aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,881 Commits
10 Branches
154 Tags
165 MiB
dependabot/github_actions/actions/checkout-4.2.1
dependabot/github_actions/github/codeql-action-3.26.12
dependabot/github_actions/actions/upload-artifact-4.4.3
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2f579e6a4c'
${ noResults }
Commit Graph

256 Commits (2f579e6a4c4e5eddd47492840388775e8360a81b)

Author SHA1 Message Date
Victor Julien 746638b220 cuda: remove 
Remove CUDA support as it has been broken for a long time.

Ticket #2382.
 7 years ago
Victor Julien 1261d30df0 mingw/cygwin: explicitly disable unix socket 7 years ago
Victor Julien 6b75162194 mingw: use c:\Program Files\Suricata for w64 7 years ago
Victor Julien 46cb00ec6c strptime: add implementation from NetBSD 
As MinGW doesn't come with strptime take the BSD licensed
implementation from NetBSD. More specifically, the one from

https://github.com/Alexpux/MINGW-packages/blob/master/mingw-w64-libkml/strptime.c

It's slightly modified to get rid on 'uint'.
 7 years ago
Victor Julien d8ddd3b5bc mingw: work around mingw mkdir 
mingw doesn't come with a posix compliant mkdir as it only takes
a single argument.
 7 years ago
Victor Julien 6c251b8576 rust: add --enable-rust-debug 
Add option to put Rust code in non-'--release' mode, preserving
debug symbols.

Until now Suricata would have to be compiled with --enable-debug for
this.
 7 years ago
Victor Julien 56d93f426c configure: style fixup 7 years ago
Victor Julien 2a237bdfca detect: make glob.h optional 
glob.h is not available on MinGW.

Simply use the input on the rule list as a literal pattern.
 7 years ago
Alfredo Cardigliano b6baafb3e3 pfring: hw bypass support 
This patch adds support for hw bypass by enabling flow offload in the network
card (when supported) and implementing the BypassPacketsFlow callback.
Hw bypass support is disabled by default, and can be enabled by setting
"bypass: yes" in the pfring interface configuration section in suricata.yaml.
 7 years ago
Victor Julien e60bfc78c1 Open 4.1 development branch 7 years ago
Victor Julien 9b94679fce random: support getrandom(2) if available 
Ticket: #2193
 7 years ago
jason taylor 0f41172cc6 updated fedora libevent package names 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 7 years ago
Jason Ish 7cc0067be0 Sample systemd unit file for Suricata. 
Create a sample systemd unit file based on the build time
configuration.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2138
 7 years ago
Jason Ish ddf6bce5d8 Sample logrotate configuration file. 
Create a sample logrotate configuration file with filenames
set for the configuration.
 7 years ago
Victor Julien c02739e535 mingw: don't try to build unix socket 7 years ago
Victor Julien d1e839eabc windows: use wpcap instead of pcap 
Windows pcap libraries such as winpcap all use a library name of
wpcap instead of just pcap. Support this in configure.
 7 years ago
Victor Julien d1b6be99de mingw: fix random function 7 years ago
Jason Ish fd025ba3f5 rust: require jansson for rust build 7 years ago
Jason Ish 6a4cefb7c5 rust: --enable-rust-strict to turn warnings into errors 7 years ago
Victor Julien 9dab3ec71e rust: enable/disable yaml settings 
Based on compile time settings, enable/disable app-layers
and loggers.
 7 years ago
Pierre Chifflier 4fe9292ed8 Autotools: add switch to build experimental Rust parsers 7 years ago
Jason Ish 61d9f4bb0a rust: make distcheck fixes 7 years ago
Jason Ish 14951e3f00 rust: save cargo and CARGO_HOME to variables 
During configure, substitute the path of cargo, as well as the
value of CARGO_HOME as variables. This fixes the case where a
user might do:
  make
  sudo make install
Which will cause the cargo bits to be rebuilt, including
re-downloading external crates.

By saving these to variables we can be sure that the same
values are used during make install as were used during
make which prevents the Rust artifacts from being rebuild
during "sudo make install".
 7 years ago
Jason Ish 6bddc4d3e0 python: use python path found during configure 
Also look for Python under more names. For example, on OpenBSD
if you just install Python 2, you will only get a python2.7
executable.
 7 years ago
Victor Julien d00b914ddb rust: make clear it's experimental 7 years ago
Jason Ish 9d687025e2 rust: lua wrapper 
Rust wrapper for working with lua state.
 7 years ago
Jason Ish 8f81792da5 rust: hook rust into the build 
Rust is currently optional, use the --enable-rust configure
argument to enable Rust.

By default Rust will be built in release mode. If debug is enabled
then it will be built in debug mode.

On make dist, "cargo vendor" will be run to make a local copy
of Rust dependencies for the distribution archive file.

Add autoconf checks to test for the vendored source, and if it
exists setup the build to use the vendored code instead of
fetching it from the network.

Also, as Cargo requires semantic versioning, the Suricata version
had to change from 4.0dev to 4.0.0-dev.
 7 years ago
Victor Julien 3ff5dc3653 nfq: remove obsolete and broken netfilterforwin support 8 years ago
Victor Julien 276125c1ef cleanup: remove unused ringbuffer code 8 years ago
Victor Julien cda6e0291f cleanup: remove libpcap < 1 support 8 years ago
Victor Julien 119115d3b6 configure: remove CentOS5 pkg-config fix 8 years ago
Victor Julien 0516b5d704 cleanup: from AS_VERSION_COMPARE CentOS5 workaround 8 years ago
fooinha a64e5e77c7 eve: async mode for redis output 
eve: detects libevent for async redis at configure
eve: moves redis output code to new file - util-log-redis.{c,h}
eve: redis ECHO and QUIT commands for async mode
eve: redis output defaults if conf is missing
 8 years ago
Victor Julien dd70b3fda0 random: improve random logic 
Improve random logic for hash tables.

Implement Windows random API if it is available.
 8 years ago
Victor Julien a4dce24151 core dumps: check for sys/resource.h 8 years ago
Victor Julien cee5c9fa60 pcre: on ppc64 disable only for specific versions 
Disable jit only for libpcre 8.39 and 8.40 as those were the buggy
versions.

Thanks to Zoltán Herczeg.
 8 years ago
Victor Julien bc480fa8c3 pcre: disable jit on powerpc64 
It appears that both using gcc and clang something gets misoptimised
around pcre's jit. So disable jit for now.
 8 years ago
Jason Ish 2c01985e73 autoconf - look for stdbool.h 8 years ago
Victor Julien 113a238e90 Open 4.0 development branch 8 years ago
Sascha Steinbiss e6044aaf1c mpm/spm: check for SSSE3 and enable/disable HS 
The new Hyperscan 4.4 API provides a function to check for SSSE3
presence at runtime. This allows us to fall back to non-Hyperscan
matchers on systems without SSSE3 even when the suricata executable
is built with Hyperscan support. Addresses Redmine issue #2010.

Signed-off-by: Sascha Steinbiss <sascha@steinbiss.name>
Tested-by: Arturo Borrero Gonzalez <arturo@debian.org>
 8 years ago
Andreas Herz a18af7325f configure: prevent combination of unittests and debug-validation 8 years ago
Victor Julien 810e43f373 magic: make optional 
Make libmagic optional. If installed it will be enabled by default in
configure. Use --disable-libmagic to disable.
 8 years ago
Jason Ish bbb93e487e pcap-log: seed ring buffer on start up 
On start, look for existing pcap log files and add them to
the ring buffer. This makes pcap-log self maintaining over
restarts removing the need for external tools to clear
orphaned files.
 8 years ago
Jason Ish 0792f80909 doc: only build pdf on dist if pdflatex is installed 8 years ago
Victor Julien 80bd59ae86 doc: improve install doc, configure 8 years ago
Victor Julien d4c7c2c2c7 cygwin: leave magic-file commented out in yaml 8 years ago
Jason Ish 7fa390de39 doc: bundle pre-built man page in distribution 8 years ago
Jason Ish 6eedd0068b doc: hook sphinx into build 8 years ago
Andreas Herz 15766ce2c4 configure: set correct cppflags for enabled nfqueue 
This change sets the correct CPPFLAGS received by PKG_CHECK to resolve
building issues with some systems like OpenSuse.
 8 years ago
Victor Julien 54503ef310 Open Suricata 3.2 development branch 8 years ago
Victor Julien 7847c4f8ee configure: detect SunOS and link against required libs 8 years ago
Victor Julien ec87123339 configure: check for strings.h: used by SunOS 8 years ago
Victor Julien 5db322045e configure: fix Ubuntu lua pkg suggestion 8 years ago
Victor Julien 37b10c13c1 configure: require libhtp 0.5.20 
Ticket #1839
 8 years ago
Victor Julien 66346e4632 libnet: work around older libnet type difference 
Older libnet 1.1.x have a non-const type for libnet_init's dev
argument.
 8 years ago
Victor Julien 9119007d00 pfring: no longer link against rt and numa libs 8 years ago
Victor Julien 5ec885e451 http: set of response body decompress limit 
This is a per personality setting.
 8 years ago
Victor Julien 439b62fe69 configure: cleanup configure output 
Don't present missing spatch as a warning. Remove verbose libnet
warnings as well.
 8 years ago
Victor Julien ffba26d04a configure: don't set -march=native for powerpc 8 years ago
Victor Julien f55dbca57b yaml: make eve log in yaml depend on libjansson 8 years ago
Eric Leblond a40f08a213 af-packet: ask for hardware timestamp 9 years ago
Eric Leblond c2d0d93806 af-packet: detect availability of tpacket_v3 
If TPACKET_V3 is not defined then it is not available and we should
not build anything related to tpacket_v3. This will allow us to
activate it dy default and fallback to v2 if not available.
 9 years ago
Jason Ish baf528e751 typos: surictsc -> suricatasc 
Reported by Markus Lude on the mailing list.
 9 years ago
Jason Ish 667e4e68bf configure.ac: escape $srcdir when used in a variable 
$srcdir needs to be escaped for proper expansion when used
as part of a Makefile variable.
 9 years ago
Victor Julien 1c8775b340 QA: --afl-rules for faster rule fuzzing 9 years ago
Victor Julien faad6bd335 configure: don't use AC_DISABLE_SHARED as it breaks OSX 9 years ago
Mats Klepsland 45d87d66c0 afl: add support for AFL PERSISTANT_MODE 
Add support for AFL PERSISTANT_MODE when Suricata is compiled with
a supported compiler (only afl-clang-fast for now).

This gives a ~10x performance boost when fuzzing.
 9 years ago
Mats Klepsland 8111eb934f QA: add --afl-der=<file> 
Expose SSL/TLS certificate decoding (DER) to commandline
using --afl-der=<file>.
 9 years ago
Victor Julien d165906397 QA: add --afl-decoder-ppp=<file> 9 years ago
Victor Julien bdaba1d815 QA: expose Mime decoding API to commandline using --afl-mime=<file> 9 years ago
Victor Julien 077ac81688 QA: direct access from commandline to AppLayer API 
This patch introduces a new set of commandline options meant for
assisting in fuzz testing the app layer implementations.

Per protocol, 2 commandline options are added:

--afl-http-request=<filename>
--afl-http=<filename>

In the former case, the contents of the file are passed directly to
the HTTP parser as request data.

In the latter case, the data is devided between request and responses.
First 64 bytes are request, then next 64 are response, next 64 are
request, etc, etc.
 9 years ago
Victor Julien ca81c33e14 afl: add --enable-afl configure option 9 years ago
Alexander Gozman 365015c2d5 Support sending rejects via libnet when running under non-root. 
Since version 1.1.6 libnet handles capabilities correctly.
So changing libnet's version checking a little bit should do the trick.
 9 years ago
Victor Julien e27ad81a43 autotools: add AS_VERSION_COMPARE stub for CentOS 5 9 years ago
Victor Julien 3781b00dbc Open Suricata 3.1 development branch 9 years ago
Justin Viiret 13b87f5aff mpm: add Hyperscan integration 
This adds an MPM implementation that uses the Hyperscan regex engine
library from Intel, accessible as the "hs" mpm-algo.
 9 years ago
Andreas Herz c8399e8c51 configure: bypass libpcre 8.35 check 
When --with-libpcre-libraries is used we skip the libpcre 8.35 check
since pkg-config might still point to the 8.35 version installed
although newer version was passed with --with-libpcre-libraries.
 9 years ago
Victor Julien fde7a2f656 cuda: fix compilation 9 years ago
Victor Julien 6228f5f689 lua: if pkg-config fails, try -llua 9 years ago
Victor Julien 9858ae41be configure: OS X fixes 
Remove unnecessary -lpthread from tests.

Make linker warnings non-fatal with -Werror.
 9 years ago
Victor Julien e51707be90 pcre: blacklist 8.35 for JIT use (issue #1693) 9 years ago
Andreas Herz 8c0e575063 configure: warn if libpcre 8.35 is used 9 years ago
Victor Julien 4086938f1e pool: fix memory leak 
Due to pointer size mishandling, the pool code could consider a
block of memory inside the 'preallocated' block. It would then not
free the block.
 9 years ago
bladeswords 2a17e3e827 Fix typo of trailing ] in configure --help 
It is the small things that count.  This is an example of the fix

Before
--disable-threading-tls Disable TLS (thread local storage)]

After
--disable-threading-tls Disable TLS (thread local storage)
 9 years ago
Andreas Herz 15c98c6085 file-magic: improve libmagic handling on *nix systems 9 years ago
Andreas Herz 20dd593981 remove unnecessary braces 9 years ago
Andreas Herz dc1bd5b6bd configure: add --disable-python option 9 years ago
Victor Julien 84c4566a14 Update dev version to reflect we're doing 3.0 now 9 years ago
Eric Leblond eef5678e5e output-json: add redis support 
This patch adds redis support to JSON output.
 9 years ago
Alexander Gozman 437fe40660 Feature 1527: ability to compile as a position independent executable 
Adds corresponding configure option which enables proper CPPFLAGS
and LDFLAGS.
 9 years ago
Eric Leblond f8b8b6f753 configure: use pkg_config for libhtp 
It was not possible to simply specify PKG_CONFIG_PATH to build
with an non bundled libhtp. With this patch we don't need anymore
the htp lib and include configure options.
 9 years ago
Victor Julien ba81c4d290 autotools: cleanup 
Remove most of the CFLAGS updates from configure. Flags are now (mostly)
set in AM_CLFLAGS.

Update all -DBLAH additions to CFLAGS to use AC_DEFINE([BLAH], ...)

Improve Lua vs LuaJIT checking.

Improve the configure output a bit.

Lots of smaller cleanups.
 9 years ago
Eric Leblond 851fcef962 af-packet: sync header with latest features 
Sync the replacement define with the latest Linux code.
This patch also updates the detection part in configure.ac
to do a declaration of all fields if the newest features are
not present.
 9 years ago
Helmut Schaa 91efdadf8e Disable pcap-config use during cross compilation 
This allows cross compilation where the host system has pcap-config
installed and would create an invalid entry in the cross-CFLAGS.
 9 years ago
Alexander Gozman f11e237d77 Feature #1440: support wildcards in rule filenames 10 years ago
Jason Ish 972037248d Define _DEFAULT_SOURCE. Its the replacement for _BSD_SOURCE which 
which has been deprecated as of glibc 2.20.
 10 years ago
Eric Leblond 5f4b745f92 build: don't link with libnfnetlink 
Don't link suricata with libnfnetlink when we don't have support
for NFQUEUE or NFLOG. Previously, suricata was linked with this
library without reason.
 10 years ago
Victor Julien 3f44bd504a CentOS 5.11 pkg-config fix 
Check for the minimal pkg-config 0.21 version. Without it, CentOS'
pkg-config will fail with the warning:

configure: error: The pkg-config script could not be found or is too old.
 10 years ago
gureedo 10104066e1 netmap support 10 years ago
Victor Julien 8e946b92b7 Fix compilation on OS X Yosemite 
Due to our unconditional declaration of the strlcat and strlcpy
functions, compilation failed on OS X Yosemite.

Bug #1192
 10 years ago