Anoop Saldanha
f08fc8d7c5
ssl connection error message event added. Remove warning log for the same error alert
13 years ago
Anoop Saldanha
270ea253a2
ssl parser fix/updates
13 years ago
Anoop Saldanha
edb48c1557
We have a new probing parser to detect sslv2 records. todos to be covered later
13 years ago
Victor Julien
fa121a1dd4
filemd5: handle case where no md5 support is compiled it.
13 years ago
Victor Julien
9f7588a756
Add filemd5 keyword that loads a list of md5's to match a file's md5 against.
13 years ago
Victor Julien
8cfc23ee22
Add a new hash datatype to do speedy lookups of read only uniform data, like md5's.
13 years ago
Victor Julien
1bb0199dd7
pfring: protect pfring_set_bpf_filter with a lock as it's not thread safe.
13 years ago
Eric Leblond
d0e3df6057
Autotools: make 'install-full' now run 'install' too.
13 years ago
Victor Julien
1906d317ec
unified2: minor cleanups
13 years ago
Victor Julien
5e95524122
Improve error reporting in case of syntax errors in the address and port vars.
13 years ago
Victor Julien
5b457807e2
file: fix file length and md5 tracking when file storing is disabled
13 years ago
Victor Julien
086a934ca9
#449 : fix md5 calculation in daemon mode.
13 years ago
Victor Julien
94c312512d
pfring: move missing timestamp handling code to PfringProcessPacket.
13 years ago
Chris Wakelin
a5f948f436
Fix missing timestamps in some flavours of PF_RING
13 years ago
Victor Julien
f2f8dfd8d6
http: add test to make sure a missing space between header name and value is not a problem (ref #474 ).
13 years ago
Victor Julien
66856831fa
unified2: big rewrite to clean up code that deals with tcp segment logging.
13 years ago
Eric Leblond
a0e57f58e5
OpenBSD: introduce SCLocalTime function.
...
This function is a wrapper to localtime_r. It is needed to avoid
a compilation warning on OpenBSD. I'm forced to type the function
to a non pointer first parameter. If not we will have to use two
differents functions in OpenBSD where tv->tv_sec is a long
(different from time_t).
13 years ago
Victor Julien
00948c86d5
Add debug messages to HTTP error/warning handling.
13 years ago
Victor Julien
40cda7e149
Support FNAME and FCOMMENT extensions in gzip'd http content.
13 years ago
Victor Julien
ed3599b3d8
stream: improve error checking.
13 years ago
Victor Julien
5933cee2ff
replace: add missing malloc return value check.
13 years ago
Eric Leblond
dbf5d79e43
pfring: follow API change
...
As pointed out in issue #459 , pf_ring API has changed. Since
5.4.0 release pf_ring_open has one less argument.
13 years ago
Victor Julien
48da3bb48b
Make sure all fake packets have datalink type DLT_RAW. Make sure stream end packets set pkt size.
13 years ago
Eric Leblond
e2bf0fab35
OpenBSD: setup specific place for magic file.
...
This patch fixes the path to the default magic file on OpenBSD.
13 years ago
Victor Julien
02e19502c7
unified2: minor cleanups.
13 years ago
Eric Leblond
70b795e20a
OpenBSD: don't close std* to avoid problem.
13 years ago
Victor Julien
3181b492f4
pcap: lock pcap_compile and pcap_setfilter calls as they are not thread safe. Fixes issues with bpf filters and multiple interfaces.
13 years ago
Victor Julien
e3f66c52ec
pcap: fix double free issue with bpf filter and multiple interfaces.
13 years ago
Victor Julien
a3cbe2e1c2
alert-debuglog: add size info for stream chunks and fix a typo.
13 years ago
Anoop Saldanha
5f939412af
debuglog now uses the new mem buffer API. Improve file ctx locking to just the file write
13 years ago
Victor Julien
cae46ab5eb
pcre: print filename and line number for JIT warning.
13 years ago
Anoop Saldanha
4689783342
bug #454 - rebase fix. Also use better error code to indicate invalid address var yaml entry
13 years ago
Anoop Saldanha
b3660dc5db
bug #454 - add unittests for the address/port conf var validation function
13 years ago
Anoop Saldanha
678763c3f4
bug #454 - global check to see if address and port vars are properly configured
13 years ago
Victor Julien
ea0d172693
No longer pass StreamMsg to output for alert logging, instead use the same callback code as is used for state alerts.
13 years ago
Victor Julien
88a21456e3
stream: keep segments in memory until we are sure the stream/state is inspected.
13 years ago
Anoop Saldanha
64625675ce
set stream_eof flag per stream, only when the stream initiates a close. Fix htp parser to close connection per direction based on this
13 years ago
Anoop Saldanha
1f0272afeb
libhtp fix for response body processing. Increment data counter for response body processing when no contentlength or chunked scheme is used but the server closes the connection
13 years ago
Victor Julien
b976ff228a
ipv6: fix an AH header parsing issue. Add decoder event for non-null reserved fields.
13 years ago
Victor Julien
52044bb81b
Improve error message for malformed urilen value.
13 years ago
Anoop Saldanha
d39b7b72bd
Add a nice error message when we exceeded address buffer limit for a rule
13 years ago
Anoop Saldanha
7495f59773
bug #451 fix for parsing address. Increase buffer size
13 years ago
Anoop Saldanha
f204b52e10
bug #461 - http header shouldn't match on cookie header
13 years ago
Eric Leblond
59057e542e
Openbsd: Fix some warning related to inline usage.
...
gcc on OpenBSD does not support C99 inline functions. This patch
modify the build system to handle this. It also change the order
of declaration of some functions to avoid to use them before
declaring them as inline.
13 years ago
Eric Leblond
aef4835c56
htp OpenBSD: fix inline related warning
13 years ago
Anoop Saldanha
3df3be0efc
bug 418 - update http log to escape backslashes
13 years ago
Anoop Saldanha
5d22194299
fix failing rate filter unittest
13 years ago
Anoop Saldanha
7dec21be4c
fix rate filters that reset the sig ctx data and handled action timeouts wrongly
13 years ago
Anoop Saldanha
85db868a83
indentation fix
13 years ago
Anoop Saldanha
c34713321a
fix rate filter alert suppression. Log error if rate filter has count of 0. Other minor fixes as well
13 years ago