aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,399 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '285cc29ec0'
${ noResults }
Commit Graph

16399 Commits (285cc29ec029dea68f74bbdba5f421d80de21e6c)
 

Author SHA1 Message Date
Sascha Steinbiss 285cc29ec0 redis: add automatic trimming support for streams 4 months ago
Sascha Steinbiss d3d9f1c395 redis: implement XADD stream support 
Ticket: #7082
 4 months ago
Juliana Fajardini 1860aa81e6 userguide: fix integer keyword matches list format 
List wasn't being properly rendered.
 4 months ago
Jason Ish 45384ef969 rust/applayer: use c_int as return type for get_info_by_id 
Rust was using i8 as the return type, while C uses int. As of Rust
1.82, the return value is turned to garbage over the FFI boundary.

Ticket: #7338
 4 months ago
Jason Ish b44fc62e60 eve/schema: add missing field "code" anomaly events 4 months ago
Jason Ish 30806ce2b7 eve/tls: use BIT_U64 for flags 
Minor cleanup.
 4 months ago
Jason Ish 2462d9d4cf eve/tls: remove unused SC_ATOMIC_EXTERN 4 months ago
Jason Ish cc519beb91 suricata.yaml: add missing custom tls fields 
Also update the suricata.yaml in the userguide.
 4 months ago
Jason Ish 714ada136c eve/tls: cleanup headers; update copyright year 4 months ago
Jason Ish 377989df6c eve/tls: reimplement basic and extended logging in terms of custom 
Will prevent custom logging options getting out of sync with whats
available in extended.

Ticket: #7333
 4 months ago
Jason Ish 2e788408c0 eve/tls: remove broken check for ja3 being enabled 
During EVE TLS setup, a broken check for Ja3 being enabled led to Ja3
being disabled, but only in custom mode. This check is not needed, if
Ja3 is disabled, it won't be available, and won't be logged.

This is required to implement "extended" in terms of "custom" fields.
 4 months ago
Jason Ish 6a185a8f96 eve/tls: add alpn logging to custom output 
Adds custom fields "client_alpns" and "server_alpns".

Ticket: #7333
 4 months ago
Jason Ish 3ddd9e2512 eve/tls: disable clang formatting around tls_fields array 4 months ago
Jeff Lucovsky 799822c3db profiling: Correct profiling data array size 
The profiling arrays are incorrectly sized by the number of thread
modules. Since they contain app-layer protocol data, they should be
sized by ALPROTO_MAX.
 4 months ago
Philippe Antoine b5fcf16d97 enip/detect: remove double registration of enip_command keyword 
As found with
./src/suricata --list-keywords | sort | uniq -c | awk '$1 > 1'
 4 months ago
Juliana Fajardini 55b922ceed tls/conf: clarify usage of custom vs extended logs 
Since enabling custom logging will replace the extended logging, thus
possibly leading to certain fields disappearing from the logs, mention
this aspect.

Related to
Bug #7333
 5 months ago
Juliana Fajardini 69fe5121a1 tls: fix duplicate EVE field (issuerdn) 
Wrong function call caused `issuerdn` to be logged when
`subjectaltname` was enabled, for custom logging, only.

Bug #7332
 5 months ago
Juliana Fajardini 2eefc4dac8 schema/tls: add missing custom fields chain/cert 
Task #7287
 5 months ago
dependabot[bot] 7ae522f16a
github-actions: bump github/codeql-action from 3.26.12 to 3.26.13 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.12...v3.26.13)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Shivani Bhardwaj 37fa2a6775 detect: rename port whitelisting to priority 
This was done following the fact that this setting was historically
named incorrectly. The purpose of the setting was always to define the
ports that will be prioritized and have rule groups associated w them on
priority. Rename all occurences of this to correctly reflect the purpose
of the setting.
 5 months ago
Shivani Bhardwaj abbdeed931 detect/engine: rename fn, add comments 5 months ago
Shivani Bhardwaj f8a5c91448 detect/proto: use BIT macros instead of expr 5 months ago
Shivani Bhardwaj 86c1e458f9 detect/engine: use combined flags for TCP 5 months ago
dependabot[bot] 285113a1e5 github-actions: bump actions/checkout from 4.2.0 to 4.2.1 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](d632683dd7...eef61447b9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 9e0151cce5 github-actions: bump github/codeql-action from 3.26.10 to 3.26.12 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.10 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.10...v3.26.12)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
dependabot[bot] 4ad45fc8d0 github-actions: bump actions/upload-artifact from 4.4.0 to 4.4.3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 5 months ago
Alice Akaki fa1addae64 detect/analyzer: add more details for icmp_id 
Ticket: #6360
 5 months ago
Philippe Antoine 378f678d95 fuzz/detect: forbid rule with pcre only on stream 
to avoid fuzzing blocks on timeouts with known bad rules

Ticket: 4858
 5 months ago
Philippe Antoine 81f7ef89c4 stream: fix -Wshorten-64-to-32 warnings 
Ticket: #6186
 5 months ago
Philippe Antoine 58f7af8a31 output: fix -Wshorten-64-to-32 warnings 
Ticket: #6186
 5 months ago
Philippe Antoine 2fb89f1b79 ldap: improve some rust style 5 months ago
Victor Julien 97d525d18d github-action: share cargo registry cache 5 months ago
Victor Julien d574d88bca github-action: share cargo cache for windows jobs 5 months ago
Victor Julien f334532063 rust: update dependencies 5 months ago
Victor Julien 9b6a1355ac github-actions: cache netmap checkout 
To avoid build failures due to rate limiting, cache the netmap checkout.

Explicitly restore and save to avoid the checkout action cleaning the
checkout up before it can be stored in the cache.
 5 months ago
Jason Ish 15c4eb3d16 threads: move wait for unpause outside of loop 
Threads are only set to paused upon initialization and never again, we
should only have to wait once, so move the wait before any loop that
was waiting before.

Additionally, if the thread was killed while waiting to be unpaused,
don't enter the loop.
 5 months ago
Jason Ish 7492fb6a91 threads: merge unpause test into wait for pause function 
TmThreadTestThreadUnPaused was only being used by
TmThreadsWaitForUnpause and is still enough to just become one
function.
 5 months ago
Jason Ish 3f8c3698db threads: helper function TmThreadsWaitForUnpause 
The pattern of checking the pause flag, setting to paused then
waiting to unpause was done enough times to factor out into its own
function. This is also needed by library users who bring their own
packet acquisition threads.
 5 months ago
Philippe Antoine 7d854bd97f template/detect: allow empty buffers 5 months ago
Philippe Antoine 96c8470cdd template: move detect keywords to pure rust 
Ticket: 3195

Also remove unused src/tests/detect-template-buffer.c

Completes commit 4a7567b3f0
to remove references to template-rust
 5 months ago
Zemeteri Kamimizu 87e6e9374f conf: init parser after check with stat() 
Commit changes are made to avoid possible memory leaks. If the parser
is initialized before configuration file checking, there was no deinit
call before function return. Do check config file existance and type
before YAML parser initialization, so we don't need to deinit parser
before exiting the function.

Bug: #7302
 5 months ago
Victor Julien 1591ad4408 packetpool: allow larger max-pending-packets 
Original limit was due to a specific data structure.

(lifted from 96a0ffadde)
 5 months ago
Jeff Lucovsky 1e0d3435db doc: add napatech plugin upgrade notes 
Issue: 7165
 5 months ago
Jeff Lucovsky 88451b400d configure: fail on --enable-napatech and --disable-shared 
Issue: 7165

Plugins can't be build using the standard autoconf/automake
methods. We can get around this by creating our own Makefiles, but
they're often less portable.

For now, fail during ./configure instead of during compile.
 5 months ago
Jeff Lucovsky d32b28c85e napatech: bring back command line argument 
Re-introduce support for command line argument "--napatech"

Issue: 7165
 5 months ago
Jeff Lucovsky 792f5e1d57 napatech: load plugin by default 
Issue: 7165
 5 months ago
Jeff Lucovsky d5feb8accc napatech: add as plugin 
Issue: 7165
 5 months ago
Jeff Lucovsky 330c408930 napatech: remove, to make room for plugin 
Issue: 7166
 5 months ago
Philippe Antoine 58556b7f8b template: remove -rust references 
Ticket: 7315

Completes commit 4a7567b3f0

Allows keyword template.buffer to work properly when template
protocol is enabled
 5 months ago
Jason Ish 09d604f7c3 github-ci: install prepared cbindgen on rpm distros 
Currently cbindgen from system packages is broken, for now use the
cbindgen artifact we build.
 5 months ago