aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,767 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '05f562fdc3'
${ noResults }
Commit Graph

2767 Commits (05f562fdc301919dc8333bbe86801dab346d41a3)
 

Author SHA1 Message Date
Eric Leblond 05f562fdc3 logging: use SCLogDebug instead of printf 
This patch uses SCLogDebug instead of printf to enable filtering
of the log message by the log filtering option.
 13 years ago
Eric Leblond 9545a56426 ipfw: suppress poll before sendto 
Calling poll before using sendto seems a bit overkill.
 13 years ago
Eric Leblond 6f1b40dd4b ipfw: don't use socket lock in 'worker' mode 
This patch is the IPFW version of NFQ latest patch.
 13 years ago
Eric Leblond 58855494c1 nfq: do not use mutex in 'worker' mode 
Using a mutex on the queue handle is not necessary in 'worker' mode
as there is no concurrent access to it.
 13 years ago
Eric Leblond ef3951d914 runmode: export running mode 
This will permit to put some optimisation in different components.
This is done via the RunmodeGetActive() function.
 13 years ago
Victor Julien c908574545 Use strtoul instead of strtol for sid parsing. Fixes parsing of really large sid numbers. Fixes #393. 13 years ago
Victor Julien c1a40447c1 IP Only cleanup: make most functions static. Add error message on address parsing issues. 13 years ago
Victor Julien e0cf2ccb91 Fix invalid direction error message. 13 years ago
Victor Julien 801f92f705 Disable the drop.log in the default config. 13 years ago
Eric Leblond db19680794 pcap: fix auto runmode 
This patch fixes initialization of a pointer. The lack of it was
causing an invalid interface value to be given to suricata (in
the case no interface was given on the command line).

Reported-by: Delta Yeh <delta.yeh@gmail.com>
 13 years ago
Eric Leblond 3d558bf06f pcre: compile jit by default if available. 13 years ago
Victor Julien 5a769c02ee Stream engine: handling packets with ACK|CWR. 13 years ago
Anoop Saldanha 999c34111e bug #341 - support for urilen check on both norm and raw buffers 13 years ago
Victor Julien 158d72e7f3 file-inspection: inspect new files in same tx but opposite direction as well. 13 years ago
Victor Julien a6e75aff21 file-extraction: improve handling of complex multipart bodies. 13 years ago
Victor Julien 4eda31df4d file inspection: unset new file available flag when appropriate, prevents duplicate alerts. 13 years ago
Chris Wakelin 2aa04add54 Fix PF_RING BPF filter availability check 13 years ago
Victor Julien fbe7ba411e Add md5 to reference.config. 13 years ago
Victor Julien c0cd2c8596 Update Changelog to reflect changes in 1.1.1 and 1.2beta1. 13 years ago
Anoop Saldanha 6e2c921037 indentation fixes for ac-gfbs 13 years ago
Anoop Saldanha 2eb3aff0af Further improve compression for ac-gfbs. Character codes shifted to 8 bits from 16/32 bits 13 years ago
Victor Julien 0712300a1c Remove stream BUG_ON's that could fire on TCP session reuse. 13 years ago
Anoop Saldanha 0cde8072f4 fix ffr shutdown segv. We need to supply stream TV the the stream engine 13 years ago
Anoop Saldanha 5620844f7d ac-gfbs fix output presence combination with mod table 13 years ago
Anoop Saldanha 153f2ad3eb ac-gfbs update. Minor improvement of compression for state 0. Improves performance 13 years ago
Anoop Saldanha c6cd59bda4 Update ac-gfbs with some rearrangement. Increased performance from 4-10% 13 years ago
Anoop Saldanha e18cf72c13 fix bug in size parsing API. Pass the string returned by pcre_get_substring and not the passed arg. Also use strtod. Solves usage issues on windows 13 years ago
Victor Julien 842b01cc9c Remove duplicate sys/prctl.h configure check. Wrap another include in HAVE_SYS_PRCTL_H. 13 years ago
Eileen Donlon aaa5a78dfe Moved prctl.h check to configure 13 years ago
deltay 37dc83d411 ignore signal SIGPIPE and SIGSYS 13 years ago
Victor Julien c2c539942b Rework the way the http parser can tell the de_state to reset it's file section on arrival of new files in the same tx. Fixes a dead lock in the auto runmode. 13 years ago
Victor Julien 679b8ec1ba Fix filestore match code not expecting NULL file ptr. 13 years ago
Steve Grubb a65eb59c41 Add relro flags to libhtp 
Hello,

The main suricata program can detect and use relro/bind now linker flags. But
the directive is per linked object. This means that while the app has
protection, its code segment containing libhtp does not. The patch below passes
the configure option to libhtp and let's it make use of the compiler's
security protection.

Signed-off-by: Steve Grubb <sgrubb@redhat.com>
 13 years ago
Victor Julien 18d79c4215 file store: respect flowbits and other keywords 
The filestore keyword until now flagged a file, tx or ssn for storage as soon
as the keyword was inspected. This happens before flowbits and some other
keywords, so files were stored that weren't supposed to.

This patch makes the filestore keyword fill an array in the detect engine
thread ctx. Then if the full signature matches, a post-match filestore
function makes the store final.
 13 years ago
Victor Julien 7173256754 Fix compiler warnings in a couple of unittests. 13 years ago
Victor Julien 6d8aa6829d Remove unused variable. 13 years ago
Anoop Saldanha b164247fb8 Changed my email address to anoopsaldanha@gmail.com from my current one - Should have been an amend over my previous commit, but that commit's pushed out 13 years ago
Anoop Saldanha f514b141ce fix ipv6 header setup in pseudo pkt creation 13 years ago
Victor Julien 416b463c51 file-data: add more unittests 13 years ago
Victor Julien 296ce8b5f9 file-data: make bytejump, bytetest, byteextract and isdataat work better with file_data. 13 years ago
Victor Julien 077970051e file-data: implement relative pcre support. 13 years ago
Victor Julien 07e560b137 file-data: initial file_data support 
Support file_data for: content, pcre (relative), byte_test, byte_jump,
byte_extract, isdataat.

File_data support is handled at signature parsing time, all matches
occurring after the file_data in the rule are converted to http_server_body
matches.

Content matches relative to the file_data are converted. Within to depth,
distance to offset. Relative to the start of the body buffer.
 13 years ago
Victor Julien 7adac3048d file-data: create initial keyword registration. 13 years ago
Anoop Saldanha 420befb180 Changed my email address to anoopsaldanha at gmail dot com from my current one 13 years ago
Victor Julien fa0152fa80 Shrink signature flags field to 32 bits. 13 years ago
Victor Julien dd9da1a56f Merge all http mpm related signature flags into a single set: SIG_FLAG_MPM_HTTP and SIG_FLAG_MPM_HTTP_NEG. 13 years ago
Victor Julien d5ed28b065 Remove SIG_FLAG_MPM flag. 13 years ago
Victor Julien fe48920514 Remove per sgh mpm_streamcontent_maxlen variable. It was checked but never set. 13 years ago
Victor Julien 4992f7c417 Remove SIG_FLAG_MPM_URI flag. It was checked but never set. 13 years ago
Victor Julien 2650551192 Rename signature init flags to indicate they are init flags. 13 years ago