aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,814 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '371113e21e'
${ noResults }
Commit Graph

6814 Commits (371113e21e808b74cfbb0878ed14e08a3b926d5c)
 

Author SHA1 Message Date
Victor Julien 371113e21e ac-ks: don't allow use on big-endian 9 years ago
Victor Julien 181f67ff97 flow-worker: small cleanups 9 years ago
Victor Julien 72d3ea6552 detect: make pattern matcher messages less verbose 9 years ago
Victor Julien be9cd0fd84 yaml: replace ac-tile by ac-ks 9 years ago
Victor Julien 36535cbc61 yaml: remove conf_filename global 
conf_filename was a global pointer to the filename of the yaml.

Move into SCInstance. This reduces it's scope and cleans up the code.
 9 years ago
Victor Julien 4b9a62d1fe profiling: fix compilation if libjansson is missing 9 years ago
Victor Julien 661d7c1d09 pfring: cleanup 9 years ago
Victor Julien 6f7740807d pfring: improve profiling 
Reset packet profiling after pfring_recv. The packet was taken from
the packet pool before this call. The packet will already have it's
start ticks initialized. To avoid including ticks while pfring_recv
waits for traffic, reset the ticks right after it.
 9 years ago
Victor Julien c9159892c7 profiling: allow packet profiling to be reset 9 years ago
Eric Leblond 291af719c6 coverity: fix CID 1362014 
Error handling was not correct regarding ring buffer memory
handling.
 9 years ago
Victor Julien 9f7ba07153 af-packet: use better defaults if config is missing 9 years ago
Victor Julien f55dbca57b yaml: make eve log in yaml depend on libjansson 9 years ago
Victor Julien df6f9269ec yaml: improve capture comments 9 years ago
Victor Julien 766bc95e3c yaml: move classification etc below the rules 9 years ago
Victor Julien 1b4e1ea389 yaml: new defaults for outputs 
Enable eve.flow, disable plain http.log.
 9 years ago
Victor Julien 4d056912d3 yaml: file logging at info level 9 years ago
Victor Julien cb47c2f682 yaml: improved defaults and misc cleanups 9 years ago
Victor Julien ea7923cc81 yaml: add performance tuning section 9 years ago
Victor Julien 6d7b4c81e3 yaml: more reshuffling 9 years ago
Victor Julien a6a69f0099 yaml: create advancted sections 
Sections for advancted detection settings and traffic tracking and
reconstruction.
 9 years ago
Victor Julien d79c95dded yaml: add hw accel section, move cuda there 9 years ago
Victor Julien 8fae138d3b yaml: add netfilter section 9 years ago
Victor Julien 056f88b458 yaml: move outputs to the logging step 9 years ago
Victor Julien 11e6809d55 yaml: introduce 'advanced settings' 9 years ago
Victor Julien c5ca642a28 yaml: move app layer up 9 years ago
Victor Julien c160f78758 yaml: move afpacket, pcap, pcap-file up 9 years ago
Victor Julien d48098f189 yaml: move logging up 9 years ago
Victor Julien c949668863 yaml: move rules up in the file 
Also disable decoder and stream events by default, as they are too noisy
in a untuned environment.
 9 years ago
Victor Julien a9cea53e62 yaml: move vars to the top 9 years ago
Victor Julien 093ecf4798 logging: clean up at shutdown 9 years ago
Victor Julien c1f679d3f3 flow worker: move UDP app-layer into main function 
This way it's more clean what happens and we can profile it.
 9 years ago
Victor Julien e09643c396 flow worker: profiling 
Previously the detect and stream code lived in their own thread
modules. This meant profiling showed their cost as part of the
thread module profiling logic. Now that only the flow worker is
a thread module this no longer works.

This patch introduces profiling for the 3 current flow worker
steps: flow, stream, detect.
 9 years ago
Victor Julien 48771c1acf debug: fix compiler warnings 9 years ago
Victor Julien 7dfdcdc770 thread modules: remove unused id's 9 years ago
Victor Julien a8f257e05f detect: no longer a thread module 
Like stream, detect is now invoked directly by the FlowWorker.
 9 years ago
Victor Julien 4a96820320 stream-tcp: more cleanups 9 years ago
Victor Julien 8b06badbcf stream-tcp: no longer register as a thread module 
Now that the FlowWorker handles the TCP Stream directly, having
the TCP engine as a thread module is no longer needed.

This patch removes the registration.
 9 years ago
Victor Julien 333f2cb310 drmemory: broader suppressions for hyperscan 9 years ago
Victor Julien eec66c7b4f smtp: improve thread data use 
The SMTP app layer used a thread local data structure for the mpm in
reply parsing, but it only used a pmq. The MpmThreadCtx was actually
global. Until now this wasn't really noticed because non of the mpm's
used the thread ctx.

Hyperscan does use it however.

This patch creates a new structure SMTPThreadCtx, which contains both
the pmq and the mpm thread ctx. It's passed directly to the reply
parsing function instead of storing a pointer to it in the SMTPState.

Additionally fix a small memory leak warning wrt the smtp global mpm
state.
 9 years ago
Justin Viiret 7a0dbc6f9f app-layer-smtp: free mpm contexts on shutdown 
Adds a cleanup function for the SMTP parser that destroys the MPM
context and MPM thread context it uses.

Also marks smtp_mpm_thread_ctx static.
 9 years ago
Justin Viiret d807bf4e8a detect-engine: log MPM/SPM matchers being used 9 years ago
Justin Viiret c9d0d6f698 mpm: add "auto" default for mpm-algo 
Setting mpm-algo to "auto" will use "hs" if Suricata was built against
Hyperscan, and "ac" otherwise (or "ac-tile" on Tilera platforms).
 9 years ago
Justin Viiret 8c6deecc55 app-layer-detect-proto: use mpm-algo 
Use the matcher configured by the user rather than hard-coding MPM_AC.
 9 years ago
Justin Viiret 88b50d2c34 app-layer-detect-proto: pass mpm_ctx to DestroyCtx 
The MPM DestroyCtx function accepts the MpmCtx, not the ctx pointer
inside it.
 9 years ago
Justin Viiret 31d8d4b0a1 detect-engine: adjust unit tests for hs mpm 
The Hyperscan MPM does match deduplication internally (using
HS_FLAG_SINGLEMATCH) and only returns the number of unique matches,
unlike AC.
 9 years ago
Justin Viiret 68ddcdccde app-layer-smtp: init mpm thread ctx after prepare 
This allows the Hyperscan MPM to correctly allocate scratch.
 9 years ago
Justin Viiret 24a1488591 mpm-hs: make errors from hs_scan() fatal 
Hyperscan will only return an error at scan time if the database or
scratch region are corrupted, which should provoke a fatal error.
 9 years ago
Justin Viiret a765cfde19 mpm-hs,spm-hs: don't call hs_scan() for zero bytes 9 years ago
Aleksey Katargin 2a5f487a16 netmap: close sw ring before hw rings 
Fix issue #1714
 9 years ago
Jason Ish b23d74ac88 tls-json-log: register module as tls-json-log, not dns-json-log 
Fixes issue:
https://redmine.openinfosecfoundation.org/issues/1792
where dns-json-log would not log any data.
 9 years ago