by comparing size_t to strlen result
Instead of uint16_t which would loop

Ticket: #5310
 3 years ago
Philippe Antoine 875eb58fb0 file: use functions on fd to avoid toctou 
Ticket: #5308
 3 years ago
Philippe Antoine ecb8dd4de0 util: check for unsigned overflow in rohash 
To make CodeQL happy
 3 years ago
Jason Ish adda8801d8 conf: remove ConfGetValue 
All uses of ConfGetValue are satisfied by ConfGet
 3 years ago
Philippe Antoine 5bd19135b0 util: remove malloc from streaming buffer config 
as it is unused
 3 years ago
dependabot[bot] 0dd7c23fa0 github-actions: bump actions/cache from 3.0.2 to 3.0.3 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](48af2dc4a9...30f413bfed)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 3 years ago
Andreas Dolp db73a12540 doc/tls: Add documentation for TLS logging 3 years ago
Andreas Dolp f42bb45ccd doc/tls: Remove redundant example 3 years ago
Andreas Dolp e9976a0e14 suricata.yaml.in: Fix default value of prealloc-sessions 3 years ago
Andreas Dolp 324f5ec10c doc: Add missing ")" in example 3 years ago
Andreas Dolp 32b39d054f suricata.yaml.in: Remove duplicate "with" in comment. 3 years ago
Andreas Dolp e4163c4e02 doc: Fix typos 3 years ago
Andreas Dolp 49bd6cfa5d doc: Fix broken link 3 years ago
Philippe Antoine 284ad462fc output: adds schema.json 
Ticket: #1369
 3 years ago
Victor Julien ebf0629615 log-pcap: remove tunnel locks 
The tunnel lock mutex only "protects" the tunnel synchronization,
not the packet data, length or datalink fields.
 3 years ago
Victor Julien e7ab96c389 nflog: fix datalink compile issue 3 years ago
Juliana Fajardini 43d28f251f util/action: convert unittests to FAIL/PASS API 
Task #5371
 3 years ago
Juliana Fajardini 9b9b6aa2ce util/action: unittests clean-up (to sv tests) 
Removing all unittests that work better as suricata-verify tests.

Task #5371
 3 years ago
Victor Julien 4ed6c928aa unittest: minor helper cleanup 3 years ago
Victor Julien 41b5364511 detect/parse: cleanup test 3 years ago
Victor Julien a437dde739 detect: parsing test cleanups/improvements 3 years ago
Victor Julien e738b10e23 host-os-info: add test to show mixed ipv4/ipv6 3 years ago
Victor Julien f3d887310c rule/vars: clean up tests 3 years ago
Victor Julien 1b65af2867 detect/iponly: minor code cleanup 3 years ago
Victor Julien beecc1890f detect/iponly: include postmatch in determination 3 years ago
Victor Julien 4b097460c2 detect/iponly: simplify handling of 'any' parsing 3 years ago
Victor Julien ffef10c5d7 detect: address parsing variable rename to match code style 3 years ago
Victor Julien 51ef6f4e3a detect/iponly: remove unused code 3 years ago
Juliana Fajardini 6ccc01a79c rust: fix doc comments that trigger rust warnings 
Rust generates warnings that are treated as errors for documentation
blocks before `extern` blocks.
 3 years ago
dependabot[bot] fbbf23b930 github-actions: bump ossf/scorecard-action from 1.0.4 to 1.1.0 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](c1aec4ac82...5c8bc69dc8)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 3 years ago
Victor Julien f4f63ebff8 stream: add packet header outside of lock 3 years ago
Victor Julien 419920288c log/pcap: open handles outside of lock 3 years ago
Scott Jordan c751c45850 log/pcap: add buffer timeout 
Set timeout for pcap log so that packets do not sit
in buffer. Set default to one second.
 3 years ago
Scott Jordan 2bf3172dd1 stream: memcap tracking for TcpSegment alloc 3 years ago
Eric Leblond 47a5e6356d log/pcap: handle case of multiple link types 3 years ago
Eric Leblond 2c2fc6cd91 flow: set datalink for pseudo packet 
Set pseudo packet datalink to the global one. This fixes the case
where the pcap handle is open with information coming from a
pseudo packet. Without this, we did end up in most cases with
an Ethernet packet being written in a Raw pcap.
 3 years ago
Eric Leblond 1c2fba57f8 suricata: introduce global linktype 
As Suricata is not supporting pcap-ng we have to stick with one single
datalink type for the capture if ever we want to do pcap logging.
Assuming this, this patch introduces a function to set the link
type globally. This will be used with pcap conditional logging
to get the logging of TCP segments with the correct link type.
 3 years ago
Eric Leblond 584136ecb7 log/pcap: log segments for pseudo packets 3 years ago
Eric Leblond 8f0ef48e82 log/pcap: fix conditional pcap in tag mode 
We were missing the first packet when using condition pcap logging
in tag mode as it was not tagged. As a result we were not getting
the stream data triggering the alert in the pcap file.
 3 years ago
Eric Leblond 9f4d59b3f7 detect/tag: add a tag for first packet 
We may need to know that a packet has been tagged but is the
first one (and thus is not tagged).
 3 years ago
Scott Jordan 6cfc3343e7 log/pcap: dump segments of both sides of tcp session. 
This patch updates tcp segment dumping to dump segments
from both sides of the session in order when capturing
alerts and tags.
 3 years ago
Eric Leblond 6f06f7c22c doc: add info about capture_file key 3 years ago