aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,728 Commits
7 Branches
161 Tags
202 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Commit Graph

17728 Commits (master)
 

Author SHA1 Message Date
Jason Ish 580a4445cd doc/install: use our recommended header order 4 weeks ago
Jason Ish 6b94689a44 doc/userguide: remove example with CentOS 7 
CentOS 7 is EOL.

Ticket: #7749
 4 weeks ago
Jason Ish 8ed506659d doc/userguide: break out package installation 
Break out RPM, Debian, and Ubuntu package installation into their own
pages.

Also break out other distributions like "Arch" into an "Other" section
with a note about how those packages are not supported by the OISF.

Ticket: #6252
Ticket: #6069
 4 weeks ago
Jason Ish 1de19ee94c doc/userguide: add appendix item on eve schema 
Add some basic documentation on our EVE schema, mainly to show users
that it exists.
 4 weeks ago
Jason Ish 6f20d87ba1 lua: don't accept a table as a return value from match 
Remove the half finished support for accepting a table returned from a
Lua rule's match function. This is not documented, not tested, and not
really implemented.

Also, use lua_tointeger to get the return value from the match function
as an integer instead of a float.

Ticket: #6941
 4 weeks ago
Jeff Lucovsky a300df4c4d detect/entropy: Clarify when entropy is logged 
Clarify when entropy values are logged and associated with non-alert log
records.
 4 weeks ago
Juliana Fajardini cbe621fb09 decode: add stats counters for ipv4/ipv6 over ipv4 
These existed for ipv6 over ipv6, and ipv4 over ipv6, but not for the
ipv4 counterpart.

Task #7758
 4 weeks ago
Juliana Fajardini fdf0fa30c6 decode/ipv6: set packet flow in ip-in-ip 
Bug #7752
 4 weeks ago
Jeff Lucovsky 4f9fa602fa detect/analyzer: Extend analyzer output with dsize value info 
Issue: 6357
 4 weeks ago
Eric Leblond 495a12fad7 datasets: remove useless NULL check 
Coverity did detect that the cleaning code is only reached with
Dataset *set being initialized so the check is useless.

** CID 1649392:       Null pointer dereferences  (REVERSE_INULL)
/src/datasets-context-json.c: 719           in DatajsonGet()
>>>     Null-checking "set" suggests that it may be null, but it has
already been dereferenced on all paths leading to the check.

** CID 1649391:       Null pointer dereferences  (REVERSE_INULL)
/src/datasets.c: 526           in DatasetGet()
>>>     Null-checking "set" suggests that it may be null, but it has
already been dereferenced on all paths leading to the check.
 4 weeks ago
Eric Leblond e947c4030c datasets: remove unreachable code 
As the DatasetGetOrCreate function is called before the creation
of the hash, it will never be available so we can remove the
cleaning.
 4 weeks ago
Philippe Antoine 9f83662f20 util/mpm: grow state queue on demand 
Ticket: 7678
 4 weeks ago
Philippe Antoine 679bd23cb7 util/mpm: factorize code 4 weeks ago
Philippe Antoine 330cff94e8 mpm: allocate StateQueue on the heap for ks 
Completes commit 92fce2fdc0

Ticket: 6264
 4 weeks ago
Jason Ish 4a0f278502 doc/install: windows build documentation 
Ticket: #5911
 4 weeks ago
Jason Ish 53961f66e9 configure: display if we have npcap support 4 weeks ago
Philippe Antoine bca6cbfb04 rust: fix prototype for AppLayerParserTriggerRawStreamInspection 
Ticket: 7762

As it modifies the flow indeed
 4 weeks ago
Philippe Antoine f8168493f6 rust: remove unnecessary cbindgen exclusions 4 weeks ago
Philippe Antoine 59a5b53809 util/mpm: constify arg 
and make rust version use the correct integer type

Ticket: 7762
 4 weeks ago
Jeff Lucovsky e8753b9ba7 util/mtu: Avoid excessive ioctls for MTU 
Issue: 7643

Use the cached livedev MTU value, when available.
 4 weeks ago
Boris Tonofa 97bfa3b108 pcap-log: fix memory leak on error paths after SCStrdup(prefix) 
When PcapLogDataCopy() fails after duplicating pl->prefix,
the allocated 'prefix' string was not freed, leading to a leak.

Ticket: 7759
 4 weeks ago
Jason Ish 17ed6f7b8e windows: use _tzname instead of tzname 
tzname is a POSIX variable, WIN32 has prefixed many POSIX variables
with "_". While Mingw64 supports both, UCRT64 emits a compiler warning
on the usage of "tzname".

This triggered a rather large clang-format update.
 4 weeks ago
Jason Ish 106e09ed57 github-ci: add windows ucrt build 
MSYS2 now recommends the UCRT environment as the default, so we should
probably add a CI job for it.
 4 weeks ago
Jason Ish f35a56fa65 doc/code-style: add rust; minor cleanups 
- Add small section on Rust code, and Rust code exposed to FFI.
- Other minor cleanups.

Ticket: #7078
Ticket: #6955
 4 weeks ago
Jason Ish 249bd32a9d doc/userguide/code-style: update header ordering 
To match our recommended header ordering.
 4 weeks ago
Shivani Bhardwaj 6a6104304d version: start development towards 8.0.0 4 weeks ago
Shivani Bhardwaj cdfebcdc9c release: 8.0.0-rc1; update changelog 1 month ago
Andreas Herz 173132b05b detect/dataset: skip adding localstatedir if fullpath is provided 
When the option to set a full path is enabled and a full path is
provided, skip adding the prefix (based on localstatedir) to the
directory since it would be unexpected and unwanted by a user.

Ticket: 7083
 1 month ago
Eric Leblond 8f26b4a0ff datajson: limit impact of feature for non user 
The det_ctx structure was inflated by the additoin of the array to
handle JSON context. This commit updates the code to use a growing
buffer and limit the impact.
 1 month ago
Victor Julien 36ecda3ea2 detect/alert: optimize context cleanup 
Don't always loop over each alert, but only do so if context was used.
 1 month ago
Jason Ish 25b8cd9761 lua: update to lua 5.4.8002 
This updated crates remove tmpnam from being linked in, removing the
warning.
 1 month ago
Victor Julien 77fb0a1e79 packet: micro optimization in packet recycling 1 month ago
Victor Julien 32223bb6f7 detect: move large array to bottom of detect thread ctx 1 month ago
Eric Leblond 639eb70dda detect/pcre: add needed casts 1 month ago
Eric Leblond f747a3a001 datajson: add needed cast 1 month ago
Eric Leblond cff2198ef3 datajson: fix include in header 1 month ago
Eric Leblond 6e0cad33cb detect: remove some useless tests 1 month ago
Eric Leblond 751f3eef3b doc/userguide: fix some typos 1 month ago
Eric Leblond a297fd029a packet: optimize json context cleaning 
We don't need to recycle the full alert array. This is going to
optimize packet recycle time.
 1 month ago
Eric Leblond 1deca14331 decode: light refactor on packet cleaning 1 month ago
Eric Leblond 8425eed8cd datasets: improve lock handling 
DatasetGetOrCreate should now be called with the dataset lock
hold so the lock management is easier to read.
 1 month ago
Eric Leblond 131bfb9679 detect/dataset: fix locking on datajson 1 month ago
Eric Leblond cf7dda354e detect/dataset: check context_key validity 
As context_key is an user entry and as it is used to build the JSON
string of alert, we could end up with an invalid event if the string
contains improper characters.
 1 month ago
Eric Leblond 803d61c9d1 eve/alert: add comment about string format 1 month ago
Eric Leblond 0f172e721d detect/pcre: fix error handling 1 month ago
Eric Leblond ab5070c0e3 detect/engine: put datajson related code in a func 1 month ago
Eric Leblond e600f40f74 datasets: use SCLogError for errors 1 month ago
Eric Leblond 337472449a detect/engine: remove unused keyword 1 month ago
Eric Leblond cd07db83dc datasets: comment to specify usage of field 1 month ago
Eric Leblond be9e13c6b1 decode: use pointer for PacketContextData 
By adding a pointer instead of the structure in the alert info
we spare some memory.
 1 month ago