aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,719 Commits
8 Branches
154 Tags
166 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3ab1458abf'
${ noResults }
Commit Graph

3719 Commits (3ab1458abf29e2b84b82f6f0e6af0dd77c29389b)
 

Author SHA1 Message Date
Eric Leblond e744760613 yaml: document the threads setting in pcap section. 12 years ago
Victor Julien b645425331 Silence compiler warning if napatech3 support is disabled 12 years ago
Matt Keeler 844e4dba11 Napatech 3GD Support 
For use with Network Cards from Napatech utilizing the 3GD driver/api.

    - Implemented new run modes in runmode-napatech-3gd.*
    - Implemented capture/decode threads in source-napatech-3gd.*
    - Integrated the new run modes and source into the build infrastructure.

    New configure switches
    --enabled-napatech-3gd : Turns on the NT 3GD support
    --with-napatech-3gd-includes : The directory containing the NT 3GD header files
    --with-napatech-3gd-libraries : The directory containing the NT 3GD libraries to link against.

    New CLI switch
    --napatech-3gd : Uses the Napatech 3GD run mode

    Runmodes Supported:
    - auto
    - autofp
    - workers

    Notes:
    - tested with 1 Gbps sustained traffic (no drops)

Signed-off-by: Matt Keeler <mk@npulsetech.com>
 12 years ago
Eric Leblond 02874a16f5 gcc: construct use for warning was too recent. 12 years ago
Anoop Saldanha b8164b8797 fix wrong record hdr len check in ssl parser 12 years ago
Victor Julien d1573a366d Fix GetUsed functions for Host, Flow and Defrag. 12 years ago
Eric Leblond 2fbb28ece6 build: error on implicit function declaration 
This patch modifies gcc options to error in case of implicit
declaration. Bug #612 has shown this kind of bugs can be very
costly.
 12 years ago
Eric Leblond 4542cd0eec ipfw: suppress non loop receive function 12 years ago
Eric Leblond e3a38810b6 nfq: suppress non loop receive function 12 years ago
Victor Julien 966c731e73 flow: fix crash when flow engine under extreme stress, and unable to force free any existing flow 12 years ago
Victor Julien 76f0838a9f libhtp: harden code against malloc failures. Bug #587. 12 years ago
Victor Julien da7f1d22cc http: don't assume http tx to have header alloc'd. Can happen in OOM conditions. Bug #587. 12 years ago
Victor Julien 18ecd4b287 Don't use SCStrdup in SCLogMessage as we call it on OOM condition, leading to endless recursion. SCStrdup failure calling SCLogMessage... 12 years ago
Victor Julien 70bc9e2494 filestore: fix logic flag in continued stateful detection 12 years ago
Eric Leblond 8957113550 pf-ring: fix build 12 years ago
Victor Julien d386606b80 Remove pcre jit warning. Bug #579. 12 years ago
Eric Leblond d3195b0f70 pf_ring: don't set cluster for DNA interface. 12 years ago
Anoop Saldanha 7a7cd6999e feature #558. 
Print FP info in rule analysis + other cleanup.
 12 years ago
Eric Leblond ac5bab8838 OpenBSD: no support for profiling 
Local thread storage are not available so profiling is not supported.
 12 years ago
Eric Leblond 7c85bee4aa OpenBSD: magic.mc path has changed in OpenBSD 5.1 12 years ago
Victor Julien a3f963f630 filestore: fix a case where a matching non-filestore sig could trigger the store of a partially matching filestore sig. 12 years ago
Victor Julien 3156407746 http: fix client and server body sometimes being inspected in wrong order 12 years ago
Eric Leblond b12967534a stream.inline: add 'auto' mode 
stream.inline YAML configuration variable now support the 'auto' value.
In this case, inline mode is activated for IPS running mode (NFQ and
IPFW) and is deactivated for IDS mode. This patch should fix bug #592.
 12 years ago
Eric Leblond b26ec60398 af-packet: fix possible infinite loop. 
If no packet arrives to a capture thread, it is possible that the
AFPReadLoop() function goes into an infinite loop. This could cause
suricata to hang at exit on non busy system.
This patch adds a counter to detect when Suricata start looping in
the ring to stop when it reaches this point.
 12 years ago
Eric Leblond e8a4a4c47c af-packet: dump counter every seconds. 
This patch updates to kernel counters handling to be almost sure to
update at least once per second.
 12 years ago
Eric Leblond 3acdd4da1d pf-ring: add counter for kernel drop and packets 
This patch adds a counter for kernel drop and packets by using the
same strategy as the one used in af-packet.
 12 years ago
Victor Julien 80d62b59ec Fix drop (and other actions) not being applied to thresholded packets. Bug #613. 12 years ago
Anoop Saldanha bca1b7c52a change default mpm to ac. Also default sgh-mpm-context is full. 12 years ago
Victor Julien fd6df00684 Bug 585: use per detect thread libmagic ctx 12 years ago
Victor Julien ea6fcb355b magic: add test showing payload resulting in libmagic invalid read as reported by valgrind. 12 years ago
Anoop Saldanha fdab6f2ab1 fix flow deadlock issue in detection engine state introduced by tx api. 
Issue discovered by coverity.
 12 years ago
Eric Leblond 00b95c69c0 suricata: list-keywords does not depend on unittest 12 years ago
Victor Julien 83ffd1f743 luajit: suppress compiler warning 12 years ago
Anoop Saldanha 2ab62920aa fix segv in hcbd and hsbd buffering. 
Increase bufffers_list_len, only we open up a space for a new tx.
 12 years ago
Anoop Saldanha b359bc03a9 unittest to reveal a bug/segv in our hsbd buffering code. 12 years ago
Victor Julien 4fab8ea6d6 http: fix http header reassembly bug causing some headers to be left out of the inspected buffer 12 years ago
Victor Julien 5cd46433d3 http: now that htp_state has a cfg reference, use it for body limits 12 years ago
Victor Julien 2763a61213 http: allow configuration of request and response body inspection limits. Issue #560. 12 years ago
Anoop Saldanha b99f9fe890 New app inspection engine introduced. Moved existing inspecting engines to use it. 12 years ago
Anoop Saldanha 7b4eac3e8d Change all inspect callbacks to accept TV and a tx_id param. 12 years ago
Anoop Saldanha 10a6e6a3eb Engine cleanup. Remove all old engine inspection and mpm functions. 12 years ago
Anoop Saldanha b0e20a486c update client/server/http_header to use a different form of 
buffering/buffer_retrieval.

Now it happens per tx, based on tx id.  Also notice a perf improvement with
this.
 12 years ago
Victor Julien e1321f9ae6 stream: change how retransmissions are handled and detected. 12 years ago
Victor Julien b621ed8423 stream: fix retransmission on closewait being considered out of window 12 years ago
Victor Julien a25629b250 stream: detect retransmissions on timewait state 12 years ago
Victor Julien 6326390120 stream: accept ack with next_seq + 1 on last_ack state 12 years ago
Victor Julien 3f6ecff260 stream: disable retransmission packet before last ack sig as it is fairly common in regular traffic 12 years ago
Victor Julien bc37cb6b8e stream: detect retransmissions on closewait and finwait2 states 12 years ago
Victor Julien 305ed3f23b stream: don't flag zero window probe packets as out of window. Bug #604. 12 years ago
Victor Julien 13e60c0040 stream: detect keep-alive packets so we don't consider those invalid 12 years ago