Replace index by strchr and rindex by strrchr.
index(3) states "POSIX.1-2008 removes the specifications of index() and
rindex(), recommending strchr(3) and strrchr(3) instead."
Add index/rindex to banned function check so they don't get reintroduced.
Bug #1443.
As AC_SUBST doesn't expand to anything in the shell script, this
will generate a bad script on older versions of autoconf.
Change the logic to eliminate the possibility of an empty
if or else block.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3124
Get rid of enable-rust-debug flag and use enable-debug for acheiving the
desired functionality. From now, adding `--enable-debug` to `configure`
shall create an [unoptimitized + debuginfo] target. Rest behavior stays
the same.
Closes redmine ticket #3054
This define is used to remove reference to capture bypass in case
no capture method implementing this is active.
This patch also introduces CAPTURE_OFFLOAD_MANAGER that is defined
if we need the flow bypass manager code.
This change makes it possible to generate the eBPF programs even if
Suricata itself is built a different C compiler. It also simplifies
how the correct llc program is detected.
Implements Feature https://redmine.openinfosecfoundation.org/issues/2789
Date makes it even clearer that when was the last commit for the build
that one is running. Add this info alongwith rev. Change inspired by
rustc.
Before
```
$ suricata -V
This is Suricata version 5.0.0-dev (rev 2d217e666)
```
After
```
This is Suricata version 5.0.0-dev (2d217e666 2019-07-12)
```
Closes redmine ticket #3092
* added nss and nspr requirements for appveyor build
* added nss and nspr requirements for travis builds
* added travis build without nss and nspr
Signed-off-by: jason taylor <jtfas90@gmail.com>
- There is now an option to automatically create streams on the
correct NUMA node when using cpu affinity.
- When not using cpu affinity the user can specify streams to be
created in the suricata.yaml file. It is no longer required to
use NTPL to create streams before running suricata.
- The legacy usage model of running NTPL to create streams is still
available. This can be used for legacy configurations and complex
configurations that cannot be satisfied by the auto-config option.
* the lzma check during configure wasn't properly displaying the
additional information on how to install if --enable-lzma was passed
but lzma devel files were not present
* updated additional information blocks to include distribution
package names
* minor formatting updates to add quotes around variables
Signed-off-by: jason taylor <jtfas90@gmail.com>
Require distutils to install the Python tools. Update the logic
to only install suricatactl (and suricatasc) if Python and
distutils are found. Suricata-Update will only be installed if
bundled, and python-distutils and python-yaml are found.
When looking for Python, prefer "python3" over "python2" and
"python".
Also add information about the Python path and version to the
./configure summary.
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2808
Process multiple packets at nm_dispatch. Use zero copy for workers
recv mode.
Add configure check netmap check for API 11+ and find netmap api version.
Add netmap guide to the userguide.
Currently, if the user provides --enable-libmagic or
--disable-libmagic, libmagic will be disabled because $enableval is not
used to know if the user provided --enable or --disable
Most of the options have this issue so fix them all by using $enableval
Fixes:
- https://redmine.openinfosecfoundation.org/issues/2797
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
This is to prevent suricata-update from being installed if it
would otherwise be installed based on in being bundled, and
its dependencies being available.
Warn the user that Suricata-Update will not be installed if it
is bundled, but python-yaml is missing (this will also cover
the case where Python is missing).
Add "Install suricata-update" to the build summary. For consistency,
relable "Suricatasc install" as "Install suricatasc".
Remove 'experimental' label for Rust, and enable it by default if
rustc and cargo (and libjansson) are available.
Add rustc and cargo versions to the build-info.
If the data file can't be found in the default location, which
normally is 'default-rule-path', try to see if it can be found
in the path of the rule file that references it.
This makes QA much easier.
Move the rule file configuration down near the bottom of the
configuration file under advanced settings. With the bundling
of Suricata-Update, any rule file configuration within
suricata.yaml could be considered advanced.
Add extra comments to the yaml to make it more clear which was
enabled at installation time.
Enables IPS functionality on Windows using the open-source
(LGPLv3/GPLv2) WinDivert driver and API.
From https://www.reqrypt.org/windivert-doc.html : "WinDivert is a
user-mode capture/sniffing/modification/blocking/re-injection package
for Windows Vista, Windows Server 2008, Windows 7, and Windows 8.
WinDivert can be used to implement user-mode packet filters, packet
sniffers, firewalls, NAT, VPNs, tunneling applications, etc., without
the need to write kernel-mode code."
- adds `--windivert [filter string]` and `--windivert-forward [filter
string]` command-line options to enable WinDivert IPS mode.
`--windivert[-forward] true` will open a filter for all traffic. See
https://www.reqrypt.org/windivert-doc.html#filter_language for more
information.
Limitation: currently limited to `autofp` runmode.
Additionally:
- `tmm_modules` now zeroed during `RegisterAllModules`
- fixed Windows Vista+ `inet_ntop` call in `PrintInet`
- fixed `GetRandom` bug (nonexistent keys) on fresh Windows installs
- fixed `RandomGetClock` building on Windows builds
- Added WMI queries for MTU
Autoconf/automake and python setup.py don't play that well
together with out of tree builds.
Makes suricatasc not an autoconf input file, instead use the
defaults module that is already being created.
In the case of an out of tree build, copy the generated defaults.py
to the build directory manually.
Victor Julien
Philippe Antoine
Jason Ish
Shivani Bhardwaj
Fabrice Fontaine
Eric Leblond
Hilko Bengen
Bill Meeks
Andreas Herz
jason taylor
Jason Ish
Phil Young
Jacob Masen-Smith