aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,172 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0768ca9806'
${ noResults }
Commit Graph

2172 Commits (0768ca98065c258f38751bc160b6a811ffb0b7ee)
 

Author SHA1 Message Date
Eric Leblond 51df6beb26 Convert RunModeIpsNFQAuto to new affinity mode. 
The default NFQ run mode is now using the new affinity system. It
thus can be configured via suricata.yaml.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond ea566d6601 Handle management thread with corresponding affinity 
This patch implement the setting of each management threads in
the corresponding thread affinity. This is done by modifiying
thread creation function.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 0809deafc4 Implement function needed for affinity in tm-threads 
This patch features the implementation of affinity related
changes in tm-threads. In place code has been used but some
refactoring has been done to avoid code duplication.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 77f2b6a7a9 Make runmode parse affinity settings. 
This patch modifies runmode to parse configuration file related
to affinity settings. It also prepare the export of the
set_cpu_affinity which was previously local. It is now used
in the affinity and tm-threads files.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 2011366429 Include affinity in runmodes and threadvars. 
This small patch add inclusion of util-affinity.h in the
files that will have to use affinity related features.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 37ee483b75 Add affinity util function and related files 
This patch adds two new files which implement advanced affinity
settings.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 559b5db7df yaml: add config for cpu_affinity 
This patch introduces the configuration part of cpu_affinity
evolution. The idea is to have thread families (receive, stream, ...)
and to be able to specify for each of them:
 - The cpus to use
 - The mode of balancing between the cpus
 - The thread priority to use (value of nice)

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 96e3852191 source-nfq: add define of SOL_NETLINK 
Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Martin Beyer 396b750414 Fixed optional args in SCCudaModuleGetGlobal 14 years ago
Martin Beyer 5dc5d73a66 fixed NULL checks in util-cuda 14 years ago
Martin Beyer 0d4ac48aa0 added texture reference api to util-cuda 14 years ago
Victor Julien d10cf5b4e3 Increase stream msg size. 14 years ago
Victor Julien ec5b622553 Inspect all stream msgs at any time when running in stream-inline mode. Skip detection for packets flagged for dropping before detect. 14 years ago
Victor Julien 48c7f18453 Fix bug in the segment insert code causing an inconsistent segment list in some overlap conditions. 14 years ago
Victor Julien 929ce0bb9b Add a counter to NFQ for modified packets. 14 years ago
Victor Julien 05539d7357 Fix a reassembly overlap issue. Fix a inline reassembly gap handling issue. 14 years ago
Victor Julien 00e4dde6a6 Fix PKT_STREAM_EOF never being set, resulting in some raw stream chunks never being inspected. Improve debug output. 14 years ago
Victor Julien e92ab40d39 Fix compilation for non-DEBUG case. 14 years ago
Victor Julien 1dca88fe69 Do the actual checksum recalculation and packet replacement on modifing a packet in the stream engine. 14 years ago
Victor Julien 2db06cc79e Improve Inline reassembly wrt to GAP handling. Add more tests. 14 years ago
Victor Julien 29e02abc94 Expand and fix stream unittest helpers. 14 years ago
Victor Julien 121e9c72aa Add more debug printing of reassembled data into the app layer api. 14 years ago
Victor Julien 4c82c0e750 Improve RawInline reassembly: remove unnecessary segments from the stream in an earlier stage. Test this properly. 14 years ago
Victor Julien d00c6172c9 Update stream section of example configuration. 14 years ago
Victor Julien 668bd46c1c Add flow prune debug counters (disabled by default). 14 years ago
Victor Julien 4bf4382354 Make sure tunnel packets (and pseudo packets) properly decrement the flow use counter in all cases. 14 years ago
Victor Julien 37587c0b7d Add missing stream inline files. 14 years ago
Victor Julien 3a774165fa Initial version of a inline raw reassembly function that reassembles in a sliding window. Introduce new unittest helpers for stream reassembly. 14 years ago
Victor Julien abdffadc1c Add a new app layer reassembly function that is for inline use, and use it when the stream engine is in inline mode. 14 years ago
Victor Julien 8cacd5fe50 Fix the stream.inline config option. Set PKT_STREAM_EST flag also for packets that are part of a session in a state beyond TCP_ESTABLISHED. 14 years ago
Victor Julien a8bb98836b Don't handle and validate the TCP timestamp at the same time. Instead validate first, then later when all other validation has been done as well, handle. 14 years ago
Victor Julien 8d3f9c53a9 Minor cleanups. 14 years ago
Victor Julien bff70eed6d Update to depth code. Get segment from the correct pool when a payload is truncated. 14 years ago
Victor Julien 66c40f782c Have reassembly errors also set a stream event. 14 years ago
Victor Julien 0f072648e6 Another iteration of the reassembly depth enforcement, now considering retransmissions. 14 years ago
Victor Julien 935958219d Rename RST validation function to match convention 14 years ago
Victor Julien 94fe0d5fa2 Add ACK validation to Reset/RST validation code. 14 years ago
Victor Julien 16cd31a408 Remove unused pseudo packet reassembly code. 14 years ago
Victor Julien bf88a6de09 Add depth comment. 14 years ago
Victor Julien a26768ce7a Change the way the reassembly depth is enforced. Ignore retransmissions, get rid of per session counter. 14 years ago
Victor Julien 7af9c58af7 Improve ACK value validation, timestamp checking code. Overall layout. 14 years ago
Victor Julien 0f5b6a8bd7 Fix minor comment typo. 14 years ago
Victor Julien aa04d9eefb Improve stream gap handling. Instead of giving up as soon as we see a gap we now wait much longer before we decide it's a gap. 14 years ago
Victor Julien 6ffb9da9be Better support ack/psh data packets on several states. Updates to ack validation code. 14 years ago
Victor Julien 6fca55e068 Add some debug output to app-layer-htp. 14 years ago
Victor Julien 25f5589078 First round of adding 'stream events'. Basic stream tracking events added. 14 years ago
Victor Julien 2849d2b1d3 Initial code for stream 'inline' mode: packets that are (partly) overlapping with already accepted packets (meaning in the streams seg list) are rewritten to make sure they contain the exact same data. 14 years ago
Victor Julien 3857154f4b Fix the pseudo packet having the wrong proto set, causing massive fp's. Flag packets to be part of the established phase of a tcp session, so we won't prematurely inspect the app layer state. 14 years ago
Victor Julien 8b5f553a35 Inspect a pseudo packet upon receiving a RST so that we are sure both sides of the TCP session are inspected. 14 years ago
Gurvinder Singh 55a863359c support for pseudo packet creation from reassembled stream segments 14 years ago