aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,995 Commits
7 Branches
161 Tags
206 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c93073c246'
${ noResults }
Commit Graph

11995 Commits (c93073c246cfabb091270dba8eb55b0c6e17d67a)
 

Author SHA1 Message Date
Andreas Herz c93073c246 rules: add newer rule files to makefile for release tarball 4 years ago
Jeff Lucovsky 2893b04ab0 general: Typo cleanup 4 years ago
Jeff Lucovsky 02ceac8b8d detect/threshold: Improve threshold.config perf 
This commit improves performance when parsing threshold.config by
removing a loop-invariant to create a one-time object with the parsed
address(es).

Then, as needed, copies of this object are made as the suppression
rule(s) are processed.
 4 years ago
Jeff Lucovsky e873632a28 detect/threshold: Function to deep-copy thresh obj 
This commit adds a function to make a deep copy of a DetectThresholdData
object.

The function is used when parsing threshold.config items to make a
one-time object and then add copies as needed.
 4 years ago
Jeff Lucovsky 11f9cc6524 detect/address: Expose DetectAddressCopy function 4 years ago
Philippe Antoine 1ca4f041bb http2: pass data through when decompression fails 
as is done for HTTP1
 4 years ago
Jeff Lucovsky ef62761e8c threshold-config: Improve support for big IP lists 4 years ago
Juliana Fajardini c6a35d09b7 templates: fix typos 
- *template*files[ch][rs]: fix typos
- scripts/setup-app-layer: fix typos
 4 years ago
Juliana Fajardini 4748826dc7 scripts/setup-app-layer: fix Makefile.am patch 
adjust lines for patching /src/Makefile.am, as current generated
Makefile wasn't building Suricata.
Add suggestion to run "./configure" before running "make".
Add --logger and --parser options to examples.
 4 years ago
Jason Ish 877e5214b8 logging: removed unused logger IDs 
- pre-json dns logger
- unified2
- pre-json drop logger
 4 years ago
Jason Ish 6853bf98fb dns: only register a single logger 
DNS no longer requires a logger to be registered for to-client and
to-server directions. This has not been required with the stateless
design of the Rust DNS parser.
 4 years ago
Victor Julien b1fee90392 output/tx: add warning to avoid future bugs 4 years ago
Victor Julien 3cc3df2172 output/tx: move eof checks out of logging loop 4 years ago
Victor Julien b05bd058e9 app-layer: minor code cleanups 4 years ago
Victor Julien 1098e3b7c6 app-layer: remove conditional logic around API calls 
Remove logic that suggested some API calls could be conditional,
even though Suricata wouldn't even start up if they weren't
registered.
 4 years ago
Jason Ish 4d5d7b4bd3 eve/netflow: use generic json context 4 years ago
Jason Ish a68d50608b eve/flow: use generic json context 4 years ago
Jason Ish 67c4621bdb eve/ftp: use generic json context 
The FTP logger contained no extra data in its context so the
generic json context can be used.
 4 years ago
Jason Ish 2d78afe4b0 eve: refactor CreateEveHeaderWithTx to include common options 4 years ago
Jason Ish 06ba611667 eve cleanup: remove duplicate/redundant code 
The first change was to have CreateEveHeader add the common options
as this was left out in a few loggers. While update all the loggers
that use CreateEveHeader, remove redundant code, in particular
from loggers that don't need to use their own context but
can use the generic one.
 4 years ago
Jason Ish 64330498f8 eve/mqtt: fix mqtt logging with threaded eve 
Mqtt was not setting up a per-thread file context for logging
in threaded mode, leading a crash when used in threaded mode.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4404
 4 years ago
Jeff Lucovsky dd8eeb6353 general: Correct typos 4 years ago
Jeff Lucovsky 11ec61d0b4 thresholds: Improve validation of threshold.config 
This commit improves the handling of threshold.config. When used with
"-T", a non-zero return code occurs when the file cannot be validated.

To maintain legacy behavior, when "-T" is not used and threshold.config
contains one or more invalid lines, Suricata continues execution.
 4 years ago
Jeff Lucovsky cb03455c04 error: Add code for threshold config validation 
This commit adds a new warning code for threshold config file validation
failures.
 4 years ago
Eric Leblond a73b5f0ea5 eve/ike: restore common option logging 4 years ago
Philippe Antoine 2997be6707 sslv2: precise detection pattern with probing parser 4 years ago
Philippe Antoine e8415f249b fuzz: adds structure aware target 
so as not to fuzz libpcap
and generate structure aware signatures
 4 years ago
Philippe Antoine 0105d4f017 rust: bump bitflags dependency version 
So that lexical-core, needed by nom, and using bitflags
is used with version 0.7.5 instead of version 0.7.0
which fixed the fact that BITS is now a reserved keyword
in nightly version
 4 years ago
Philippe Antoine cb150e97d0 kerberos: fix probing parser tag condition 
according to the comment
 4 years ago
Jason Ish abb3cc85d5 install: better warning on install-full and don't fail 
If suricata-update is not available on "make install-full", don't
exit 1, instead give the reason why its not installed, but still
succeed the install.
 4 years ago
Victor Julien ae29804a28 github-ci: add libnet to ubuntu-20-04-cov-sv builder 4 years ago
Victor Julien 398ebf9345 eve/drop: use highest priority drop 
When adding the alert to a drop record make sure the add the highest
priority.

It would until now add all drops from high to low prio, effectively
overwriting the record each time.

Ticket #4397
 4 years ago
Victor Julien 6cf44fc839 detect/alert: apply pd only actions to flow 
Ticket #4394
 4 years ago
Victor Julien 6c594d29db detect/alert: minor code refactor 
Use a simpler reject check and move logic into util func.
 4 years ago
Victor Julien fbcdd2ec26 detect/iponly: don't check & set flow flags twice 
Per flow IP-only flags are checked and set by IP-only engine, so
no need to set/check them per alert.
 4 years ago
Victor Julien 55a0e29c8e eve/ike: gracefully handle renamed output config 4 years ago
frank honza ab59ef0d79 ikev1: add documentation for ikev1 4 years ago
Sascha Steinbiss 37940180a8 ikev1: add metadata to alerts 4 years ago
Sascha Steinbiss e2dbdd7fd5 ikev1: add ikev1 parser 4 years ago
frank honza ecdf9f6b0b ikev1: rename ikev2 to common ike 
Renaming was done with shell commands, git mv for moving the files and content like
find -iname '*.c' | xargs sed -i 's/ikev1/ike/g' respecting the different mixes of upper/lower case.
 4 years ago
frank honza ab6171c429 detect: added support for protocol-aliases 4 years ago
frank honza e9494ddd8f util: add function converting u8-array into a hex-String 4 years ago
frank honza b80cdae1df detect: add comparison-mode LTE/GTE for Detect(U32/u8)Data 4 years ago
Victor Julien c3075cba42 detect/analyzer: fix mpm display on payload only rules 4 years ago
Victor Julien 9dd1444f44 detect: suppress error message for pcre only rules 4 years ago
Victor Julien b55b327db1 detect/analyzer: suggest modern keywords 4 years ago
Victor Julien 57f7612ffd detect/analyzer: fix json output for warnings/notes 4 years ago
Victor Julien 018b9a0a8c detect/asn1: minor cleanups 4 years ago
Victor Julien 8b8cc697d5 detect/http-server-body: clean up test 4 years ago
Victor Julien 68f8b2f40f detect/icmp: reject invalid rules for icode/itype 4 years ago