aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,892 Commits
10 Branches
154 Tags
166 MiB
dependabot/github_actions/actions/checkout-4.2.1
dependabot/github_actions/github/codeql-action-3.26.12
dependabot/github_actions/actions/upload-artifact-4.4.3
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '02218a8a42'
${ noResults }
Commit Graph

11892 Commits (02218a8a42b684eeaabe1ce97325ffdc6eeb208b)
 

Author SHA1 Message Date
Jeff Lucovsky dabd50eeee detect: Register icmpv4 header 4 years ago
Jeff Lucovsky ac8532966b detect: Add icmpv4.hdr sticky buffer 
This commit adds a new sticky buffer to access the ICMPv4 header.
 4 years ago
Jeff Lucovsky 7cbe7c6463 detect: New enum for icmpv4 header keyword 4 years ago
Jeff Lucovsky 988bb26828 decode: Improved handling of ICMPv4 messages 
This commit improves handling of ICMPv4 messages, especially those with
variable sized headers.

This commit also adds a header length variable for use by the new
sticky buffer for the header.
 4 years ago
Victor Julien a9249cb2f6 github-ci: fix debian 10 test using rustup 4 years ago
Jeff Lucovsky 828bf6d1d6 detect: Treat offset as a signed value 
This commit updates the detector to treat 'offset' as a signed value to
be compatible with Snort.
 4 years ago
Phil Young 76de981574 napatech: Added comment indicating that hba will be deprecated 
HBA will be deprecated in Suricata 7
 4 years ago
Phil Young dc5349a30c napatech: Add Deprecation Warning Message for HBA 
Added a message that HBA will be deprecated in the future and removed
hba from default conf file.
 4 years ago
Jason Ish 3030a3da18 doc: provide eve 1 deprecation date 4 years ago
Jason Ish 8dbc774dfa dns: eve 1 deprecation warning 
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4137
 4 years ago
Jason Ish d8242c5d07 dns: fix leak in dns v1 logging 
Intermediate JsonBuilder object was not being freed.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4086
 4 years ago
Phil Young fa77e02cf1 napatech: Removed restriction on use of inline mode 
Removed the unnecessary restriction on the use of inline mode only when
bypass is enabled.  Now, Inline can be used independent of bypass
functionality.
 4 years ago
Phil Young 789dcbd49d napatech: Fix potential double release of packet 
This addresses readmine issue #4018.  There was the potential for a packet
buffer to be released twice in response to an error condition.  This
addresses this by only calling NT_NetRxRelease() when the p->ReleasePacket
is called.
 4 years ago
Philippe Antoine 7d594d8710 fuzz: better packet recycling in sigpcap target 
need especially to set datalink for every packet
 4 years ago
Philippe Antoine c93cbe66c2 fuzz: applayer target uses yaml config 
so that every app-layer protocol is enabled
 4 years ago
Philippe Antoine f29982c03c ci: adds cifuzz workflow 4 years ago
Philippe Antoine 9cf1d29005 fuzz: adds fuzzing status badge in README 4 years ago
Sascha Steinbiss ea2bc4c962 eve: do not access flow storage in packet context 
We must make sure not to access the flow storage (e.g. keeping a
MacSet) before making sure we have a flow to begin with, We can,
for example, run into an alert without a flow with `ip` rules,
in which case the flow might be NULL. See Redmine issue #4109.
 4 years ago
Jeff Lucovsky d2c8c9f58e github-ci: Improve body parsing 
This commit improves handling of the PR body parsing to eliminate
unneeded characters.
 4 years ago
Jeff Lucovsky 68418a26db detect/file-data: Improved support for share bufs 
This commit improves support for shared buffer usage, i.e., when
multiple rules share the file data (http) buffer and apply different
combinations of transforms and fast_patterns (or none).
 4 years ago
Jason Ish 2ede736116 github-ci: remove deprecated set-env and add-path 
Use the new methods for setting an environment variable and
updating the PATH.
 4 years ago
Victor Julien 0eb692e500 mingw: fix format string warnings 4 years ago
Victor Julien 606750f2a0 github-ci: add windows build with suricata-verify 
Initial attempt with a few hacks:
- npcap dlls are extracted from the installer and placed in cwd
- cbindgen is installed system wide desipte a preinstalled copy

This does not yet hook into the "prep" build from build.yaml or
support using custom support PRs/branches (SV, SU).
 4 years ago
Victor Julien 4e1f151fc3 appveyor: remove in favor of github-ci 4 years ago
Victor Julien ba2a9be11a detect/mpm: fix id confusion in mpm_ctx sharing 
Mixing of dynamic id's and hardcoded config values could possibly
lead to the settings not getting applied properly.
 4 years ago
Victor Julien 82d7f64630 detect/mpm: improve transforms handling 
Make sure keywords with transforms get their own mpm ctx, instead of
sharing it with the 'pure' version of the keyword.
 4 years ago
Victor Julien ee15bd8076 detect/mpm: rename variable to ease code review 4 years ago
Victor Julien 51f4e4d0b7 dcerpc/udp: add missing tx free logic 4 years ago
Victor Julien 9f9c29a14a dcerpc: fix stream flag handling 
Only hardcoded direction flags were passed to the parser, not the
full range.

Handle receiving an EOF flag w/o data.

Bug: #3856
 4 years ago
Victor Julien f31372ad1d dcerpc/tcp: fix compile warning 
warning: variable does not need to be mutable
    --> src/dcerpc/dcerpc.rs:1036:42
     |
1036 |                     let tx = if let Some(mut tx) = self.get_tx_by_call_id(current_call_id, core::STREAM_TOCLIENT) {
     |                                          ----^^
     |                                          |
     |                                          help: remove this `mut`
     |
     = note: `#[warn(unused_mut)]` on by default

warning: variable does not need to be mutable
    --> src/dcerpc/dcerpc.rs:1061:30
     |
1061 |                         Some(mut tx) => {
     |                              ----^^
     |                              |
     |                              help: remove this `mut`
 4 years ago
Victor Julien 67b5295bbc dcerpc/tcp: add missing detect state cleanup 4 years ago
Angelo Mirabella c72069c3b2 detect/magic: fix crash on rule reloading 
This changseset fixes a bug causing a segmentation fault.
When rules are reloaded and a rule using libmagic matches, suricata
crashes due to an improper reinitialization of the thread contexts.

Bug: #3726
 4 years ago
Angelo Mirabella ea15282f47 unix-socket: fix alert metadata logging 
This changeset fixes a bug that was preventing suricata to dump
alert metadata info when running in unix-socket mode.
When running in unix-socket mode, suricata was skipping the
initialization of the output modules and, as a consequence,
the metadata output module was never invoked.
 4 years ago
Victor Julien 62cc0c7acf alert/syslog: fix minor compile warning 4 years ago
Victor Julien 4e925ca260 stream: harden data size handling 
Handle edge cases around ACKs and last_ack getting below
'app_progress', which can happen during shutdown of a flow
with multiple GAPs.
 4 years ago
Victor Julien 5391746518 stream: bail early if no data after a gap 4 years ago
Victor Julien 27c9280735 stream: harden data size handling 4 years ago
Victor Julien 8a08fe82d4 stream: don't send STREAM_START multiple times 4 years ago
Victor Julien 479078d377 detect/content: add more negation tests 4 years ago
Victor Julien c41e64d637 dnp3: reword warning message 4 years ago
Victor Julien 36a93380a5 defrag: fix pthread warning on OpenBSD 4 years ago
Victor Julien 95729e923f configure: remove left over reference to unified2 4 years ago
Victor Julien c95850c6ce doc/rules: document config rule option 4 years ago
Victor Julien 8fdee4f685 version: start development towards 6.0.1 4 years ago
Victor Julien 5219691f45 version: update to 6.0.0, require libhtp 0.5.35 4 years ago
Victor Julien df5f96c5f0 changelog: update for 6.0.0 final 4 years ago
Jason Ish 400b26ad68 logrotate: reindent to 4 spaces 
4 spaces seems to be the norm on Linux, so reindent from a mix
of 8 spaces and tabs to 4 spaces.
 4 years ago
Philippe Antoine 61d0cd1399 signature: checks protocol for file.name keyword 
By setting the flags as for the filename keyword (not sticky version)
 4 years ago
Philippe Antoine bde0c88984 dnp3: more precise probing for banners 4 years ago
Philippe Antoine 12dfc33e05 dnp3: fix probing test not using final null in string 4 years ago