aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,814 Commits
8 Branches
163 Tags
184 MiB
main-7.0.x
main-8.0.x
main
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1ccb93ab50'
${ noResults }
Commit Graph

307 Commits (1ccb93ab50f890e077d4ea894f9c9a75c67a7092)

Author SHA1 Message Date
William Metcalf 260d0d7673 Steve Grub fixes... Thanx Steve! 16 years ago
William Metcalf 0fe4373b67 Rolled back to 0.2.x branch renamed htp to libhtp 16 years ago
William Metcalf f7111f3847 import of integrated htp lib and small libnet fixes 16 years ago
Jan Jezek fe6a72befc Code is now compilable on the Win32 platform 16 years ago
Anoop Saldanha 41e6735b92 mpm b2g cuda support added 16 years ago
Anoop Saldanha 84df26d3fd cuda interface 16 years ago
Breno Silva b02bb6b6b4 VLAN Support 16 years ago
Breno Silva 7e299834d2 FragOffset Rule Keyword 16 years ago
Pierre Chifflier 4515ae13e4 Add Prelude output plugin 
Add support for reporting alerts to the Prelude SIEM system, using
libprelude to send IDMEF (RFC4765) messages.

Each message contains the alert description and reference (using
the SID/GID), and a normalized description (assessment, impact,
sources etc.)

libprelude handles the connection with the manager (collecting component),
spooling and sending the event asynchronously. It also offers transport
security (using TLS and trusted certificates) and reliability (events
are retransmitted if not sent successfully).

This modules requires a Prelude profile to work (see man prelude-admin
and the Prelude Handbook for help).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 16 years ago
Nick Rogness 2b7b78f1bf Intial IPFW support FreeBSD and OSX 16 years ago
Pablo Rincon 260e581929 First version of the reputation API 16 years ago
Pablo Rincon 17cd010b0c Detect the number of CPUs configured and online. Printing a small summary at the startup 16 years ago
Victor Julien d446b85237 Remove obsolete files. 16 years ago
Steve Grubb f853da7940 Get make distcheck working 
Hello,

Below is a patch that gets "make distcheck" working. Its against the
current code in git. The project version was set to 0.1 in configure,
I changed that to 0.8.1 just so its actually relevant. You might want
to set that to something else.

After checking this patch, I find that there are several source code
files in src/ that are not getting compiled:

-app-layer-detect.c
-app-layer-detect.h
-app-layer-http.c
-reputation.h

Are these new or abandoned? Anyways...here's the patch.

-Steve
 16 years ago
Victor Julien 0d34990d7f Add OpenBSD's strlcpy and strlcat and replace all strcat/strcpy/strncat/strncpy by those calls. 16 years ago
Gurvinder Singh f6b0c481b0 urilen support for engine 16 years ago
Pablo Rincon 705471e4ee Adding single pattern matcher algorithms. If you cannot store a context for the patterns, use SpmSearch() macro. Adding unittests and stats 16 years ago
Pablo Rincon 673afeb4d3 fmemopen wrapper added (fix compilation problems on macosx and freebsd) 16 years ago
Breno Silva 1d055b0e09 ICMP Seq Rule Keyword 16 years ago
Eric Leblond 6cf00d6204 Fix typo in Makefile.am 
This patch fixes a typo in Makefile.am which was preventing
'make tags' from working.
 16 years ago
William Metcalf 8a64321340 raw pcap support additionl ipv4/6 validation 16 years ago
Pablo Rincon b6a3395c08 Adding unittest helper functions for building generic packets, checking arrays of expected match results, perform generic tests, etc. Look at util-unittest-helper.c and detect-ipproto.c for references 16 years ago
Jason Ish e204d07717 Have output modules register themselves so run mode configurator becomes aware of them for purposes of being configured from the config file. 16 years ago
Brian Rectanus c22d42693a Added http_method rule keyword. 16 years ago
Anoop Saldanha f684989f98 dce_iface, dce_opnum, dce_stub_data keyword support 16 years ago
Anoop Saldanha bc4df59414 Support for Classtype keyword and Classification Config file 16 years ago
Victor Julien f0be69dcd0 Fixup smb/smb2/dcerpc wrt loops, debug printing, style. 16 years ago
Victor Julien d5c732f1f9 Add tag keyword stub 16 years ago
Victor Julien 6beee776ca Move rand seed code into util-random 16 years ago
Pablo Rincon f2f9b83280 Adding FTP app layer parser and ftpbounce detection at L7 16 years ago
Gerardo Iglesias Galvan 7e87f373b9 Add icmp_id keyword support 16 years ago
Victor Julien 493715c0d2 Implement alert sid storage in the flow so we can check previous alerts in the flow. 16 years ago
Gerardo Iglesias Galvan e917065e26 Add support for daemon, checking for valid combination of modes 16 years ago
Breno Silva 69eb869cc9 Threshold Rule 16 years ago
Victor Julien ecf86f9c23 Rename to Suricata. 16 years ago
Gurvinder Singh a0f184866c http_cookie keywork support 16 years ago
Gurvinder Singh fc2f7f29fa app layer htp error handling and fixes for memory leaks and segv 16 years ago
Pablo Rincon 1ad6d75dfe Added rpc keyword support at packet level 16 years ago
Pablo Rincon a8d7b71490 First version of flowints 16 years ago
Gerardo Iglesias 991d421394 Changed printf's to logging API functions 16 years ago
Gurvinder Singh 07f7ba55b8 initial support for HTP module init 16 years ago
Victor Julien 2cfa284999 Fix app layer detect to actually work. 16 years ago
Victor Julien f1f7df0766 First iteration of doing app layer detection. 16 years ago
Anoop Saldanha 6ca5dbc9e9 Support fast_pattern modifier keyword for content 16 years ago
Anoop Saldanha dc44700ce5 Support vars lookup from conf file. Current patch support address and port group vars lookup 16 years ago
Anoop Saldanha 7dbc117b37 Host OS Table API. Modifications also make to the radix tree to handle netblocks 16 years ago
Gurvinder Singh cacbf31aad support for ttl keyword 16 years ago
Kirby Kuehl ecaa701bdf smb and dcerpc work 16 years ago
Brian Rectanus ed30067bd7 Ack/Seq Keywords 16 years ago
Jason Ish e0b9e85230 Break out checksum fixup code to make the license separation more clear. 16 years ago
Brian Rectanus ec6c5258b6 Sameip Keyword 16 years ago
Breno Silva 15a8f34d36 Gid Keyword 
Signed-off-by: Brian Rectanus <brectanu@gmail.com>
 16 years ago
Breno Silva 6100a7f610 FragBits Keyword 
Signed-off-by: Brian Rectanus <brectanu@gmail.com>
 16 years ago
Pablo Rincon 1a983fd316 Adding id keyword and unittests 16 years ago
Breno Silva 7dc985aa4e Signature Flags Keyword 
Signed-off-by: Brian Rectanus <brectanu@gmail.com>
 16 years ago
Brian Rectanus e28647032d Add ip_proto support. 16 years ago
Anoop Saldanha 3c21df69d2 Radix Tree structure for the engine 16 years ago
Anoop Saldanha 157d5e8113 Implementation of the logging module 16 years ago
Anoop Saldanha f658ffbc9c Order the signatures based on certain rule parameters like actions, flowbits, flowvar, pktvar, priority etc 16 years ago
William Metcalf 04b0f177fc native PF_RING support with fixes 16 years ago
Breno Silva 27c61ac148 IpOpts Rule Keyword 
Signed-off-by: Brian Rectanus <brectanu@gmail.com>
 16 years ago
Pablo Rincon bdf119ade3 Adding window and isdataat keyword and some unittests 16 years ago
Breno Silva a5e386ce52 Unified2 
Signed-off-by: Breno Silva <breno.silva@gmail.com>
 16 years ago
Brian Rectanus 02a8b583c9 Added byte_test and byte_jump support. 16 years ago
Brian Rectanus af06e6a288 Added byte extraction util. 16 years ago
Victor Julien cfb605aa8a Put the precooked runmodes in a separate file. 16 years ago
Jason Ish c91a4baad5 - Autoconf goo for libyaml. 
- Mock YAML configuration file.

- YAML loader for basic YAML files - not all YAML elements support yet..
  todo.

- Add --dump-config command line parameter to dump the state of the
  configuration db after loading the config file.
 16 years ago
Gurvinder Singh ac53ca5b27 Stream Size rule option 16 years ago
Victor Julien 3636ca9703 Adding a "flow" queue handler. This queue handler passes packets of the same flow to the same queue. Changed the default IDS mode to use this. 
Some output cleanups, shutdown should be cleaner now.
 16 years ago
Anoop Saldanha 22c0ec2bc5 Added support for the csum-<protocol> rules keyword to the detection engine. Keywords added are ipv4-csum, tcpv4-csum, tcpv6-csum, udpv4-csum, udpv6-csum, icmpv4-csum and icmpv6-csum 16 years ago
Victor Julien 086ba5f49b Add 'BySize' field parser. Add stub tls parser. 16 years ago
Breno Silva 9528e02e46 GRE support 16 years ago
Jason Ish e3b538c7d7 Simple configuration API. 
Allow the log directory to be changed.
 16 years ago
Jamie 8817364ef6 initial PPPoE decoder commit 16 years ago
Victor Julien 8e10844f95 Initial code of Application Layer parsing framework. Rename of L7* to AppLayer*. 16 years ago
Breno Silva c90b4e6fcd Decode event rule 16 years ago
Anoop Saldanha a5fb240a4a Changes added for the Performance Counter API 16 years ago
Victor Julien 689bbfdc45 Rename all structure definitions in the "typedef struct _SomeStruct" format to "typedef struct SomeStruct_" to make the Doxygen output more useful. 
Remove the Trie multi pattern matcher code. It wasn't used anymore.
 16 years ago
Breno Silva dec11038c6 PPP Support 16 years ago
Victor Julien 1c2240cfeb Stream reassembly update and WIP code for L7 modules. 16 years ago
Victor Julien 51a9e36e10 Remove vips references. Rename to eidps. 16 years ago
Victor Julien 668e9514d7 Pool update. Stream reassembly start. 16 years ago
Victor Julien 9c7f5afa79 Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update. 16 years ago
Victor Julien ff4b5a5db7 Add support for flowbits. 16 years ago
Victor Julien 657be002d1 Big detection engine update: scan improvements, b2g/b3g updates, bloom fixes, iponly detection implementation, dsize/flow grouping. 16 years ago
Victor Julien 5df5b35e90 Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups. 16 years ago
Victor Julien b2eb954099 Add b3g 3gram BNDM pattern matcher. Fix multi queue nfq initialization. Improve speed of b2g and wumanber. 16 years ago
Victor Julien 1c0ad1d415 Add implementation of the Simple BNDM 2gram pattern matcher algorithm. 16 years ago
Victor Julien 4c4862d838 Improve logging, add alert-output module, at module exit stats, add HTTP POST uri capture. 16 years ago
Victor Julien 9b07710389 Add hashing and bloomfilter api's: now include buildsys update 16 years ago
Victor Julien c4f2fe4bd7 Implement per packet variables and switch the http stuff to it. 16 years ago
William Metcalf 7006085195 udp decoding added icmp unreachables added to reject 16 years ago
Victor Julien ebf41c3b1e Remove obsolete decode-http files. 16 years ago
Victor Julien 1cb274a39a Update build sys 16 years ago
Victor Julien f3a94413db Properly support 'alert ip' rules. Add support for handling ip only rules differently. 16 years ago
Victor Julien dc48c58473 Switch to using a detection engine ctx. 16 years ago
William Metcalf 0ffa1c2465 updates for configure.in, added reject code, some decode stuff for tcp 16 years ago
Victor Julien 05fd319f6c Add log-httplog module that logs http request uri's, hosts and useragents to a per line text format. 16 years ago
Victor Julien eaaeb30cd6 Add noalert keyword for use with sigs that are used for capturing only. 16 years ago
Victor Julien f0ed41fb0a Support priority keyword, add priority to alert-fastlog. 16 years ago
Victor Julien dc224cb2d2 Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented. 16 years ago
Victor Julien d036264f80 Cleanup signature parsing and other detect.c parts. 16 years ago
Victor Julien 151512a45c Split up address code in ipv4 and ipv6 specific files. Cleanups. 16 years ago
Victor Julien b8ad4adf81 complete rename of address2 to address 16 years ago
Victor Julien 28b0d82169 Remove partial and broken address handling implementation now address2 is working. 16 years ago
Victor Julien 7aada782a4 WIP address matching stuff 16 years ago
Victor Julien bab4b62376 Initial add of the files. 16 years ago