aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,767 Commits
12 Branches
155 Tags
192 MiB
dependabot/github_actions/actions/upload-artifact-4.6.1
dependabot/github_actions/codecov/codecov-action-5.4.0
dependabot/github_actions/github/codeql-action-3.28.10
dependabot/github_actions/actions/download-artifact-4.1.9
dependabot/github_actions/ossf/scorecard-action-2.4.1
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '05f562fdc3'
${ noResults }
Commit Graph

2767 Commits (05f562fdc301919dc8333bbe86801dab346d41a3)
 

Author SHA1 Message Date
Victor Julien 70f0d3d2e7 Add negation to filename and fileext, use same syntax as with content. 13 years ago
Victor Julien 32fb9f375d log-file log-dir option added, meta file created, fixes. 13 years ago
Victor Julien a6b7a560f1 Fix a bug in the HTTP file closing. 13 years ago
Victor Julien 7e3d537338 Fix setting libhtp personality. 13 years ago
Victor Julien 1eef36b011 Initial checkin of a log-file module, that can write files extracted from flows to disk. 13 years ago
Victor Julien 3c1edf3763 Add a file descriptor to the flow file structure. 13 years ago
Victor Julien cd618e48df Allow for 0 (unlimited) HTTP request_body_limit, fix option parsing. 13 years ago
Victor Julien 4723f07254 Improve testing and fix some bugs. 13 years ago
Victor Julien 9d5d46c4bb Implement flow file storage API, create HTP wrappers for it, use it in HTTP parsing. 13 years ago
Victor Julien a0ee6ade3e Improve HTTP multipart parsing, add streaming parsing for files. 13 years ago
Victor Julien 4537f889ef Handle all strings as raw strings in HTTP content-type and content-disposition header parsing. 13 years ago
System Administrator 222bc6e935 Flow files 13 years ago
Pablo Rincon 6d60b3a747 filename and fileext keywords 13 years ago
Victor Julien 06b1d71032 Small optimizations to IPV4 and TCP header parsing. 13 years ago
Eric Leblond 0256ca2422 af-packet: fix compilation on new systems. 
Inclusion of if_packet.h was missing when the support of new options
related to packet fanout is present in the file.
 13 years ago
Anoop Saldanha bf24272c28 changes to accomodate master rebase 13 years ago
Anoop Saldanha 997eaf42a8 add thread local storage support for smtp + remove pmq that was init/freed as part of smtp_state alloc to use the thread local data passed by the app layer engine 13 years ago
Anoop Saldanha 9a6aef459e modify all relevant app layer API calls to accomodate passing parser local storage argument 13 years ago
Anoop Saldanha d3468d88b0 app layer udp cleanup + update dcerpc udp todo 13 years ago
Anoop Saldanha 01a35bb604 introduce app layer local storage api support 13 years ago
Anoop Saldanha 87599bc78d minor changes in smtp parser decoder wrt direction check loop + add missing ifdef unittests 13 years ago
Anoop Saldanha 3a856fed12 update detection engine to compare flow alproto with sig_alproto, rather than sm alproto. 13 years ago
Anoop Saldanha 4d38a571cc smtp reply code mpm phase support added 13 years ago
Anoop Saldanha 4a6908d3e9 fix smtp parser handling fragmented lines + add new unittests to check the same 13 years ago
Anoop Saldanha 2b356dadff Support for tos keyword added 13 years ago
deltay 211193b0af Get pidfile from config file if not available in command options 13 years ago
Victor Julien 262a7300d7 flow: shrink Flow datatype 
Introduce a separate FlowAddress structure for holding the ipv4 or ipv6 address
that doesn't have the family in it like the Address structure. Instead, the
family is stored in the flow as a flag: FLOW_IPV4 and FLOW_IPV6.

Add macro's to check the family, copy the address, etc.

Update many unittests to reflect these changes. Introduce unittest helper
functions for creating and initializing a flow and freeing it again.

On 64 bit this shrinks the flow with 8 bytes.
 13 years ago
Victor Julien 06904c9024 App Layer cleanup 
Removal of per flow 'aldata' array. It contained a ptr for each ALPROTO. Instead now we have 2 ptrs in the flow: alparser and alstate.
Various cleanups and dead code removal from the app layer API.
Should safe 100+ bytes memory per flow on 64 bit.
Updated lots of unittests to reflect these changes.
 13 years ago
Victor Julien a0b532dc45 stream reassembly: simplify base_seq tracking for protocol detection. Shrinks TcpStream structure. 13 years ago
Victor Julien 7e3c15e54a stream: improve TCP ssn reuse cleanup. 13 years ago
Victor Julien 9769510ba3 flow: support requeue of flows from closed to new list for TCP ssn reuse. 13 years ago
Anoop Saldanha 4130c5e2b8 if flow has disabled app layer inspection, disable buffering the segments unnecessarily in inline reassembly 13 years ago
Anoop Saldanha 43cbed8c92 enable toclient alproto detection for inline reassembly 13 years ago
Anoop Saldanha f684b60127 if flow has disabled app layer inspection, disable buffering the segments unnecessarily 13 years ago
Anoop Saldanha 08bd8ec4e2 on failed alproto detection on both sides, only disable app layer inspection. No reassembly disabling for any direction 13 years ago
Victor Julien c9960473bb Fix stream reassembly engine rejecting valid packet for reassembly. 13 years ago
Victor Julien d9ad1b00b3 Clean up SID allocation for decoder and stream rules. 13 years ago
Anoop Saldanha 55ed6c2a55 disable session reassembly for either/both the directions, only when we have established failed proto detection in both the directions 13 years ago
Anoop Saldanha 4650bf7170 minor code cleanup. remove commented out code 13 years ago
Anoop Saldanha de9ad02b59 Remove leftover imap and msn toclient alproto PM contents 13 years ago
Anoop Saldanha caf26c2618 More updates to FFR code. Handle cases where we actually need to force stream reassembly and just have smsgs to be processsed by detection engine separately 13 years ago
Anoop Saldanha bc216a3396 fix/updates to app layer proto detection 13 years ago
Anoop Saldanha 78e6a7f713 enable toclient alproto detection. Detection all current alproto toclient PMP patterns 13 years ago
Anoop Saldanha 9c8d404db1 FFR update-fix. Fix check where we decide whether we need to send pseudo pkt or not 13 years ago
Anoop Saldanha b08b390bcd fix for bug 375 - update radix test that wrongly uses memset and sizeof 13 years ago
Victor Julien 3d845b6c77 Consider Windows new line chars as well when parsing rule files. Bug #374. 13 years ago
Eileen Donlon a92d15ed37 Fixed duplicate signature check 13 years ago
Anoop Saldanha 99baf18c8d updates to ac-gfbs search. Remove unnecessary casting of pointers 14 years ago
Anoop Saldanha 11e7dda59a updates to ac-gfbs search. Introduce handling cases where state_count is < 32k 14 years ago
Anoop Saldanha 708c4ad055 updates to ac-gfbs search. Combine output presence with mod goto table 14 years ago