aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,670 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3fbcacf9a8'
${ noResults }
Commit Graph

10670 Commits (3fbcacf9a884cdc647c5885be0b18b45645832f3)
 

Author SHA1 Message Date
Victor Julien b8c2b66d33 packet-queue: introduce a non-locked version 
Works exactly like PacketQueue, just does not contain a mutex
and cond var, leading to much reduced memory size.
 5 years ago
Victor Julien 9ed260c489 threading: more efficient TmSlot layout 5 years ago
Victor Julien 18e652309f threading: remove 'id' field from TmSlot 
Field was now unused.
 5 years ago
Victor Julien d7cb0774dd detect: cleanup reload thread handling 5 years ago
Victor Julien 786e697590 threading: simplify flow timeout loop 5 years ago
Victor Julien 261b77742e threading: shrink and reorganize TmSlot 5 years ago
Victor Julien 87c9b11d8c threading/threadvars: rearrange for better cache behavior 5 years ago
Victor Julien 071b753e84 threading/threadvars: remove unused 'prev' field 5 years ago
Victor Julien f53f004917 threading: remove unused 'TmThreadRemove' function 5 years ago
Victor Julien 569a5d985b threading: remove handler names to shink struct 
Shrink ThreadVars by removing the queue handler names that are only
used at shutdown. Since this is not performance critical, we can use
the id's to look up the queue handler.
 5 years ago
Victor Julien 74a6f8d4dd threading/queues: add way to lookup by ID 
In preparation of doing runtime operations by ID instead of by name,
add functions to look up by ID and to convert name to ID.
 5 years ago
Victor Julien d0218696ba threading: shrink threadvars struct size 5 years ago
Victor Julien c029599515 threading: remove unused threadvars field 5 years ago
Victor Julien f1ee176111 threading: clarify threadvars fields 5 years ago
Victor Julien d50492cb20 threading: cleanup packet thread shutdown loop 5 years ago
Victor Julien 8e762f5190 source-pcap: remove unused function 5 years ago
Victor Julien 3a703c84ad threading/modules: declare prototypes static 
Declare registered threading API funcs static where appropriate.
 5 years ago
Victor Julien 7c83cb585e sources: fix pipeline failure handling 
When TmThreadsSlotProcessPkt fails it will return the packet that was
passed to it to the packetpool.

Some of the packet sources were doing this manually as well. This patch
fixes those sources.
 5 years ago
Victor Julien 49599dfe89 threading: use tm_flowworker for pseudo packets 
Pseudo packets don't need to be processed by the decoding layer.
 5 years ago
Victor Julien 9df8e1c984 threading: add shortcut to flowworker 5 years ago
Victor Julien 02004fa547 threading: remove per slot post_pq 
Use a single packet queue per thread for flow timeout packet
injection. The per slot queue was unused except for this use
case. Having a single queue makes the logic and implementation
simpler.

In case of 'autofp', the per thread packet queue will actually
use the threads input queue. For workers/single a dedicated
queue will be set up.

Rename TmThreadsSlotHandlePostPQs to TmThreadsHandleInjectedPackets
to reflect the changed logic.
 5 years ago
Victor Julien 15e3bdb7b8 af-packet: prototypes cleanup 
Remove unused prototype.

Declare other prototypes static.
 5 years ago
Victor Julien 44d7f636f2 threading: remove post_pq argument from 'SlotFunc' 
This was not in use anywhere.
 5 years ago
Victor Julien f5045af3e3 runmodes: code cleanups 5 years ago
Victor Julien 1a8562b3c6 detect: clean up threads handling 
Clean up reload and break loop thread handling.
 5 years ago
Victor Julien e5010d7704 detect: inject packet cleanup 5 years ago
Victor Julien abea227cfc flow-manager: code cleanups 5 years ago
Victor Julien 6fd35fb786 flow-manager: avoid doubly signaling threads 
Don't try to wake up the threads we just flagged and validated that
they changed their state.
 5 years ago
Victor Julien 539c1a275f threading: remove commented out function 5 years ago
Victor Julien b55f617c2f threading: optimize and unify post_pq checks 
TmThreadsSlotProcessPkt did not need to look all 'slots' as only the first
slots post_pq can have been used.

Unify post_pq cleanup handling.
 5 years ago
Victor Julien 2a1ed3ba1b threading: remove wrong unlikely statement; minor cleanups 5 years ago
Victor Julien e5192ae20a threading: TmSlot::SlotFunc does not need to be atomic 5 years ago
Victor Julien 89048d71ad threading: fix flags handling by using uint32_t everywhere 5 years ago
Victor Julien 85cf341189 threading: optimize error handling in main packet loop 5 years ago
Victor Julien 9d8ea3b4fe threading: minor code style cleanups 5 years ago
Victor Julien b1056b3836 threading: simplify packetpool checks 5 years ago
Victor Julien 603b2ced47 threading/queues: add shortcut for packetpool check 
Allows code simplifycation in the threading loops.
 5 years ago
Victor Julien 29cb9d1d52 threading/queues: minor code cleanups 5 years ago
Victor Julien f05c12b70f afl: fix compilation 5 years ago
Victor Julien 01862eae78 afl/decoder: make file dumps optional 5 years ago
Victor Julien 42d112e7b6 detect/address: dead code removal and style cleanups 5 years ago
Victor Julien d41aeccea4 smb: handle file transactions post-GAP 
After a GAP all normal transactions are closed. File transactions
are left open as they can handle GAPs in principle. However, the
GAP might have contained the closing of a file and therefore it
may remain active until the end of the flow.

This patch introduces a time based heuristic for these transactions.
After the GAP all file transactions are stamped with the current
timestamp. If 60 seconds later a file has seen no update, its marked
as closed.

This is meant to fix resource starvation issues observed in long
running SMB sessions where packet loss was causing GAPs.
 5 years ago
Jason Ish 80cafb2979 flow: expose last time as a function 
This function returns the individual components
of the timeval in output pointers making it suitable
for use over Rust FFI.
 5 years ago
Jason Ish d1eab5aa46 defrag: set livedev on the reassembled packet (issue-3380) 
Set the livedev on reassembled packets to that of the parent
packet. Fixes issues with multidetect, specifically a segfault
as reported in issue 3380.

Bug #3380.
 5 years ago
Victor Julien 9ae87e79a2 configure: fix cygpath check 5 years ago
Victor Julien 9d0976ea8a output/tx: split list of loggers per alproto 
This patch splits the list of loggers the tx logging walks into lists per
alproto. The list was getting longer with each eve addition. The result
was that for each tx we would have to loop through multiple loggers that
did not apply to this tx as it was for the wrong protocol.
 5 years ago
Victor Julien 5b7aa506c1 output: micro optimization 
LogFunc is always set, so don't check for it at runtime.
 5 years ago
Victor Julien 4f9e4d41e0 output: optimize root logging loop 
Instead of unconditionally looping all the 'root' loggers, loop only
those that are in use.

Root loggers are: packet, tx, file, filedata, streaming.
 5 years ago
Victor Julien 07df1ce6af output: clarify registration 5 years ago
Victor Julien 284c3cf68a output/tx: bail early if no flow 5 years ago