suricata

Commit Graph

Author	SHA1	Message	Date
Shivani Bhardwaj	e4b3b75b23	version: start development towards 8.0.1	7 days ago
Shivani Bhardwaj	9956286fb8	release: 8.0.0; update changelog	1 week ago
Shivani Bhardwaj	6a6104304d	version: start development towards 8.0.0	4 weeks ago
Shivani Bhardwaj	cdfebcdc9c	release: 8.0.0-rc1; update changelog	1 month ago
Philippe Antoine	6dbc421825	rust: bindgen AppLayerParserConfParserEnabled Ticket: 7667	1 month ago
Philippe Antoine	49b2a2be5d	rust: bindgen SCAppLayerParserRegisterLogger Ticket: 7667	1 month ago
Philippe Antoine	7bfef2e1e8	rust: bindgen AppLayerParserRegisterParserAcceptableDataDirection Ticket: 7667	1 month ago
Philippe Antoine	1ff4dbfc24	rust: bindgen AppLayerParserSetStreamDepth Ticket: 7667	1 month ago
Philippe Antoine	b29d46d81f	rust: bindgen SCAppLayerParserStateIssetFlag Ticket: 7667	1 month ago
Philippe Antoine	6d56beffef	rust: bindgen AppLayerParserStateSetFlag Ticket: 7667	1 month ago
Philippe Antoine	7bb0c94ae9	rust: bindgen app-layer-detect-proto.h Ticket: 7667	1 month ago
Jason Ish	4a655053e8	mdns: add mdns parser, logger and detection The mDNS support is based heavily on the DNS support, reusing the existing DNS parser where possible. This meant adding variations on DNS, as mDNS is a little different. Mainly being that all mDNS traffic is to_server, yet there is still the concept of request and responses. Keywords added are: - mdns.queries.rrname - mdns.answers.rrname - mdns.additionals.rrname - mdns.authorities.rrname - mdns.response.rrname They are mostly in-line with the DNS keywords, except mdns.answers.rdata which is a better than that mdns.response.rrname, as its actually looking at the rdata, and not rrnames. mDNS has its own logger that differs from the DNS logger: - No grouped logging - In answers/additionals/authorities, the rdata is logged in a field that is named after the rdata type. For example, "txt" data is no longer logged in the "rdata" field, but instead a "txt" field. We currently already did this in DNS for fields that were not a single buffer, like SOA, SRV, etc. So this makes things more consistent. And gives query like semantics that the "grouped" object was trying to provide. - Types are logged in lower case ("txt" instead of "TXT") - Flags are logged as an array: "flags": ["aa", "z"] Ticket: #3952	2 months ago
Philippe Antoine	6bc86230a5	rust: bindgen part of util-debug.h Ticket: 7667 Especially SCLogLevel whose enum redef is removed in rust	2 months ago
Philippe Antoine	a2b5225612	rust: bindgen SCSigMatchAppendSMToList Ticket: 7667	2 months ago
Philippe Antoine	78034b218d	rust: bindgen SCDetectSignatureSetAppProto Ticket: 7667	2 months ago
Philippe Antoine	dc20129195	rust: bindgen SCDetectHelperBufferMpmRegister Ticket: 7667	2 months ago
Jeff Lucovsky	07205ab057	detect/xform: Support transform identity data Transforms that support optional strings, like from_base64 and pcrexform, should also support identity-strings to treat transforms with like transform options as the same. This commit adds transform identity data handling: - When computing a hash, include identity data from the transform - When comparing, include the identity data from the transforms - Omitting the "options" ptr from the transform hash/compare - Modify xor, pcrexform and from_base64 to supply identification data for disambiguation in the compare/hash logic.	2 months ago
Philippe Antoine	4af3bd9c91	rust: bindgen SCDetectHelperKeywordSetCleanCString Ticket: 7667	2 months ago
Philippe Antoine	13449344e8	rust: bindgen SCDetectHelperKeywordRegister Ticket: 7667	2 months ago
Philippe Antoine	f909bbba68	rust: bindgen SCDetectHelperKeywordAliasRegister Ticket: 7667	2 months ago
Philippe Antoine	a7448a0c16	rust: bindgen SCDetectHelperBufferRegister Ticket: 7667	2 months ago
Philippe Antoine	0d82e905bc	rust: bindgen DetectHelperMultiBufferMpmRegister Ticket: 7667	2 months ago
Philippe Antoine	dfa4df9f54	rust: bindgen SCDetectHelperMultiBufferProgressMpmRegister Ticket: 7667	2 months ago
Philippe Antoine	fd7bd9c200	src: new file detect-engine-inspect-buffer.h For InspectionBuffer structure and related functions Bindgen it for rust, especially transforms Ticket: 7667	2 months ago
Philippe Antoine	df0dc2e8ea	rust: bindgen SCDetectSignatureAddTransform by moving it to detect-engine-buffer.h and prefixing it Ticket: 7667	2 months ago
Philippe Antoine	cf336396c3	rust: bindgen detect-engine-helper.h Ticket: 7667 Begin by focusing on transforms	2 months ago
Philippe Antoine	dadf9012fc	rust: bindgen detect-engine-buffer.h Ticket: 7667 And prefix SCDetectBufferSetActiveList to be exported Allows less use of suricata crate in plugin as we get the functions prototypes from suricata_sys and they are more correct.	3 months ago
Jason Ish	8b2fafcfa2	version: start development towards 8.0.0-rc1	3 months ago
Philippe Antoine	51859050cb	rust: export jsonbuilder API in sys crate using cbindgen + bindgen	3 months ago
Philippe Antoine	3b271b3f5b	detect: rename with prefix SCSigTablePreRegister to make it available to rust via bindgen	3 months ago
Philippe Antoine	d24a3eb5f6	snmp: register protocol dynamically Ticket: 4103	3 months ago
Philippe Antoine	924129b185	output: public header for use in rust Ticket: 5053 Move enum OutputJsonLogDirection and struct EveJsonTxLoggerRegistrationData to a public header user by rust thanks to bindgen Rename to use SC prefix on the way And make EveJsonSimpleTxLogFunc use a const pointer to transaction	3 months ago
Philippe Antoine	243d14cda2	output: plugins can log flow or packet direction	3 months ago
Philippe Antoine	850bd72399	app-layer: helper function AppProtoNewProtoFromString So that we do not have to know g_alproto_max to register dynamically a new protocol from its name	3 months ago
Philippe Antoine	30af626a92	conf: extend API for rust Will allow rust to list the values of an array such as dns.types for outputs	3 months ago
Jason Ish	813eb27b95	rust/conf: use generated bindings to SCConf API	4 months ago
Philippe Antoine	c164cfcf6b	plugins: check version for all plugins	4 months ago
Philippe Antoine	5742df3783	plugins: bind constant SC_PLUGIN_API_VERSION	4 months ago
Philippe Antoine	52862e50be	plugin: constify some fields including the tx parameter to the logger function	4 months ago
Jason Ish	10ede91536	rust: add bindings to SCPlugin.* to sys crate Also disable bindgen's generated layout tests. They are valid for the platform generating the tests, but may not be valid for other platforms. For example, if the tests are generated on a 64 bit platform the tests will not be valid when run on a 32 bit platform as pointers are a different size. However, the generating bindings are valid for both platform. Ticket: #7341	5 months ago
Jason Ish	9b73de6f6d	rust: add auto-generated header to sys.rs We don't keep bindgen's autogenerated do not edit line as it contains the bindgen version which could break the CI check for out of date bindings. So add our own do not edit line. Ticket: #7341	5 months ago
Jason Ish	21ccc4f307	rust: integrate bindgen to generate Rust bindings to C Bindgen works by processing a header file which includes all other header files it should generate bindings for. For this I've created bindgen.h which just includes app-layer-protos.h for now as an example. These bindings are then generated and saved in the "suricata-sys" crate and become availale as "suricata_sys::sys". Ticket: #7341	5 months ago
Jason Ish	8f22e55678	rust/sys: stub in suricata-sys crate for Rust bindings to C Follow Rust convention of using a "sys" crate for bindings to C functions. The bindings don't exist yet, but will be generated by bindgen and put into this crate. Ticket: #7341	5 months ago

43 Commits (master)