suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	b259e362cd	Convert uricontent to use new scanning methods as well. Move http_method and http_cookie keywords out of pmatch list for now.	16 years ago
Victor Julien	bef70a04ce	First stage of detect engine redesign: equal patterns share id's, search phase no longer used, new match verification phase.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gerardo Iglesias Galvan	ba6d807a6e	Improve information about errors on signature failure	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Victor Julien	2481f2102b	Add missing return value evaluation in port parsing and fix broken unittest.	16 years ago
Victor Julien	4284276b11	Merge applayer detect function into normal match function. Should speed up detection.	16 years ago
Gurvinder Singh	5c8d90afc8	memory leak fixes	16 years ago
Pablo Rincon	0c9f51498a	Small fixes at unittest helper functions and TestBidirec03	16 years ago
Pablo Rincon	c80160b96d	More examples of unittest helper functions usage reference	16 years ago
Pablo Rincon	b6a3395c08	Adding unittest helper functions for building generic packets, checking arrays of expected match results, perform generic tests, etc. Look at util-unittest-helper.c and detect-ipproto.c for references	16 years ago
Gerardo Iglesias Galvan	40c514f295	Fix bug in logging msg when using --init-errors-fatal	16 years ago
Brian Rectanus	c22d42693a	Added http_method rule keyword.	16 years ago
Victor Julien	ecab1fae36	Remove contents of VRT classification.config.	16 years ago
Anoop Saldanha	011b74df63	Modify the classification config tests to use the buffer than a temp file and also fix an invalid free	16 years ago
Anoop Saldanha	bc4df59414	Support for Classtype keyword and Classification Config file	16 years ago
Victor Julien	ae94b102cb	Improve distance/within/nocase handling, sig parsing error reporting.	16 years ago
Will Metcalf	f2b1e66a6a	fixes for init failure stuff	16 years ago
Victor Julien	778228d1c5	Flags keyword fix. Fatal init fix.	16 years ago
Victor Julien	310a182217	Fix signatures not being initialized properly	16 years ago
Victor Julien	9fd46e9425	Support for sigs with both pkt and applayer detect Sets a flowbit with the sig id if the packet matches match. Checks on that if the app layer matches match. Currently misuses the flowbits api for this in a way that needs fixing.	16 years ago
Victor Julien	ecf86f9c23	Rename to Suricata.	16 years ago
Gurvinder Singh	a0f184866c	http_cookie keywork support	16 years ago
Gerardo Iglesias Galvan	b254719ffc	Add fatal failures on unittest and siginit failure (using Conf API)	16 years ago
Pablo Rincon	658eac2825	Adding max pattern length for bidirectional operator. Please, use DetectEngineAppendSig() at the unittests. Look at the bidirectional operator unittests for a usage reference.	16 years ago
Pablo Rincon	6206ffb530	Adding bidirectional operator support and unittests	16 years ago
Victor Julien	2cfa284999	Fix app layer detect to actually work.	16 years ago
Victor Julien	a1d33e2d0b	Compilation fixes after merge.	16 years ago
Victor Julien	f1f7df0766	First iteration of doing app layer detection.	16 years ago
Anoop Saldanha	bb5bd91045	Support to get the last sigmatch of a particular type. To be used for content and its modifiers	16 years ago
Pablo Rincon	9a3c21fbf3	Updating real unittests. Small fix on TestWithinDistanceOffsetDepth to skip to the next DETECT_CONTENT SigMatch. Adding some checks on within/distance setups.	16 years ago
Pablo Rincon	7e4377224a	Small fix at detect-parse.c, need to continue with MatchTest05	16 years ago
Anoop Saldanha	dc44700ce5	Support vars lookup from conf file. Current patch support address and port group vars lookup	16 years ago
Victor Julien	d6be6ceb19	Fixup artifact from automatic renames: rename DetectAddresssHead to DetectAddressHead.	16 years ago
Victor Julien	de8caa7964	Rename DetectAddressGroup* to DetectAddress*	16 years ago
Victor Julien	2d0e9658f8	Speed up per sgh content maxlen calc. Remove mpm ptrs from mpm ctx. Add unittests testing the detection engine internals.	16 years ago
Victor Julien	7a7bb7a390	Get rid of global mpm_ctx.	16 years ago
Victor Julien	fbe87a3ad5	Bunch of mostly unittest related memleak fixes.	16 years ago
Anoop Saldanha	0815ed7c9e	Some refactoring of the code, error handling done	16 years ago
Anoop Saldanha	fbc4d11ed4	Some code refactoring	16 years ago
Victor Julien	5ffb7a7bd7	Add a few more tests for portrange validation.	16 years ago
Breno Silva	c43319c337	Regular expression for UnitTests Signed-off-by: Brian Rectanus <brectanu@gmail.com>	16 years ago
William Metcalf	69e57e5e23	remove invalid dir from pcre + unit test	16 years ago
Victor Julien	968d8df12b	More logging API usage. Changed logging macro's slightly so the vars inside them won't conflict with vars used by the calling function.	16 years ago
Victor Julien	91bc83e5c6	More logging API usage changes.	16 years ago
Victor Julien	4cc24fe463	Improve the handling of addresses and ports. Properly detect !any, other full negation. Fix [80:!80] syntax errors being undetected.	16 years ago
Victor Julien	0d0ffb9963	Reorganize header inclusions.	16 years ago
Victor Julien	733c3bcb8c	Fix "ip" rules not ending up in the tcp and udp sig group heads correctly.	16 years ago
Victor Julien	0242fad770	Fix error in freeing the ctx of a SigMatch.	16 years ago
Brian Rectanus	fa5939ca91	64 bit cleanup part2	16 years ago
William Metcalf	413efe8668	fix regression in detect-parse.c	16 years ago
Breno Silva	c90b4e6fcd	Decode event rule	16 years ago
William Metcalf	d79b85d251	Small regex fix for portlists in detect-parse.c	16 years ago
Victor Julien	51a9e36e10	Remove vips references. Rename to eidps.	16 years ago
Victor Julien	657be002d1	Big detection engine update: scan improvements, b2g/b3g updates, bloom fixes, iponly detection implementation, dsize/flow grouping.	16 years ago
Victor Julien	5df5b35e90	Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups.	16 years ago
Victor Julien	efb10fc0d6	big update	16 years ago
Victor Julien	0250642cc0	Fix negated variables, add tests.	16 years ago
Victor Julien	3f7195454b	Big detection engine update.	16 years ago
Victor Julien	54ffe2053e	Large detection engine update.	16 years ago
Victor Julien	f3a94413db	Properly support 'alert ip' rules. Add support for handling ip only rules differently.	16 years ago
Victor Julien	171c8c777d	Group signatures by protocol.	16 years ago
William Metcalf	0ffa1c2465	updates for configure.in, added reject code, some decode stuff for tcp	16 years ago
Victor Julien	a603577132	Small update to the pcre used for signature parsing.	16 years ago
Victor Julien	84087e7077	Fix a memory error in the addresslist parsing code. Add a functions aimed at speeding up the signature initialization code.	16 years ago
Victor Julien	0726efead9	Support address lists.	16 years ago
Victor Julien	eaaeb30cd6	Add noalert keyword for use with sigs that are used for capturing only.	16 years ago
Victor Julien	63bb777100	Use a default prio of 3.	16 years ago
Victor Julien	dc224cb2d2	Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented.	16 years ago
Victor Julien	b7bc35e8b2	support for 'negation' in addresses and the 'any' special case.	16 years ago
Victor Julien	876f0c95c7	Signature rule keywords are case insensitive. Support that.	16 years ago
Victor Julien	d036264f80	Cleanup signature parsing and other detect.c parts.	16 years ago

1 2 3 4 5

222 Commits (d9686fae57f85f2bd4808dabc327c1c6ce7ef7d7)