suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	44a8bf463e	detect/rule-header: use bool type Update frame prototype as well, to match already returned true/false values.	2 years ago
Victor Julien	b1fa975503	detect/content-inspect: remove const casting	2 years ago
Victor Julien	7f42506760	detect: reimplement discontinue matching logic Previously various steps in the content inspection logic would use a variable in the DetectEngineThreadCtx to flag that matching should be discontinued. This patch reimplements this logic by using a new return code instead. Split content inspection into public and private version, so that common initialization can be done in a single place. Update the callsites.	2 years ago
Victor Julien	68a2fcaad3	mpm: thread ctx cleanups Remove unused thread ctx' from AC variants Use single thread store in detection. Minor cleanups.	2 years ago
Victor Julien	da89164ba1	detect: spelling: DetectBufferMpmRegistry	3 years ago
Victor Julien	977c5ea719	detect: initialize empty buffers	3 years ago
Victor Julien	9e41075d5d	detect/frames: improve IPS and GAP handling Inspect individual chunks in lossy traffic. Don't use the frame idx as the inspection buffer idx. Engines are running per frame, so multi inspection can be used for stream chunks instead. Ticket: #4977.	3 years ago
Victor Julien	a95934b5ee	detect/frames: reduce scope of private function	3 years ago
Victor Julien	aa376a3b21	detect/frame: improve frame detection Add a per frame progress tracker.	3 years ago
Victor Julien	b43dc5a64a	app-layer/frames: use absolute frame offset Frame offset was already a 64 bit integer, so simplify things by making it an absolute offset from the start of the stream.	3 years ago
Victor Julien	f773b714e9	detect/frames: minor cleanup in buffer handling Don't lookup a buffer twice, even if the lookup should be fast.	3 years ago
Victor Julien	040404b093	detect/profiling: track bytes scanned by prefilter engines	3 years ago
Victor Julien	d31beba8d4	detect/frames: fix too strict debug check Frame::len is -1 if it is still unknown. Handle that in the debug check.	3 years ago
Victor Julien	af90478167	detect/frames: reduce severity of validation check	4 years ago
Victor Julien	3a7d09edfc	detect/frame: get data using stream callback Inspect only data that has already been consumed by the app-layer parser. This allows for simpler progress tracking.	4 years ago
Victor Julien	61df4120da	detect/frame: improve assert accuracy Handle frames of unknown size correctly. Bug: #5226.	4 years ago
Victor Julien	c96d22e8a1	frames: support UDP frames UDP frames point to the UDP packet payloads. The frames are removed after each packet. Ticket: #4983.	4 years ago
Victor Julien	f6f124f283	detect/engine: support frames Implement the low level detect engine support for inspecting frames, including MPM, transforms and inspect API's.	4 years ago

18 Commits (45e0acf772cb30320b960bd4d224e2ec945e7c22)