aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
18,369 Commits
8 Branches
165 Tags
199 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Commit Graph

2081 Commits (main)

Author SHA1 Message Date
Shivani Bhardwaj 06eafb79d6 detect/flow-pkts: check for both dir 
The functionality of "both" can already be easily achieved by using both
"toclient" and "toserver" in a rule. This just adds the ease of
expression in rule. As it is added now, check the direction for the
pre-existing users of direction as well.
 3 days ago
Shivani Bhardwaj 77abcde9ee rust/flow: add public wrapper for dir 
in order to be able to use it on the C side for elephant flow detection.
 3 days ago
Jason Ish d89b35db56 conf: add SCConfNodeChildValueIsFalse to check for false value 
New function to check is a value is actually set to a false value.
 1 week ago
Philippe Antoine af246ae7ab http: do not use a loop to find the tx count 
As we want the last tx

Ticket: 8156

The generic function AppLayerParserGetTxCnt calls for HTTP1
Transactions.size()

This function has some specific code, as we may have pre-created
a tx that we do not want to count.
This used to get the last tx by iterating over all the transactions
waiting to find the one with max index.
So, instead of using the Transactions.get function, we get the last
tx out of the VecDeque and check its index.
 2 weeks ago
Jeff Lucovsky 9c81f817e8 rust: bindgen update 
Issue: 7389

Update bindgen with `make update-bindgen`
 2 weeks ago
Jason Ish 50224f2ee5 rust: fix clippy warning for unused import 
While debug_validate_bug_on is still used, it does not need to be
imported directly, as that macro is marked with `macro_export`, making
it globally available to the crate.
 2 weeks ago
Philippe Antoine 455b7d1b3b rust: use snake case for applayer_register_protocol_detection 2 weeks ago
Philippe Antoine b4d8aea0ae rust: bindgen SCAppLayerRegisterProtocolDetection 
Ticket: 7662

Changing the struct passed to it to have the minimal number
of useful fields.
 2 weeks ago
Philippe Antoine 1329786f84 detect: new command line option : list-rule-protos 
To list the protocols we can use a in a rule header

Ticket: 635
 3 weeks ago
Philippe Antoine 2349f19977 nfs: use nfsv2 procedure names with nfs_procedure keyword 
Ticket: 5140
 3 weeks ago
Jhonny Sousa 257ed82dbd nfs: Fix NFSv2 STATFS procedure parsing 
Ticket: #5140
 3 weeks ago
Philippe Antoine 15b1bf4865 rust: bindgen SCHTPFileCloseHandleRange 
Ticket: 7762
 4 weeks ago
Philippe Antoine cddbd0b906 rust: bindgen more file functions 
Ticket: 7762
 4 weeks ago
Philippe Antoine 327b8b04a9 rust: bindgen with default derive 
Ticket: 7762
 4 weeks ago
Victor Julien 80d5afe91b pop3: AUTH command handling improvements 
Better track the state so it's known when to expect a base64 request
message. Also better validate the base64.

Ticket: #7994.
 1 month ago
Victor Julien 2973eded56 pop3: convert to nom 8 
Ticket: #8127.
 1 month ago
Victor Julien da2db65f62 pop3: rustfmt 1 month ago
Jason Ish 83d8b1d2f8 quic: update to nom 8.0 
Ticket: #8140
 1 month ago
Philippe Antoine 32ce3d29be detect/krb: use flag u32 for krb5_msg_type 1 month ago
Jason Ish a9eee5dfd9 rust/htp: convert to nom 8 
Ticket: #8090
 1 month ago
Jason Ish ef9cd7beff rust/smb: convert to nom 8 
Ticket: #8089
 1 month ago
Jason Ish 02045e1d62 rust/dcerpc: convert to nom 8 
Ticket: #8093
 1 month ago
Jason Ish 25c98af0e8 rust/detect: convert remaining detection rule parsers to nom 8 
Ticket: #8051
 1 month ago
Jason Ish dea3f9e260 rust/detect: convert error.rs and dependent parsers to nom 8 
Ticket: #8051
 1 month ago
Jason Ish efc32dea41 rust/detect: convert uint nom 8 
And users of uint directly impacted by this change.

Ticket: #8051
 1 month ago
Jason Ish cf604751de rust/util: convert to nom 8 
Ticket: #8088
 1 month ago
Jason Ish 1e01d5adca rust/conf: convert to nom 8 
Ticket: #8087
 1 month ago
Jason Ish c6e8932740 rust/asn1: convert to nom 8 
Ticket: #8086
 1 month ago
Jason Ish 59f8fb30a8 rust/ftp: fix clippy warning 
error: implicitly casting the result of `from_raw_parts_mut` to `*mut [u8]`
        --> src/ftp/response.rs:107:31
 1 month ago
Philippe Antoine cba13ed9b1 rust: bindgen functions needed for datasets 
Ticket: 7762
 1 month ago
Philippe Antoine 12892ba010 rust: bindgen functions neede for features 
Ticket: 7762
 1 month ago
Jeff Lucovsky e1bf5cb1f3 nfs: Support EXCLUSIVE4_1 flag 
Issue: 8006

Support the EXCLUSIVE4_1 create mode added to NFS 4.1
 2 months ago
Philippe Antoine 79e66f76e6 detect: icmp_id is now a generic integer 
Ticket: 7889
 2 months ago
Philippe Antoine 85fa894425 detect: dnp3.func is now a generic integer 
Ticket: 7889
 2 months ago
Philippe Antoine f2b6540c52 htp: bound decompression 
Ticket: 7980

Usage of Vec<u8> instead of Box<u8> gave the ability to callers
to grow the buffer (indefinitely)
This was regressed in 16fee33368

Additionnaly, use rust WriteZero instead of WouldBlock as a more
fitting error when cursor is full, as that error kind is the
one tested by callers.
 2 months ago
Philippe Antoine c61f1cb6d0 detect/integers: rename index all1 to all 
And all to all_or_absent

Ticket: 7929
 2 months ago
Philippe Antoine eb5a2d646b detect/vlan: move vlan.id keyword to generic integer 
Ticket: 7929
 2 months ago
Li Heng c141c55bc6 snmp: can be set to detection-only 
Realloc alp_ctx.ctxs when a dynamic alproto is registered and
g_alproto_max increases. So dynamic alproto can be treated as
real/normal ones. And app-layer switch can be set to any value
of no/deteciton-only/yes.

Ticket: 8000
 2 months ago
Philippe Antoine 439f96dea7 rust: bindgen frames functions 
Ticket: 7667
 2 months ago
Philippe Antoine 92c7be1cb6 rust: bindgen SCSRepCatGetByShortname 
Ticket: 7667
 2 months ago
Philippe Antoine 7447651fa0 output/jsonbuilder: helper function SCJbSetPrintAsciiString 
To replace C PrintStringsToBuffer and avoid a stack alloc
+ copy

Ticket: 8004
 2 months ago
Li Heng 1106323ae1 rust/sip: delete redundant computing codes 
Delete call of is_alphanumeric where is_alphanumeric and
is_token_char are called together. Four places are modified.

Ticket: 8003
 2 months ago
Jason Ish 1efe70a234 rust/ike: convert to nom 8 
Ticket: #8050
 2 months ago
Jason Ish f368324e87 rust/mime: convert to nom 8 
Ticket: #8048
 2 months ago
Jason Ish c5ef615953 rust/mqtt: convert to nom 8 
Ticket: #8047
 2 months ago
Jason Ish 2289069f74 rust/websocket: convert to nom 8 
Ticket: #8046
 2 months ago
Jason Ish 9eeefd0684 rust/bt-dht: convert to nom 8 
Ticket: #8045
 2 months ago
Jason Ish 399f96b07d rust/rdp: convert to nom 8 
Ticket: #8044
 2 months ago
Jason Ish 7c70f74942 rust/telnet: convert to nom 8 
Ticket: #8043
 2 months ago
Jason Ish 2ff2eb1325 rust/ssh: convert to nom 8 
Ticket: #8042
 2 months ago