aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,264 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd9e5dfa1f0'
${ noResults }
Commit Graph

8264 Commits (d9e5dfa1f0e5170b7d493b89c1c95592a6fe82cb)
 

Author SHA1 Message Date
Victor Julien 71ddc43d49 rust/core: add file tx API call 8 years ago
Victor Julien 9a1fa5f1f4 rust: filetracker API 
Initial version of a filetracker API that depends on the filecontainer
and wraps around the Suricata File API in C.

The API expects chunk based transfers where chunks can be out of order.
 8 years ago
Victor Julien a809f090d3 rust: filecontainer API 
Wrapper around Suricata's File and FileContainer API. Built around
assumption that a rust owned structure will have a
'SuricataFileContainer' member that is managed by the C-side of
things.
 8 years ago
Victor Julien f47fd2c243 rust/json: expose json_boolean 8 years ago
Jason Ish ba1a67e2cb rust: dns: add log filtering on rrtype 
While the filtering is still configured in C, the filtering
flags are passed into Rust so it can determine if a record
should be logged or not.
 8 years ago
Jason Ish c54fc7f98f rust: use LoggerFlags type to track logged state 8 years ago
Jason Ish b588b49779 rust: lua support for DNS based Rust 
Uses Rust wrappers around Lua to populate Lua
data structures.
 8 years ago
Jason Ish 9d687025e2 rust: lua wrapper 
Rust wrapper for working with lua state.
 8 years ago
Jason Ish 73388042b2 rust: DNS app-layer. 
A DNS application layer in Rust. This is different than the
C based one, as it is partially stateless by not matching
up responses to replies.
 8 years ago
Jason Ish 9449739dd5 rust: dns: nom DNS parsers 8 years ago
Jason Ish 94032d3ada rust: wrapper around C logging, and "context" 
Where the context is a struct passed from C with pointers
to all the functions that may be called.

Instead of referencing C functions directly, wrap them
in function pointers so pure Rust unit tests can still run.
 8 years ago
Jason Ish 9231b0ae92 rust: generate headers as part of build 8 years ago
Jason Ish d0880d75ff rust: c header generator 8 years ago
Jason Ish e739fa1477 rust: add libjansson wrapper for rust 8 years ago
Jason Ish f6f126d53d rust: example of how an app-layer may be initialized 
Also shows basic usage of the configuration API from Rust.
 8 years ago
Jason Ish 949b358b80 rust: stub out configuration access functions 8 years ago
Jason Ish de5bb1f953 rust: stub out logging from rust 8 years ago
Jason Ish d6d6358691 travis: enable a rust build 8 years ago
Jason Ish 8f81792da5 rust: hook rust into the build 
Rust is currently optional, use the --enable-rust configure
argument to enable Rust.

By default Rust will be built in release mode. If debug is enabled
then it will be built in debug mode.

On make dist, "cargo vendor" will be run to make a local copy
of Rust dependencies for the distribution archive file.

Add autoconf checks to test for the vendored source, and if it
exists setup the build to use the vendored code instead of
fetching it from the network.

Also, as Cargo requires semantic versioning, the Suricata version
had to change from 4.0dev to 4.0.0-dev.
 8 years ago
Jason Ish cf0b9dd45f rust: add rust skeleton tree 8 years ago
Victor Julien b332551dbb stream: suppress GAP notice message 8 years ago
Victor Julien fae822d82e netmap: minor output cleanup 8 years ago
Victor Julien 1fef8569a5 stream: minor output cleanup 8 years ago
Victor Julien f702e6c33d flow-hash: optimize to avoid branch misses 
Profiling showed a lot of branch misses in flow hashing. Restructure
code to avoid branching.
 8 years ago
Jason Ish c8ac479f90 dns: accept gaps in TCP DNS 
On gap notification a flag is set, on the next call the input
data is reprobed to make sure it can be processed.
 8 years ago
Jason Ish c862bbdc4b app-layer: notify parsers of gaps if enabled 
A parser can now set a flag that will tell the application
layer that it is capable of handling gaps. If enabled, and a
gap occurs, the app-layer needs to be prepared to accept
input that is NULL with a length, where the length is the
number of bytes lost. It is up to the app-layer to
determine if it can sync up with the input data again.
 8 years ago
Victor Julien dfff228f75 stream/async: more liberal RST acceptance 8 years ago
Victor Julien 5ea1d3bd53 stream/async: improvements for IPS 
Initialize midstream with async if enabled. Unset async on seeing
bidirectional traffic.

If only async-oneside is enabled, set ASYNC flag on session creation
when receiving a SYN packet.

Let last_ack stay in sync with next_seq so that various checks work
better.
 8 years ago
Victor Julien b767f1d306 output/streaming: fixes and redo tcp logging 
Fix HTTP body logging.

Redo TCP data logging based on the streaming API.
 8 years ago
Victor Julien f4c4ef12c0 stream: introduce optional 'log' progress tracker 
For logging streaming TCP data so far the individual segments where
used. However since the last big stream changes, the segments are
no longer the proper place for this. Segments can now have overlaps
etc.

This patch introduces a new tracker. Next to the existing 'app' and
'raw' trackers, the new tracker is 'log'. When the TCP logging is
used, a flag in the config is set and the log tracker is used to
determine how much of the stream window can be moved.
 8 years ago
Victor Julien 5b1d8c7e94 streaming/lua: add direction indication to streamer 
Call SCStreamingBuffer as follows:

    data, sb_open, sb_close, sb_ts, sb_tc = SCStreamingBuffer()

sb_ts and sb_tc are bools indicating the direction of the data.
 8 years ago
Victor Julien 35edc5264d luajit: cleanup states before return to pool 8 years ago
Victor Julien 888ed9db0d streaming: small code cleanup 8 years ago
Victor Julien 30a8b2def0 lua/streaming: fix http body logging 8 years ago
Victor Julien 0f4a9d740e flow-worker: improve no-flow case 8 years ago
Jason Ish 922a27ed97 detect-dns-query: use unit test macros 8 years ago
Victor Julien a636d96b15 detect/file: cleanups 
TX id is enfored in the engine, so the keywords don't need to.

Unify detect file engines.
 8 years ago
Andreas Herz 2aad2d605d rules: add missing classtypes for event.rules 8 years ago
Victor Julien 9492a43060 output-tx: small cleanups and scan-build suppression 8 years ago
Jason Ish bb10bd7fca profiling: fix const compiler warnings 8 years ago
Victor Julien 43b0bc8c8e unix socket: improve runmode handling 
Improve output of unix mode in --list-runmodes

Honor the runmode commandline setting. Supported are 'single'
and 'autofp', with the latter still the default.
 8 years ago
Victor Julien 75edfcc2cd unix-socket: fix minor memleak 8 years ago
Eric Leblond 1655a67654 log-tlsstore: fix error handling 
In case of realloc error, the length of the encoding buffer was not
reset and this could result in trying to write to NULL pointer.
 8 years ago
Andreas Herz bf1a8d08da doc: rephrase nocase placement explanation 8 years ago
Victor Julien 41e6c6dc36 flow: enforce 51 bits id globally 8 years ago
Victor Julien 71c6df1655 lua: add SCFlowId for getting the flow id 8 years ago
Victor Julien 8127730f00 bug 2113: fix live modes 8 years ago
Jason Ish c7ddbbc586 dns: fix log filtering 
Previously only a subset of the records could be selected
in custom. Now allow any to be selected.
 8 years ago
Victor Julien 4217c6839a stream: single GAP check 
Move all GAP checks into CheckGap. Remove seg_list based check.
Also remove seg_list == NULL check to make sure the Gap check is
done on an empty list as well.

Improve next_seq < last_ack check, but add data beyond gap check.
 8 years ago
Victor Julien 39183f7a8e doc: fix doc links for http keywords 8 years ago