Victor Julien
|
740ee3e7ab
|
Add referer header to .meta and json file logs.
|
13 years ago |
Victor Julien
|
337f7861a4
|
Make sure that if not built against libnss, we still compile. Only no md5 for you then\!
|
13 years ago |
Victor Julien
|
6752ccae2a
|
Add line based log file to log-file module that logs each stored file's meta data in json records.
|
13 years ago |
Victor Julien
|
12e8ce6545
|
In PrintRawUriFp, consider " unprintable.
|
13 years ago |
Victor Julien
|
69b3df96fb
|
Initial on the fly MD5 calculation for extracted files using libnss.
|
13 years ago |
Anoop Saldanha
|
2f7717a1a7
|
delete detect-recursive.[ch]
|
13 years ago |
Anoop Saldanha
|
e682796d03
|
feature #414 - support listing supported keywords. Remove support for dummy keywords __address__, __proto__, __port__. Remove support for recursive keyword and all references to it
|
13 years ago |
Anoop Saldanha
|
603d4a719a
|
remove det_ctx->payload_offset and use det_ctx->buffer_offset. Update hscd and hsmd to use the new generic content inspection engine
|
13 years ago |
Anoop Saldanha
|
d1d5507679
|
remove all old content inspection engines and references to them. We have cleaned the entire content inspection phase and improved alert accuracy
|
13 years ago |
Anoop Saldanha
|
35f1f7e8d9
|
unify payload detection engines + fix other bugs in pcre init
|
13 years ago |
Anoop Saldanha
|
9287cce674
|
raw urilen inspection moves to raw uri list. Won't make any difference wrt inspection
|
13 years ago |
Anoop Saldanha
|
0677190960
|
rebase commit for hscd and hsmd patches
|
13 years ago |
Anoop Saldanha
|
22b1f5b22b
|
fix seg fault due to wrong sm list access in hscd
|
13 years ago |
Anoop Saldanha
|
2e2398147c
|
fast pattern unittests added for http server body
|
13 years ago |
Anoop Saldanha
|
09313cf9bd
|
Support http stat code detection engine, fast pattern(mpm engine included). Fix http stat code setup function. Fix pcre option for stat msg keyword. With this the pcre options for server_body is Q, for stat_msg is Y and for stat_code is S
|
13 years ago |
Anoop Saldanha
|
2007c2711c
|
Support http stat msg detection engine, fast pattern(mpm engine included). Fix http stat msg setup function. Fix pcre option for stat msg keyword
|
13 years ago |
Victor Julien
|
9dc153c8f4
|
Fix path handling for including rule files on win32.
|
13 years ago |
Victor Julien
|
489b8b8bcc
|
Allow other yaml files to be included in the main yaml.
|
13 years ago |
Victor Julien
|
adb5d05fb5
|
Fix a FP with negated filemagic inspection.
|
13 years ago |
Victor Julien
|
0b9038b971
|
Add atomics to ticks unittests.
|
13 years ago |
Victor Julien
|
f77c475c85
|
Minor layout fixes.
|
13 years ago |
Victor Julien
|
e1a309a6b2
|
Napatech code formatting fixes.
|
13 years ago |
Victor Julien
|
95a5bebb6a
|
Fix compilation without napatech tech support enabled.
|
13 years ago |
Victor Julien
|
1d9f6ff8f2
|
Initial Napatech support by Randy Caldejon / nPulse.
|
13 years ago |
Anoop Saldanha
|
60553f3753
|
fix compilation error for the new http response header mpm feature
|
13 years ago |
Anoop Saldanha
|
716afac5a2
|
fix debug messages that have references to the old mpm contexts
|
13 years ago |
Anoop Saldanha
|
9a665e035b
|
code cleanup over last 2 commits
|
13 years ago |
Anoop Saldanha
|
55c4e419fd
|
if a signature is non-tcp, it's always a packet sig
|
13 years ago |
Anoop Saldanha
|
419cdc8558
|
support splitting mpm ctxs based on direction v2
|
13 years ago |
Anoop Saldanha
|
0a91d824bf
|
Fix bug in ac-bs search function
|
13 years ago |
Anoop Saldanha
|
db859cc56e
|
treate ac-bs auto as single context
|
13 years ago |
Anoop Saldanha
|
199288309d
|
Support for new MPM ac-bs added
|
13 years ago |
Victor Julien
|
e244934566
|
Disable unittest that fails without libnet support.
|
13 years ago |
Anoop Saldanha
|
c2d47718c1
|
bug #411 - fix failing unittest
|
13 years ago |
Anoop Saldanha
|
6556b4c62b
|
bug #411 - don't modify within/distance at setup time
|
13 years ago |
Anoop Saldanha
|
37329f85d4
|
bug #412 - rebase commit. Remove the previous references to SigInitReal() with SigInit()
|
13 years ago |
Anoop Saldanha
|
3b5d95547d
|
bug #412 - Remove the commented out SigInitReal()
|
13 years ago |
Anoop Saldanha
|
6cbd3a1046
|
bug #412 - Unify SigInit() and SigInitReal(). Remove any use of SigInitReal()
|
13 years ago |
Anoop Saldanha
|
acccf3a5a5
|
Add function declaration for SigInitReal
|
13 years ago |
Anoop Saldanha
|
88ad3691d1
|
bug #405 - fix bug where raw uri inspection sigs were not treated as stateful sigs
|
13 years ago |
Anoop Saldanha
|
0b43f2a5fd
|
Use SigInitReal() instead of SigInit() in raw uri tests. This should show that we have unittests failing, thus highlighting bug 411. The next commit is the fix for this bug
|
13 years ago |
Victor Julien
|
6aa0ad1c5f
|
Remove unused definitions in pcre code.
|
13 years ago |
Victor Julien
|
bb6f93e675
|
Fix unittest missing a flow direction in the rule.
|
13 years ago |
Eileen Donlon
|
39b8cc2f8b
|
fixed relative handling for pcre cookie and method
|
13 years ago |
Eileen Donlon
|
d55fef2d75
|
Cleaned up some error messages for detect distance and offset.
|
13 years ago |
Victor Julien
|
b16a71020d
|
Make 'make check' happy in a ipproto unittest.
|
13 years ago |
Anoop Saldanha
|
5b3c8566dd
|
bug #403 - add unittests
|
13 years ago |
Anoop Saldanha
|
a19a249230
|
Set the packet protocol only if it can parsed without error
|
13 years ago |
Anoop Saldanha
|
2fa55a86fa
|
Fix csum validation functions to not carry out csum calculation if respective headers are not present
|
13 years ago |
Anoop Saldanha
|
b8997b415c
|
bug #403 - fix setting ip proto for ipv6 packets
|
13 years ago |