suricata

Commit Graph

Author	SHA1	Message	Date
Anoop Saldanha	f1863370a5	clean log pcap	14 years ago
Anoop Saldanha	6392202872	restructure log pcap to use a different setup, which is resilient to thread failure/restarts	14 years ago
Anoop Saldanha	fd21b83f3e	don't return TM failure on failing to remove log file	14 years ago
Anoop Saldanha	4bc907414b	init every new pf instance in log pcap	14 years ago
Victor Julien	cfd4d07dd0	host: convert host hash to use lookup3.c	14 years ago
Victor Julien	c10370907a	flow: make flow use lookup3.c hashing algorithm. Improves hash table distribution.	14 years ago
Victor Julien	20c08ca47b	hash: add lookup3.c by Bob Jenkins Found here: http://burtleburtle.net/bob/hash/doobs.html http://burtleburtle.net/bob/c/lookup3.c From the file header: lookup3.c, by Bob Jenkins, May 2006, Public Domain. These are functions for producing 32-bit hashes for hash table lookup. hashword(), hashlittle(), hashlittle2(), hashbig(), mix(), and final() are externally useful functions. Routines to test the hash are included if SELF_TEST is defined. You can use this free for any purpose. It's in the public domain. It has no warranty.	14 years ago
Victor Julien	19a7e7f395	flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default.	14 years ago
Xavier Lange	fea5e68a7b	Include conf_test in special cases for unset RUNMODE	14 years ago
Xavier Lange	1d774dae61	Make conf_test local. Simplify if/else to if.	14 years ago
Xavier Lange	1ae10b9a42	Do not spawn threads for conf test	14 years ago
Xavier Lange	eaacc5d0fe	Added conf_test flag and behavior	14 years ago
Victor Julien	22349f863b	file magic: don't disable inspecting magic for both directions if files in only one direction don't need magic.	14 years ago
Victor Julien	ba4613aef1	Add host section to stock yaml.	14 years ago
Victor Julien	f4b542d703	Enforce memcap limit before allocating hash table in host and flow engines.	14 years ago
Victor Julien	bd66a4bba9	Fix typo in spm prototype declaration.	14 years ago
Anoop Saldanha	4d192a6881	update all spm algos to use 16 bit pattern lengths. Should compress a lot of tables	14 years ago
Victor Julien	8d1fe9f2fa	Make 'autofp' the default runmode. Increase default max-pending-packets to 1024. Move some advanced and uncommonly changed settings down in the stock suricata.yaml. Closes #433 .	14 years ago
Eileen Donlon	da633d490b	fix misleading comment	14 years ago
Eileen Donlon	793478a832	reject rules with invalid hex digits in content	14 years ago
Eileen Donlon	f2e85ab9ee	reject rules with an invalid ttl range	14 years ago
Victor Julien	4157d9408d	Various small flow and host table fixes.	14 years ago
Victor Julien	aded3c5578	http: 'HTTP Host header ambiguous' after libhtp update. It now fires if hostname is present both in URL and Host header and the 2 are not equal.	14 years ago
Victor Julien	ef52ba8f57	libhtp: update to sync with upstream 0.2.x Patches applied are: commit 85f5bbc39dda2eaf03ccb6111cbf5daf1c7b75f9 Author: Craig Forbes <cforbes@qualys.com> Date: Wed Mar 21 16:45:04 2012 +0000 Backport of STREAM_STATE_TUNNEL fix to 0.2.x. Return STREAM_STATE_TUNNEL after entering a tunnel. commit cfbe28cd4ddde6d77c5b0d5935c8717834971441 Author: Craig Forbes <cforbes@qualys.com> Date: Wed Feb 29 16:52:44 2012 +0000 Backport of the fix for HTP_AMBIGUOUS_HOST flag. The flag is only set when the URI host on the request line is different than the value in the Host: request header. Resolves https://github.com/ironbee/libhtp/issues/20 commit 196dfb1c8b7a5996389c719e2c912163c5607916 Author: Brian Rectanus <brectanus@qualys.com> Date: Wed Feb 8 08:35:46 2012 -0600 Add missing function declaration in header. commit 7878fec818167fcdf7c8c4852ac0dafa1ae445f1 Author: Brian Rectanus <brectanus@qualys.com> Date: Wed Feb 8 08:35:07 2012 -0600 Revert part of previous patch, which was invalid. commit bafef3d4cbfc307960677c6bd682ae195fe986cd Author: Brian Rectanus <brectanus@qualys.com> Date: Wed Feb 8 08:36:06 2012 -0600 Update version to next dev release. commit 62cfdb41ba84f2666c7526e2e5d9e10ab8e220f1 Author: William Metcalf <wmetcalf@qualys.com> Date: Wed Feb 1 13:19:48 2012 -0600 Many thanks to Will, Brian and Craig.	14 years ago
Victor Julien	18e81b7ba9	Bail out early if we're in http tunnel mode.	14 years ago
Victor Julien	0788656ef7	Silence ac-gfbs debug message.	14 years ago
Victor Julien	da3c5bf84d	Minor error message cleanups	14 years ago
Victor Julien	fa22a26366	profiling: fix lock profiling int print issue.	14 years ago
Victor Julien	3b79dac2b7	flow: fix atomic var not being initialized and destroyed.	14 years ago
Victor Julien	60dbd34f93	Fix bug in app layer event handling causing http event rules to fail loading.	14 years ago
Victor Julien	40ed10ab38	Minor flowq updates.	14 years ago
Anoop Saldanha	7115fa3e72	Introduce the address hash based flow q handler	14 years ago
Anoop Saldanha	5ffb050ada	Adapt flow tmqh counters to be atomic vars. Remove support for active flows q handler. Introduce SC_ATOMIC_SET	14 years ago
Anoop Saldanha	3faed5fe79	Support freeing flow q handler out ctx. Adapt unittests to use the same	14 years ago
Anoop Saldanha	d01589c9d8	neaten flow q handler code	14 years ago
Anoop Saldanha	0fa14292c0	Enable unittests for flow q handler	14 years ago
Anoop Saldanha	4e417b72b5	support flow q handler schedulers active_flows and active_packets. Support new yaml option autofp_scheduler. Support for printing q handler stats as well	14 years ago
Anoop Saldanha	e252048900	support for custom flow qhandlers - round robin support added	14 years ago
Pierre Chifflier	d866f38982	TLS: add variable to store the error code in the decoder Use a variable to store the decoding error code if required, and remove the calls to SCLogInfo and SCLogDebug.	14 years ago
Pierre Chifflier	218b5d3ba0	TLS app layer: misc fixes, reorder some fields to same memory	14 years ago
Pierre Chifflier	3df341dbeb	Add TLS decode events	14 years ago
Pierre Chifflier	71fa4a5285	TLS: replace SigMatchAppendAppLayer with SigMatchAppendSMToList	14 years ago
Eric Leblond	a9bb17e097	tls-handshake: add sanity checks.	14 years ago
Eric Leblond	01c7e5bde6	tls-handshake: Add some missing free in error handling. When DecodeAsn1BuildValue function fails, it may be necessary to do some clean-up in the calling functions.	14 years ago
Eric Leblond	480db00fd7	tls-handshake: DecodeAsn1BuildValue should return -1 for error This patch modifies DecodeAsn1BuildValue to have it return -1 when there is a too big number of bytes announced in the ASN.1 message.	14 years ago
Eric Leblond	8f885ce810	TLS parser: add sanity checks on loop It was possible in some loop to read data placed after the buffer resulting in invalid/unpredictable value. This patch fixes two of this issues.	14 years ago
Eric Leblond	d1c56e810b	TLS parser: add sanity check	14 years ago
Eric Leblond	cb1a75fc9e	TLS parser: modify OCTETSTRING This patch does on over allocation of 1 for the OCTETSTRING to be able to add a 0 at the end. This will then allow us to use the string in printf.	14 years ago
Pierre Chifflier	5a65a17f00	TLS parser: add handing of UTF8STRING Some certificate contains UTF8STRING which is a subset of OCTETSTRING. This patch adds support for this type of string.	14 years ago
Pierre Chifflier	6c2c6cffac	TLS keywords: fix match regex (remove extra space)	14 years ago

1 2 3 4 5 ...

3095 Commits (f1863370a5e93d6e37a80eb6168d2dfa11a74f8a) All Branches Search

3095 Commits (f1863370a5e93d6e37a80eb6168d2dfa11a74f8a)

All Branches