Commit Graph

13313 Commits (08e349a8bb0dbd16c0cc549eccb9f16030d6eb0c)
 

Author SHA1 Message Date
Philippe Antoine d5abaf0b38 decode: fix integer warning
Newly introduced warning.
Regular cast as value is checked just before.

Ticket: #4516
3 years ago
Philippe Antoine 717e51b7cf defrag: fix integer warnings
Ticket: #4516
3 years ago
Philippe Antoine 2d761810db rust: cbindgen first verifies existing bindings
So as not to recompile every C file inclusing rust.h
3 years ago
Philippe Antoine ced96a8aad detect: parsing avoiding infinite loop
by comparing size_t to strlen result
Instead of uint16_t which would loop

Ticket: #5310
3 years ago
Philippe Antoine 875eb58fb0 file: use functions on fd to avoid toctou
Ticket: #5308
3 years ago
Philippe Antoine ecb8dd4de0 util: check for unsigned overflow in rohash
To make CodeQL happy
3 years ago
Jason Ish adda8801d8 conf: remove ConfGetValue
All uses of ConfGetValue are satisfied by ConfGet
3 years ago
Philippe Antoine 5bd19135b0 util: remove malloc from streaming buffer config
as it is unused
3 years ago
dependabot[bot] 0dd7c23fa0 github-actions: bump actions/cache from 3.0.2 to 3.0.3
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](48af2dc4a9...30f413bfed)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Andreas Dolp db73a12540 doc/tls: Add documentation for TLS logging 3 years ago
Andreas Dolp f42bb45ccd doc/tls: Remove redundant example 3 years ago
Andreas Dolp e9976a0e14 suricata.yaml.in: Fix default value of prealloc-sessions 3 years ago
Andreas Dolp 324f5ec10c doc: Add missing ")" in example 3 years ago
Andreas Dolp 32b39d054f suricata.yaml.in: Remove duplicate "with" in comment. 3 years ago
Andreas Dolp e4163c4e02 doc: Fix typos 3 years ago
Andreas Dolp 49bd6cfa5d doc: Fix broken link 3 years ago
Philippe Antoine 284ad462fc output: adds schema.json
Ticket: #1369
3 years ago
Victor Julien ebf0629615 log-pcap: remove tunnel locks
The tunnel lock mutex only "protects" the tunnel synchronization,
not the packet data, length or datalink fields.
3 years ago
Victor Julien e7ab96c389 nflog: fix datalink compile issue 3 years ago
Juliana Fajardini 43d28f251f util/action: convert unittests to FAIL/PASS API
Task #5371
3 years ago
Juliana Fajardini 9b9b6aa2ce util/action: unittests clean-up (to sv tests)
Removing all unittests that work better as suricata-verify tests.

Task #5371
3 years ago
Victor Julien 4ed6c928aa unittest: minor helper cleanup 3 years ago
Victor Julien 41b5364511 detect/parse: cleanup test 3 years ago
Victor Julien a437dde739 detect: parsing test cleanups/improvements 3 years ago
Victor Julien e738b10e23 host-os-info: add test to show mixed ipv4/ipv6 3 years ago
Victor Julien f3d887310c rule/vars: clean up tests 3 years ago
Victor Julien 1b65af2867 detect/iponly: minor code cleanup 3 years ago
Victor Julien beecc1890f detect/iponly: include postmatch in determination 3 years ago
Victor Julien 4b097460c2 detect/iponly: simplify handling of 'any' parsing 3 years ago
Victor Julien ffef10c5d7 detect: address parsing variable rename to match code style 3 years ago
Victor Julien 51ef6f4e3a detect/iponly: remove unused code 3 years ago
Juliana Fajardini 6ccc01a79c rust: fix doc comments that trigger rust warnings
Rust generates warnings that are treated as errors for documentation
blocks before `extern` blocks.
3 years ago
dependabot[bot] fbbf23b930 github-actions: bump ossf/scorecard-action from 1.0.4 to 1.1.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](c1aec4ac82...5c8bc69dc8)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Victor Julien f4f63ebff8 stream: add packet header outside of lock 3 years ago
Victor Julien 419920288c log/pcap: open handles outside of lock 3 years ago
Scott Jordan c751c45850 log/pcap: add buffer timeout
Set timeout for pcap log so that packets do not sit
in buffer. Set default to one second.
3 years ago
Scott Jordan 2bf3172dd1 stream: memcap tracking for TcpSegment alloc 3 years ago
Eric Leblond 47a5e6356d log/pcap: handle case of multiple link types 3 years ago
Eric Leblond 2c2fc6cd91 flow: set datalink for pseudo packet
Set pseudo packet datalink to the global one. This fixes the case
where the pcap handle is open with information coming from a
pseudo packet. Without this, we did end up in most cases with
an Ethernet packet being written in a Raw pcap.
3 years ago
Eric Leblond 1c2fba57f8 suricata: introduce global linktype
As Suricata is not supporting pcap-ng we have to stick with one single
datalink type for the capture if ever we want to do pcap logging.
Assuming this, this patch introduces a function to set the link
type globally. This will be used with pcap conditional logging
to get the logging of TCP segments with the correct link type.
3 years ago
Eric Leblond 584136ecb7 log/pcap: log segments for pseudo packets 3 years ago
Eric Leblond 8f0ef48e82 log/pcap: fix conditional pcap in tag mode
We were missing the first packet when using condition pcap logging
in tag mode as it was not tagged. As a result we were not getting
the stream data triggering the alert in the pcap file.
3 years ago
Eric Leblond 9f4d59b3f7 detect/tag: add a tag for first packet
We may need to know that a packet has been tagged but is the
first one (and thus is not tagged).
3 years ago
Scott Jordan 6cfc3343e7 log/pcap: dump segments of both sides of tcp session.
This patch updates tcp segment dumping to dump segments
from both sides of the session in order when capturing
alerts and tags.
3 years ago
Eric Leblond 6f06f7c22c doc: add info about capture_file key 3 years ago
Eric Leblond faab853685 log/pcap and eve/alert: get pcap filename to support multi mode
This patch adds a function to get the current pcap file name that
will be used to current packet. This patch also  updates EVE
alerts to add pcap output filename when pcap capture is done in
multi or normal mode.
3 years ago
Eric Leblond 2317fd83ef log/pcap: fix typo in error message 3 years ago
Eric Leblond 3908166f91 stream: count realloc in memcap
TCP memory cap was not taking into account the memory that can
be used by realloc of Packet headers in TCP segments.
3 years ago
Eric Leblond 0f14c55e52 log/pcap: update copyright date 3 years ago
Eric Leblond 0c7e4c13a1 doc: add conditional pcap logging info 3 years ago