aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,187 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f204b52e10'
${ noResults }
Commit Graph

3187 Commits (f204b52e10e01a0ed0a8edabb82ffdc3aa835b14)
 

Author SHA1 Message Date
Victor Julien 515d070554 Print elapsed time with millisecond precision. 13 years ago
Victor Julien aac2d91bcc Set DROP flag for reject action so in addition to sending the rst, in IPS mode also drop the offending packet. 13 years ago
Victor Julien f084874998 Fix HTTP state and raw stream not being inspected at the same time. Adds an exception to transaction id handling for HTTP. 13 years ago
Victor Julien 16cfae2f51 Trigger raw stream reassembly on receiving a full HTTP request or response. 13 years ago
Victor Julien f773942ce0 Disable printing dreaded app layer error messages to the screen: app layer events are here to safe us. 13 years ago
Victor Julien 132d9d1789 Add http-events.rules with an example rule for each HTTP event. 13 years ago
Victor Julien f713b653ab Convert error logging for HTTP to use new app layer event API. Expose libhtp warnings to this as well. 13 years ago
Victor Julien e55390e4e7 Add check to invalidate signatures that inspect raw http headers in the to_client direction (response headers) if libhtp hasn't been patched yet. Also add hack to disable the test for unittests, many tests fail and we'll fix those ASAP. 13 years ago
Victor Julien 1ac6054c23 Clean up configure check for htp_tx_get_response_headers_raw. Misc changes. 13 years ago
Anoop Saldanha 4acd5a04e6 Enable http raw response header inspection only if libhtp supports raw response header buffering which should be available post 0.2.6 13 years ago
Anoop Saldanha 9c4954ff42 support http response raw header inspection + carry out hrhd mpm on both request/response headers + add unittests for the same 13 years ago
Anoop Saldanha 1b434f5fff hhd unittests for response headers 13 years ago
Anoop Saldanha e5c3e2cdb1 carry out hhd mpm on both request/response headers 13 years ago
Anoop Saldanha 30247dce8c bug 389 - support http response header inspection + fix bug with stateful inspection for sigs that would have both request/response inpection 13 years ago
William 7d07b5375e Add simple socket to gzip file PoC. 13 years ago
Victor Julien 64f717c880 Set 'livedev' in pcap acquisition module for older libpcap version as well. Fixes a segv. 13 years ago
Victor Julien 5a1a443701 Add example smtp decoding events rules file. 13 years ago
Victor Julien 026a4efc57 Make sure that continued stateful detection only inspects sigs in the proper direction. 13 years ago
Victor Julien 21ee59e6f3 Add signature direction (flow:toserver/flow:toclient) as a signature flag. 13 years ago
Victor Julien d5402d33d4 Simplify detection loop. Inspect packet keywords before the state. 13 years ago
Victor Julien 7fa22e8453 Rename app_layer_events to app-layer-events. Misc fixes/changes. 13 years ago
Victor Julien ecd457db7b Allow flowint names to have dots in them. 13 years ago
Anoop Saldanha 5311cd4866 Support for smtp decoder events 13 years ago
Anoop Saldanha eea5ab4a7a Support for app layer decoder events added + app_layer_event keyword added 13 years ago
Victor Julien 4c1e417d49 Allow non-existing flowints to be incremented. A 'set' to 0 is implied in this case. 13 years ago
Victor Julien d24b3a0e50 Clean up csum detection output, misc fixes. 13 years ago
Eric Leblond 279b8b4027 config: Add explanation for checksum-checks options 13 years ago
Eric Leblond 9a2a4802f4 pf-ring: add support for checksum verif mode 
This patch adds support for checksum verification mode.
Supported mode are yes, no, auto and rx-only.
 13 years ago
Eric Leblond 0399a06f4f pcap: fix typo 13 years ago
Eric Leblond db5ca0f3a4 pcap: add auto mode support 13 years ago
Eric Leblond a565148fb1 af-packet: fallback if 'kernel' mode is not supported 
This patch adds a fallback to full checksum validation if 'kernel'
mode is not supported by the running kernel.
 13 years ago
Eric Leblond 51eb96053c af-packet: auto mode support 13 years ago
Eric Leblond c3eaa6cc60 Add per-interface counter for invalid checksum. 
This patch adds a per-device counter for invalid checksum as
well as a simple packet counter.
 13 years ago
Eric Leblond 745b61171a Introduce LiveGetDevice function 13 years ago
Eric Leblond e893e860d4 Rename LiveGetDevice to LiveGetDeviceName 
The function LiveGetDevice is returning a point to
the name of the interface. This patch renames it to
LiveGetDeviceName which is more appropriate.
 13 years ago
Eric Leblond 1d1271fd38 pcap: add support for checksum verif mode 
This patch adds support for checksum verification mode.
Auto mode is not yet supported.
 13 years ago
Eric Leblond 6062e00c2b af-packet: add support for checksum verif mode 
This patch adds support for checksum verification mode.
Auto mode is not yet supported.
 13 years ago
Eric Leblond 551cb3e4c2 decode: introduce checksum mode enum. 13 years ago
Eric Leblond 623bb38d1c af-packet: Fix typo in error message. 13 years ago
Eric Leblond 8d635ddfc2 detect-csum: incomplete checksum is a valid checksum 
This patch modify checksum match to not alert on packet with
incomplete checksum. They will be checksummed later and thus
can be considered as valid one.
 13 years ago
Eric Leblond 67f791e891 af-packet: add variable to disable offloading detection 
This flag adds variable to disable offloading detection. The effect
of the flag is to avoid to transmit auxiliary data at each packet.
This could result in a potential performance gain.
 13 years ago
Eric Leblond f6ddaf3341 af-packet: parse message to find lack of checksum 
Emitted packet can have checksum offloading. This patch reads
af-packet message parameter to see if the kernel has sent a non
checksummed packet.
 13 years ago
Eric Leblond 5dc46ae7c7 pf-ring: Mark emitted traffic as non checksummed 
The traffic sent by an interface is potentially offloaded. This
patch adds detection of TX packets and set the corresponding flag.
 13 years ago
Eric Leblond 81bc6f5518 Treat incomplete checksum. 
Checksum of local traffic is often offloaded to the network device.
This causes some problems on parsing of this traffic. This patch
introduces a PKT_INCOMPLETE_CHECKSUM flag which can be used to
indicate that the checksum is not computed/correct for good reason.
 13 years ago
Victor Julien 9324ed7b90 Fix icmpv6 ip-only rule not firing. #363. 13 years ago
Anoop Saldanha 517040c4af indentation fix 13 years ago
Anoop Saldanha 37b223645a fix detection engine for alert stability. Fix cases where we have multiple rules having same pattern. We should see good perf increase(~5%) with this change, now that we avoid unnecessary inspection" 13 years ago
Anoop Saldanha 42bc22cfa5 indendation fix 13 years ago
Anoop Saldanha ecc7a769a7 reclaim mpm contexts if no patterns are added to it, even in non-full mode 13 years ago
Anoop Saldanha 1389cf6913 update cuda mpm to support per proto mpm contexts. Fix faulty stream mpm usage of cuda 13 years ago