suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	62a186ceef	detect/rfb: move keywords to rust Ticket: 7178 On the way, convert rfb.secresult to a generic integer with enumeration cf ticket 6723	12 months ago
Philippe Antoine	0b2ed97f36	ssh: frames support Ticket: 5734 Adds frames for SSH records, that come after banner, and before the data is encrypted. These records may contain cipher lists for instance.	1 year ago
Philippe Antoine	bce8f4b853	detect/ssh: remove deprecated keywords Ticket: 2377	1 year ago
Philippe Antoine	0a1062fad2	detect/mqtt: move keywords to rust Ticket: 4863 On the way, convert some keywords to use the first-class integer support. And helpers for pure rust the support for multi-buffer. Move the C unit tests about keyword mqtt.protocol_version to unit tests for generic integer parsing, and test version 5 instead of testing twice version 3. Also iterate all tx's messages for reason code as is done for other keywords. And allow detection on empty topics.	1 year ago
Victor Julien	afc318737a	doc/userguide: document threshold backoff type	1 year ago
Victor Julien	e362a01f8d	doc/userguide: document new threshold config options	1 year ago
Victor Julien	405491c3fc	detect/detection_filter: add support for track by_flow	1 year ago
Victor Julien	3f04af7c7f	doc: add thresholding by_flow	1 year ago
Jeff Lucovsky	01e20c91fb	doc/transform: Correct typo	1 year ago
Jeff Lucovsky	d205ff82d0	doc/transform: Describe the from_base64 transform Issue: 6487 Document the new transform and indicate that it's the preferred way to perform base64 decoding (preferred over base64_decode)	1 year ago
Victor Julien	3d059611c3	detect: add tls.alpn keyword Ticket: #7108.	1 year ago
Philippe Antoine	ae72376ebe	detect/snmp: move keywords to rust Ticket: 4863 On the way, convert unit test DetectSNMPCommunityTest to a SV test. And also, make snmp.pdu_type use a generic uint32 for detection, allowing operators, instead of just equality.	1 year ago
Victor Julien	8b42182fee	doc/userguide: document iprep isset/isnotset	1 year ago
Victor Julien	2f74d435d3	doc/userguide: add more operators to iprep	1 year ago
Victor Julien	50ef646d45	doc/userguide: add noalert/alert keyword docs	1 year ago
Victor Julien	c83e3285ae	doc/userguide: give pcre1 to pcre2 proper heading	1 year ago
Philippe Antoine	82c03f72c3	enip: convert to rust Ticket: 3958 - transactions are now bidirectional - there is a logger - gap support is improved with probing for resync - frames support - app-layer events - enip_command keyword accepts now string enumeration as values. - add enip.status keyword - add keywords : enip.product_name, enip.protocol_version, enip.revision, enip.identity_status, enip.state, enip.serial, enip.product_code, enip.device_type, enip.vendor_id, enip.capabilities, enip.cip_attribute, enip.cip_class, enip.cip_instance, enip.cip_status, enip.cip_extendedstatus	1 year ago
Victor Julien	17b32f98d7	doc/userguide: fix rule container typo Fixes: `8781e9352a` ("doc/userguide: add documentation for SMTP frames")	1 year ago
Victor Julien	8781e9352a	doc/userguide: add documentation for SMTP frames	1 year ago
Jason Ish	3eb8c728fd	doc: update lua sandbox docs for allowed packages/functions	1 year ago
Jo Johnson	ba6a976e06	doc: Initial doc for lua sandbox	1 year ago
Jo Johnson	712496bb3f	lua: Remove luajit support lua 5.4 support is not available in luajit Ticket: #4776	1 year ago
Shivani Bhardwaj	719fda3967	doc: add description about tls.subjectaltname Feature 5234	1 year ago
Philippe Antoine	2c305ba37e	pop3: protocol detection Ticket: #6366	1 year ago
Philippe Antoine	fcdd7f000a	detect: add options to app-layer-protocol keyword Ticket: 4921 app-layer-protocol keyword accept an optional mode to precise which protocol we want to match: toclient, toserver, final, or original	1 year ago
Shivani Bhardwaj	6d92596548	doc: add note about fast_pattern w base64_data Bug 5220	1 year ago
jason taylor	abb74245cc	doc: update normalization notes Ticket: #6781 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	5dacf4d92b	doc: add http.connection ref and fix location Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
Victor Julien	fcca5c7514	detect/iprep: update doc about 0 value A value of 0 was already allowed by the rule parser, but didn't actually work. Bug: #6834.	1 year ago
jason taylor	aa919f8081	doc: update flowbits information Ticket: #6991 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
Philippe Antoine	44b6aa5e4b	app-layer: websockets protocol support Ticket: 2695	1 year ago
Sascha Steinbiss	120313f4da	ja4: implement for TLS and QUIC Ticket: OISF#6379	1 year ago
Jeff Lucovsky	7a5a1e2560	doc: Describe noalert keyword Issue: 6685	1 year ago
jason taylor	7de16809ef	doc: update http keyword listing order Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	8b3db3c3b5	doc: update file.name keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	49dba7bb94	doc: update file.data keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	bee3aa9709	doc: update http.response_header keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	dcb548106e	doc: update http.request_header keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	3f5d228b9e	doc: update http.host http.host.raw keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	739dfe5e5e	doc: update http.location keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	9ddd8cf9e0	doc: update http.server keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	3af98f3b92	doc: update http.response_body keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	64760e2e75	doc: update http.response_line keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	566bc0d39c	doc: update http.stat_msg keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	271321249f	doc: update http.stat_code keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	71d8488cb5	doc: update http.request_body keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	c2783e9391	doc: update http.header_names keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	5eadbc2ff0	doc: update http.start keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	7e65554462	doc: update http.referer keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago
jason taylor	876dfb99ca	doc: update http.content_len keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	1 year ago

1 2 3 4 5 ...

383 Commits (ede77bc4dbf0406c76668c50a762f9d2ff3ec354)