Victor Julien
|
8b3d06fd92
|
Rename some detection engine related files.
|
15 years ago |
Victor Julien
|
f3a94413db
|
Properly support 'alert ip' rules. Add support for handling ip only rules differently.
|
15 years ago |
Victor Julien
|
dee5ab1aa3
|
Fix uricontent mpm ctx comparison.
|
15 years ago |
Victor Julien
|
fed6926809
|
Small cleanups
|
15 years ago |
Victor Julien
|
dc48c58473
|
Switch to using a detection engine ctx.
|
15 years ago |
Victor Julien
|
171c8c777d
|
Group signatures by protocol.
|
15 years ago |
Victor Julien
|
2c8e6a7c5a
|
Allow CFLAGS to be overridden by ./configure.
|
15 years ago |
Victor Julien
|
e16e333601
|
Add GIT guide.
|
15 years ago |
Victor Julien
|
3446566e44
|
Style cleanups for resets.
|
15 years ago |
Victor Julien
|
45f83f7636
|
branching test
|
15 years ago |
William Metcalf
|
0ffa1c2465
|
updates for configure.in, added reject code, some decode stuff for tcp
|
15 years ago |
Victor Julien
|
cdce794124
|
Update todo
|
15 years ago |
Victor Julien
|
9e5049cddc
|
Improve memory handling and parsing of the msg rule keyword.
|
15 years ago |
Victor Julien
|
eb1c4e4987
|
Large update to the detection engine. Greatly improve initialization speed and memory usage.
|
15 years ago |
Victor Julien
|
b1a13c89bd
|
Improve memory handling of the pcre rule keyword.
|
15 years ago |
Victor Julien
|
a603577132
|
Small update to the pcre used for signature parsing.
|
15 years ago |
Victor Julien
|
4484837aa8
|
Update todo.
|
15 years ago |
Victor Julien
|
0489370f5b
|
Big speedup of the initialization code for signatures. Contains WIP code as well.
|
15 years ago |
Victor Julien
|
ac60f32197
|
Make nocase keyword initilization failure fatal and slightly improve the error message it prints.
|
15 years ago |
Victor Julien
|
84087e7077
|
Fix a memory error in the addresslist parsing code. Add a functions aimed at speeding up the signature initialization code.
|
15 years ago |
Victor Julien
|
b50fc8aecd
|
Speed up appending of sigs to a sig group head by using a tail ptr.
|
15 years ago |
Victor Julien
|
0726efead9
|
Support address lists.
|
15 years ago |
Victor Julien
|
f2fbf395b8
|
Fix mixed up CI and CS searching in WuManber. Add better tests.
|
15 years ago |
Victor Julien
|
69162f9cd0
|
Fix issue with log-httplog where it logged uri's of previous packets because of a broken uri check.
|
15 years ago |
Victor Julien
|
05fd319f6c
|
Add log-httplog module that logs http request uri's, hosts and useragents to a per line text format.
|
15 years ago |
Victor Julien
|
eaaeb30cd6
|
Add noalert keyword for use with sigs that are used for capturing only.
|
15 years ago |
Victor Julien
|
63bb777100
|
Use a default prio of 3.
|
15 years ago |
Victor Julien
|
f0ed41fb0a
|
Support priority keyword, add priority to alert-fastlog.
|
15 years ago |
Victor Julien
|
867d493d7f
|
Source NFQ update... less hackish, but still needs work as soon as we know how to do configuration.
|
15 years ago |
Victor Julien
|
dc224cb2d2
|
Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented.
|
15 years ago |
Victor Julien
|
9afa171d71
|
cosmetic update of alert-fastlog Will
|
15 years ago |
Victor Julien
|
a7ee4c5b1b
|
Update todo of alert-fastlog
|
15 years ago |
Victor Julien
|
3df4b7da2b
|
Set p->proto and add TCP, UDP, etc macros.
|
15 years ago |
Victor Julien
|
b7bc35e8b2
|
support for 'negation' in addresses and the 'any' special case.
|
15 years ago |
Victor Julien
|
876f0c95c7
|
Signature rule keywords are case insensitive. Support that.
|
15 years ago |
Victor Julien
|
d036264f80
|
Cleanup signature parsing and other detect.c parts.
|
15 years ago |
Victor Julien
|
f1db87276c
|
Start on addr and proto parsing in rules.
|
15 years ago |
Victor Julien
|
6c1f2071be
|
Add unittest registration to the threading modules api.
|
15 years ago |
Victor Julien
|
cd19ee8bf2
|
Fix crash when to_client traffic was scanned for uricontent when there was no uri available...
|
15 years ago |
Victor Julien
|
f77c654d13
|
Further develop the address api. Added dynamic group head support.
|
15 years ago |
Victor Julien
|
3ec5f66729
|
Fix some address code related compiler warnings.
|
15 years ago |
Victor Julien
|
d2b089f359
|
Fix including the header for htonl breaking the code.
|
15 years ago |
Victor Julien
|
bbbb644dea
|
Add error checking to CIDRGet and make it quiet.
|
15 years ago |
Victor Julien
|
a798f84bf5
|
Add simple test report to unittesting.
|
15 years ago |
Victor Julien
|
151512a45c
|
Split up address code in ipv4 and ipv6 specific files. Cleanups.
|
15 years ago |
Victor Julien
|
41647a5430
|
small fixes for Wills patch
|
15 years ago |
William Metcalf
|
559edc01e3
|
NFQUE drop support added with ident of 4 :-(
|
15 years ago |
Victor Julien
|
37e31e0240
|
Implement the address code for IPv6 as well.
|
15 years ago |
Victor Julien
|
b8ad4adf81
|
complete rename of address2 to address
|
15 years ago |
Victor Julien
|
9c321af65e
|
Rename address2 to address
|
15 years ago |