suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	ec5b622553	Inspect all stream msgs at any time when running in stream-inline mode. Skip detection for packets flagged for dropping before detect.	14 years ago
Victor Julien	48c7f18453	Fix bug in the segment insert code causing an inconsistent segment list in some overlap conditions.	14 years ago
Victor Julien	929ce0bb9b	Add a counter to NFQ for modified packets.	14 years ago
Victor Julien	05539d7357	Fix a reassembly overlap issue. Fix a inline reassembly gap handling issue.	14 years ago
Victor Julien	00e4dde6a6	Fix PKT_STREAM_EOF never being set, resulting in some raw stream chunks never being inspected. Improve debug output.	14 years ago
Victor Julien	e92ab40d39	Fix compilation for non-DEBUG case.	14 years ago
Victor Julien	1dca88fe69	Do the actual checksum recalculation and packet replacement on modifing a packet in the stream engine.	14 years ago
Victor Julien	2db06cc79e	Improve Inline reassembly wrt to GAP handling. Add more tests.	14 years ago
Victor Julien	29e02abc94	Expand and fix stream unittest helpers.	14 years ago
Victor Julien	121e9c72aa	Add more debug printing of reassembled data into the app layer api.	14 years ago
Victor Julien	4c82c0e750	Improve RawInline reassembly: remove unnecessary segments from the stream in an earlier stage. Test this properly.	14 years ago
Victor Julien	d00c6172c9	Update stream section of example configuration.	14 years ago
Victor Julien	668bd46c1c	Add flow prune debug counters (disabled by default).	14 years ago
Victor Julien	4bf4382354	Make sure tunnel packets (and pseudo packets) properly decrement the flow use counter in all cases.	14 years ago
Victor Julien	37587c0b7d	Add missing stream inline files.	14 years ago
Victor Julien	3a774165fa	Initial version of a inline raw reassembly function that reassembles in a sliding window. Introduce new unittest helpers for stream reassembly.	14 years ago
Victor Julien	abdffadc1c	Add a new app layer reassembly function that is for inline use, and use it when the stream engine is in inline mode.	14 years ago
Victor Julien	8cacd5fe50	Fix the stream.inline config option. Set PKT_STREAM_EST flag also for packets that are part of a session in a state beyond TCP_ESTABLISHED.	14 years ago
Victor Julien	a8bb98836b	Don't handle and validate the TCP timestamp at the same time. Instead validate first, then later when all other validation has been done as well, handle.	14 years ago
Victor Julien	8d3f9c53a9	Minor cleanups.	14 years ago
Victor Julien	bff70eed6d	Update to depth code. Get segment from the correct pool when a payload is truncated.	14 years ago
Victor Julien	66c40f782c	Have reassembly errors also set a stream event.	14 years ago
Victor Julien	0f072648e6	Another iteration of the reassembly depth enforcement, now considering retransmissions.	14 years ago
Victor Julien	935958219d	Rename RST validation function to match convention	14 years ago
Victor Julien	94fe0d5fa2	Add ACK validation to Reset/RST validation code.	14 years ago
Victor Julien	16cd31a408	Remove unused pseudo packet reassembly code.	14 years ago
Victor Julien	bf88a6de09	Add depth comment.	14 years ago
Victor Julien	a26768ce7a	Change the way the reassembly depth is enforced. Ignore retransmissions, get rid of per session counter.	14 years ago
Victor Julien	7af9c58af7	Improve ACK value validation, timestamp checking code. Overall layout.	14 years ago
Victor Julien	0f5b6a8bd7	Fix minor comment typo.	14 years ago
Victor Julien	aa04d9eefb	Improve stream gap handling. Instead of giving up as soon as we see a gap we now wait much longer before we decide it's a gap.	14 years ago
Victor Julien	6ffb9da9be	Better support ack/psh data packets on several states. Updates to ack validation code.	14 years ago
Victor Julien	6fca55e068	Add some debug output to app-layer-htp.	14 years ago
Victor Julien	25f5589078	First round of adding 'stream events'. Basic stream tracking events added.	14 years ago
Victor Julien	2849d2b1d3	Initial code for stream 'inline' mode: packets that are (partly) overlapping with already accepted packets (meaning in the streams seg list) are rewritten to make sure they contain the exact same data.	14 years ago
Victor Julien	3857154f4b	Fix the pseudo packet having the wrong proto set, causing massive fp's. Flag packets to be part of the established phase of a tcp session, so we won't prematurely inspect the app layer state.	14 years ago
Victor Julien	8b5f553a35	Inspect a pseudo packet upon receiving a RST so that we are sure both sides of the TCP session are inspected.	14 years ago
Gurvinder Singh	55a863359c	support for pseudo packet creation from reassembled stream segments	14 years ago
Victor Julien	cc116d71ef	Fix unittests after merge.	14 years ago
Gurvinder Singh	2beb7af7f8	support for validating the ACK before updating the last_ack field and also update next_seq if we missed the last packet	14 years ago
Victor Julien	acc38c9ebf	Make sure we don't try to 'verdict' the fake PKT_PSEUDO_STREAM_END packets.	14 years ago
Victor Julien	c955254b4e	Adapt stream code to packet memory allocation changes.	14 years ago
Victor Julien	44e678b86b	Comment out disabled unittests.	14 years ago
Victor Julien	a622ad5047	Fix new unittests introduced by rebase with next branch.	14 years ago
Victor Julien	1d971b53a6	Update all unittests	14 years ago
Victor Julien	fadd6d6361	Add pseudo packet counter.	14 years ago
Victor Julien	f606621e8c	Fix the pseudo packet having the wrong proto set, causing massive fp's. Flag packets to be part of the established phase of a tcp session, so we won't prematurely inspect the app layer state.	14 years ago
Victor Julien	b0901ab30d	Fix compilation with --enable-debug	14 years ago
Victor Julien	6482c34909	Increment flow use cnt for pseudo packets as the flow is not supposed to disappear while dealing with those packets.	14 years ago
Victor Julien	2072ad80af	Never create a pseudo packet based on a pseudo packet.	14 years ago

1 2 3 4 5 ...

1860 Commits (ec5b62255387a7c8c344063d863bdca913c3cf23) All Branches Search

1860 Commits (ec5b62255387a7c8c344063d863bdca913c3cf23)

All Branches