aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,105 Commits
8 Branches
165 Tags
231 MiB
main
main-7.0.x
main-8.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3d22713b09'
${ noResults }
Commit Graph

160 Commits (3d22713b09f850b7be97dc0f24aa325b297819e7)

Author SHA1 Message Date
Gurvinder Singh 7577823cdf support for stopping the evasion, which is caused by the use of TCP RST packets for linux based systems 16 years ago
Gurvinder Singh f0928a4555 support for enforcing the depth until when the reassembly will be performed 16 years ago
Gurvinder Singh 8b0ca4f628 support for seperate memcaps for reassembly and stream engine 16 years ago
Victor Julien 18c923318a Fix bug where valid FIN packets would be rejected. 16 years ago
Victor Julien 05d382f533 Fix broken stream engine config initialization: due wrong casts settings could be overwritten in memory. 16 years ago
Victor Julien 580b09c2b8 Make sure we inspect all outstanding reassembled stream chunks (smsg) if the stream is shutting down. Make sure to do inspect signatures that use dsize against the tcp packet payload, even if that payload was already added to the stream. Likewise, the dsize signatures are not inspected against the reassembled stream. 16 years ago
Victor Julien b8fec77f37 Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id. 16 years ago
Anoop Saldanha 015385c6bd changes to the dce parser stub data processed var. changed to stub data fresh var to indicate if the stub is fresh or not 16 years ago
Anoop Saldanha 45ea0d914e dce stub content keywords support using dcepayload.c support for all dce related content keywords 16 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 16 years ago
Victor Julien a0c1209a44 Inspect the reassembled stream together with the packet payload in the same direction. 16 years ago
Victor Julien 9f95ab7441 Make sure a stream that has a failing app layer inspection module no longer stops reassembly, but only app layer inspection. This way we can continue to inspect the reassembled stream. 16 years ago
Victor Julien 4e7df60b2f Make pcap file mode read multiple packets per 'read'. Update threading model to deal with this. 16 years ago
William Metcalf 2eef905c07 GPL and Copyright header updates. 16 years ago
Gurvinder Singh 5fe1dc1d24 support for sslv2/sslv3 their unit tests and better stream no reassembly flag handling 16 years ago
Gerardo Iglesias Galvan 9f4fae5b1a Fix inconsistent use of dynamic memory allocation 16 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 16 years ago
Victor Julien 070ed778b8 Libcap-ng support by Gurvinder Singh and myself. Basic support for per thread caps is added, but not activated as it doesn't seem to work yet. Work around for incompatibility between libnet 1.1 and libcap-ng added. 16 years ago
Gurvinder Singh e0b4838471 fix bug 133, error caused by seq mismatch in fin_wait_2 state, whis was dicarding the packet which should be accepted 16 years ago
Victor Julien 0eabde4a9b Gnu99 inline fixes for stream engine. 16 years ago
Victor Julien eeb98c6900 Move SCSetThreadName to proper functions. 16 years ago
Gerardo Iglesias Galvan 9f35a24a1f Set threads name. Fix bug #83 16 years ago
Victor Julien ad02732907 Properly cleanup stream engine spinlocks and mutexes at shutdown. Fixes drd errors in unittests. 16 years ago
Pablo Rincon 2ce728d019 Adding support for ecn flags after the handshake 16 years ago
Victor Julien 2b3479577b Fix ecn/cwr unittests 16 years ago
Victor Julien 5eb4095b9a Comment ECN/CWR changes more. 16 years ago
Pablo Rincon 83ddc5813a Support for ecn/cwr TCP sessions 16 years ago
Gurvinder Singh 8e444f1772 stream and application layer improvements 16 years ago
Victor Julien f4ee4f5670 Properly clear list tail ptr in segment list. 16 years ago
Jason Ish eab93e766a Do policy lookup for defrag. Add unit test for a default host os policy. Update example config to use a default. Add 2 new policies to the stream to cover all the policies for stream and defrag. 16 years ago
Gurvinder Singh 7438f981da stream memory leaks fixed and unit tests added 16 years ago
Pablo Rincon 25a3a5c6d8 Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks. 16 years ago
Jan Jezek 4e72ccf987 Fixed Win32 compilation, unit tests now compile. 16 years ago
Victor Julien 60685f8b3c Make unittests run more quiet. 16 years ago
Pablo Rincon d0404d8447 Renaming errors with naming conventions 16 years ago
Victor Julien 53977fded6 Small compilation fixes when debugging is disabled. 16 years ago
Victor Julien 6a53ab9c5a Stream engine memory handling update 
The stream engine memory handling needed updating as it didn't scale. Changes:

- pools can now be initialized to size 0, meaning unlimited
- stream engine uses a memcap setting. Sessions, segments and aldata is part
  of this, app layer state isn't.
- memory is accounted using a global int that is spinlocked.
- a counter for sessions that have not been picked up because of memcap was
  added.
- all reassembly errors are converted to debug msgs.
 16 years ago
Victor Julien f08d01a8e8 Set sensible tcp timeout defaults and no longer set the timeouts from the stream engine. 16 years ago
Victor Julien 0d34990d7f Add OpenBSD's strlcpy and strlcat and replace all strcat/strcpy/strncat/strncpy by those calls. 16 years ago
Victor Julien 434da6b965 Set no reassembly flags on sessions we don't recognize the protocol for. 16 years ago
Gurvinder Singh 5c8d90afc8 memory leak fixes 16 years ago
Victor Julien eb67bb442e Fixup unittests that use buffers that simulate configuration files. They now include the YAML header. 16 years ago
Victor Julien 9ececacda3 Fix packet timestamp handling for encapsulated packets. 16 years ago
Victor Julien c1283a6628 Fix app layer proto detection code not being thread safe. 16 years ago
Gurvinder Singh fde948f488 bug 41 patch 16 years ago
Victor Julien 6b36e23e45 Fix not decreasing the flow use_cnt reference counter in some cases from the app layer detection code. This caused some streams to never fully time out and thus clutter up the flow table and session pool. 16 years ago
Gurvinder Singh a66c6752d5 stream os_policy support 16 years ago
Gurvinder Singh 567bbf604b stream reassembling fixes 16 years ago
Victor Julien 9b422c443e Fix up initialization and hopefully make the SEQ macro's fix up an 64bit issue we're seeing... 16 years ago
Victor Julien 4824868766 Application layer detection improvements 
- improve locking of application layer handling, making sure that the flow cannot be freed/cleared when the detection engine is still working with it.
- add a check to the app layer detection to make sure that a match function will only inspect an app layer state if it's of the right type.
 16 years ago
Gurvinder Singh 0a85fd6787 htp error fixed 16 years ago
Gurvinder Singh d8433c7255 fixed-pool-error-and-tcp-state-transition 16 years ago
Victor Julien ecf86f9c23 Rename to Suricata. 16 years ago
Pablo Rincon e26833be3f Changing mutex/spinlocks/conditions naming types 16 years ago
Pablo Rincon 769022f4be Adding support for Mac OS X, FreeBSD, centrailizing mutex/spins/conditions in a macro API, and some unittests 16 years ago
Gurvinder Singh c1e485cc44 app layer error handling 16 years ago
Victor Julien 54b9663cd1 TCP streams: support falling back to 3WHS when we were led to believe we were in 4WHS mode. Add unittests. 16 years ago
Victor Julien 2af6ed0c8c Support newly reported 4WHS TCP setup. 16 years ago
Gurvinder Singh d2765511ce async stream handling support 16 years ago
Anoop Saldanha ceb7e495ae refactoring perf stats code 16 years ago
Gurvinder Singh e7952b1331 some changes in threading constants 16 years ago
Gurvinder Singh 40b8afdd56 support for thread exit constants 16 years ago
Gurvinder Singh 7895748606 add unit test for no stream reassembly 16 years ago
Gurvinder Singh 94674c58f3 unit tests for no packet & payload inspection 16 years ago
Gurvinder Singh bbb385422d function to set packet flags 16 years ago
Gurvinder Singh cc0b4f7181 initial version to support detection byepass 16 years ago
Victor Julien 968d8df12b More logging API usage. Changed logging macro's slightly so the vars inside them won't conflict with vars used by the calling function. 16 years ago
Victor Julien bcc5bbef93 Yet more logging api usage changes. 16 years ago
Victor Julien 91bc83e5c6 More logging API usage changes. 16 years ago
Victor Julien 3a28171fbd Another round of logging api usage updates. 16 years ago
Victor Julien be3bbe0a85 Fix segv in reassembly. Fix sequence gap handling tests. 16 years ago
Victor Julien b3cb29b758 Fix engine lockup due to mutex locking error. 16 years ago
Victor Julien 5ecd187b6f Tie app layer parsing to the stream engine. 16 years ago
Gurvinder Singh c06b2849fb fixed unit tests and add the comments 16 years ago
Gurvinder Singh e88249ee24 small performance enhancement 16 years ago
Gurvinder Singh 37b4682407 target based paws handling 16 years ago
Gurvinder Singh 573027a1ec PAWS support and one unittest 16 years ago
Gurvinder Singh 45cb8f5f0c changed flag name 16 years ago
Gurvinder Singh 3350245f75 timestamp support 16 years ago
Victor Julien 597d0e9a20 Fix detection of failed thread startup. Cleanup startup output a bit. 16 years ago
Victor Julien 0d0ffb9963 Reorganize header inclusions. 16 years ago
Victor Julien 301522f316 Add TCP_GET_WSCALE macro for easy access to wscale. Update StreamTcp to use it. Default to wscale 14 (max) in case of midstream as there seems to be no reliable way to predict wscale if we missed it. 16 years ago
Victor Julien edfddcb282 Clean up stream tests memory handling. Remove counters in the address handling that were thread unsafe. 16 years ago
Gurvinder Singh aa87f70470 stream size match function and unittests 16 years ago
Victor Julien 15b75d727a Fix reassembly unittests. 16 years ago
Victor Julien a39108843e Small tm module API rename to reflect that Init/Deinit/ExitPrintStats are per thread calls. 16 years ago
Victor Julien b102ea2123 Big update: 
- Implement "closing" state in flow.
- Add protocol specific timeouts.
- Lots of stream tracking updates, fixing a lot of out of window issues.
- Stream reassembly fixes.
- Implement a new IDS runmode with 4 stream and detect threads.
- Added a BUG_ON macro that aborts the engine if the expression is true.
- Better balance the flow queue handler for traffic that doesn't have flow (like icmp currently).
- Simplify application level protocol in the Tcp Session.
- Add some debugging memory counters.
 16 years ago
Victor Julien b4f0e82463 Small flow updates. 16 years ago
Gurvinder Singh 2e3d7fcb9d Fixed seg fault 16 years ago
Gurvinder Singh 9dcf6e2de2 handle the FLOW_STATE_CLOSED 16 years ago
Gurvinder Singh ced5157dc9 Flow get state protocol specific 16 years ago
Gurvinder Singh ab76253ec6 registering stream timeouts and flow prunning unit tests 16 years ago
Gurvinder Singh a4ad7939d2 proto specific free function 16 years ago
Victor Julien 18f556ade1 Fix a number of broken overlap calculations. Add comments exmplaining them all. 16 years ago
Victor Julien 84da1e9dc4 Add seg_list integrity testing to reassemly. Remove all debug output but some. Better deal with packets before the point that we already reassembled. 17 years ago
Gurvinder Singh 0a32b6491f Handling of IDS missed packets and its unitests 17 years ago
Anoop Saldanha 244f5d547a new registration functions for the stats api, with local thread storage for counter ids 17 years ago
Victor Julien 0a9fca7e57 Fix compilation without unittests enabled. 17 years ago
Victor Julien 522efdcf03 Small reshuffle of the free funcs in the Stream code. 17 years ago
Gurvinder Singh 6824eddb0f New function for task3 17 years ago