aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,903 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd3c0135eec'
${ noResults }
Commit Graph

6903 Commits (d3c0135eec796e1f934348dc96df3fe6c4d2f8ce)
 

Author SHA1 Message Date
Victor Julien f55dbca57b yaml: make eve log in yaml depend on libjansson 9 years ago
Victor Julien df6f9269ec yaml: improve capture comments 9 years ago
Victor Julien 766bc95e3c yaml: move classification etc below the rules 9 years ago
Victor Julien 1b4e1ea389 yaml: new defaults for outputs 
Enable eve.flow, disable plain http.log.
 9 years ago
Victor Julien 4d056912d3 yaml: file logging at info level 9 years ago
Victor Julien cb47c2f682 yaml: improved defaults and misc cleanups 9 years ago
Victor Julien ea7923cc81 yaml: add performance tuning section 9 years ago
Victor Julien 6d7b4c81e3 yaml: more reshuffling 9 years ago
Victor Julien a6a69f0099 yaml: create advancted sections 
Sections for advancted detection settings and traffic tracking and
reconstruction.
 9 years ago
Victor Julien d79c95dded yaml: add hw accel section, move cuda there 9 years ago
Victor Julien 8fae138d3b yaml: add netfilter section 9 years ago
Victor Julien 056f88b458 yaml: move outputs to the logging step 9 years ago
Victor Julien 11e6809d55 yaml: introduce 'advanced settings' 9 years ago
Victor Julien c5ca642a28 yaml: move app layer up 9 years ago
Victor Julien c160f78758 yaml: move afpacket, pcap, pcap-file up 9 years ago
Victor Julien d48098f189 yaml: move logging up 9 years ago
Victor Julien c949668863 yaml: move rules up in the file 
Also disable decoder and stream events by default, as they are too noisy
in a untuned environment.
 9 years ago
Victor Julien a9cea53e62 yaml: move vars to the top 9 years ago
Victor Julien 093ecf4798 logging: clean up at shutdown 9 years ago
Victor Julien c1f679d3f3 flow worker: move UDP app-layer into main function 
This way it's more clean what happens and we can profile it.
 9 years ago
Victor Julien e09643c396 flow worker: profiling 
Previously the detect and stream code lived in their own thread
modules. This meant profiling showed their cost as part of the
thread module profiling logic. Now that only the flow worker is
a thread module this no longer works.

This patch introduces profiling for the 3 current flow worker
steps: flow, stream, detect.
 9 years ago
Victor Julien 48771c1acf debug: fix compiler warnings 9 years ago
Victor Julien 7dfdcdc770 thread modules: remove unused id's 9 years ago
Victor Julien a8f257e05f detect: no longer a thread module 
Like stream, detect is now invoked directly by the FlowWorker.
 9 years ago
Victor Julien 4a96820320 stream-tcp: more cleanups 9 years ago
Victor Julien 8b06badbcf stream-tcp: no longer register as a thread module 
Now that the FlowWorker handles the TCP Stream directly, having
the TCP engine as a thread module is no longer needed.

This patch removes the registration.
 9 years ago
Victor Julien 333f2cb310 drmemory: broader suppressions for hyperscan 9 years ago
Victor Julien eec66c7b4f smtp: improve thread data use 
The SMTP app layer used a thread local data structure for the mpm in
reply parsing, but it only used a pmq. The MpmThreadCtx was actually
global. Until now this wasn't really noticed because non of the mpm's
used the thread ctx.

Hyperscan does use it however.

This patch creates a new structure SMTPThreadCtx, which contains both
the pmq and the mpm thread ctx. It's passed directly to the reply
parsing function instead of storing a pointer to it in the SMTPState.

Additionally fix a small memory leak warning wrt the smtp global mpm
state.
 9 years ago
Justin Viiret 7a0dbc6f9f app-layer-smtp: free mpm contexts on shutdown 
Adds a cleanup function for the SMTP parser that destroys the MPM
context and MPM thread context it uses.

Also marks smtp_mpm_thread_ctx static.
 9 years ago
Justin Viiret d807bf4e8a detect-engine: log MPM/SPM matchers being used 9 years ago
Justin Viiret c9d0d6f698 mpm: add "auto" default for mpm-algo 
Setting mpm-algo to "auto" will use "hs" if Suricata was built against
Hyperscan, and "ac" otherwise (or "ac-tile" on Tilera platforms).
 9 years ago
Justin Viiret 8c6deecc55 app-layer-detect-proto: use mpm-algo 
Use the matcher configured by the user rather than hard-coding MPM_AC.
 9 years ago
Justin Viiret 88b50d2c34 app-layer-detect-proto: pass mpm_ctx to DestroyCtx 
The MPM DestroyCtx function accepts the MpmCtx, not the ctx pointer
inside it.
 9 years ago
Justin Viiret 31d8d4b0a1 detect-engine: adjust unit tests for hs mpm 
The Hyperscan MPM does match deduplication internally (using
HS_FLAG_SINGLEMATCH) and only returns the number of unique matches,
unlike AC.
 9 years ago
Justin Viiret 68ddcdccde app-layer-smtp: init mpm thread ctx after prepare 
This allows the Hyperscan MPM to correctly allocate scratch.
 9 years ago
Justin Viiret 24a1488591 mpm-hs: make errors from hs_scan() fatal 
Hyperscan will only return an error at scan time if the database or
scratch region are corrupted, which should provoke a fatal error.
 9 years ago
Justin Viiret a765cfde19 mpm-hs,spm-hs: don't call hs_scan() for zero bytes 9 years ago
Aleksey Katargin 2a5f487a16 netmap: close sw ring before hw rings 
Fix issue #1714
 9 years ago
Jason Ish b23d74ac88 tls-json-log: register module as tls-json-log, not dns-json-log 
Fixes issue:
https://redmine.openinfosecfoundation.org/issues/1792
where dns-json-log would not log any data.
 9 years ago
Eric Leblond bfa90a64d5 prscript: fix error handling 
Last result was used as global result.
 9 years ago
Victor Julien 5e7f617b7b isdataat: remove unused code 9 years ago
Arturo Borrero Gonzalez 221cb93024 src/: fix typo: receieved vs received 
Reported by Debian's lintian tool.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
 9 years ago
Victor Julien ea23b85776 flow worker: set up decoder thread vars 9 years ago
Victor Julien 6286e70555 ac: allow use of 31bits of pid space instead of 16 9 years ago
Victor Julien 1334859379 dns: add support for sshfp records 
Update parser to process the records.

Update json output to log it.
 9 years ago
Victor Julien 1df5acb001 coverity: CID 1362011: Control flow issues (DEADCODE) 9 years ago
Victor Julien 213f041c97 coverity: CID 1362012: Incorrect expression (EVALUATION_ORDER) 9 years ago
Victor Julien 3ffd19bdf5 coverity CID 1362013: Control flow issues (NESTING_INDENT_MISMATCH) 9 years ago
Victor Julien f947539d79 af-packet: CentOS6 build fixes 9 years ago
Eric Leblond 49612128f3 af-packet: use time() instead of GetTime() 
As we only use the second we don't need GetTime() which is slower
and get us milliseconds.
 9 years ago