suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	880724d2ee	detect/http_stat_msg: minor code cleanups	6 years ago
Victor Julien	e9d43254c8	detect: add http.host.raw sticky buffer	6 years ago
Victor Julien	b469938998	detect/http_raw_host: move raw into regular host logic	6 years ago
Victor Julien	dc43f35427	detect/http_host: move tests into tests/	6 years ago
Victor Julien	2c57037611	detect/http_raw_host: use inspect v2 api	6 years ago
Victor Julien	8c8a3473c9	detect/http_raw_host: minor cleanups	6 years ago
Victor Julien	e9fcb9d5ef	detect/http_method: add http.method sticky buffer	6 years ago
Victor Julien	cb332b4cda	detect/http_method: move all tests into tests/	6 years ago
Victor Julien	d00732175a	detect/http_method: use inspect v2 api	6 years ago
Victor Julien	5fbee04306	detect/http_method: minor cleanups	6 years ago
Victor Julien	4e50df0f55	detect/http: add http.uri.raw sticky buffer keyword	6 years ago
Victor Julien	0a405e27a0	detect/http_raw_uri: code reorganization Move registration into http_uri logic, move tests into the other uri tests. Switch to v2 mpm/inspect APIs.	6 years ago
Victor Julien	e29f13502b	detect/http_raw_uri: small cleanups	6 years ago
Victor Julien	10e2731f18	detect/http-uri: move tests into tests/	6 years ago
Victor Julien	0c879d5041	detect: add http.uri sticky buffer keyword	6 years ago
Victor Julien	789f302d1a	detect: add http.host sticky buffer	6 years ago
Victor Julien	a0e4c5e79b	detect/http-hh: code cleanups	6 years ago
Victor Julien	3111910fc6	detect/http_user_agent: move tests into tests/	6 years ago
Victor Julien	123ebb2c41	detect: add http.user_agent sticky buffer	6 years ago
Victor Julien	fe738014e4	detect/http-ua: remove dead code	6 years ago
Victor Julien	e62c75335e	detect/http-ua: test cleanups	6 years ago
Victor Julien	33b81f7439	detect: add verbosity of --list-keywords Add indicators of content modifier or sticky buffer, and also allow registering an alternative to a keyword.	6 years ago
Victor Julien	d3e953e5f2	detect: switch keyword flags u16	6 years ago
Victor Julien	eb73008ccf	detect/transform: add to_sha1 keyword	6 years ago
Victor Julien	75f9c1ae9f	detect/transform: add to_md5 keyword	6 years ago
Victor Julien	42d22ddb2a	unittests: add signature parse test helper	6 years ago
Victor Julien	705d3b6130	Open 5.0.0-dev branch	6 years ago
Victor Julien	7f38ffc8bc	log/stats: fix formatting of long decoder events	6 years ago
Victor Julien	b3c021f8d0	userguide: improve stats logging documentation	6 years ago
Jingyu Yang	bb26e6216e	source-pcap:set PktAcqBreakLoop as pcap_breakloop	6 years ago
Victor Julien	d8634daf74	stream: fix false negative on bad RST If a bad RST was received the stream inspection would not happen for that packet, but it would still move the 'raw progress' tracker forward. Following good packets would then fail to detect anything before the 'raw progress' position. Bug #2770 Reported-by: Alexey Vishnyakov	6 years ago
Victor Julien	fb18a1655c	eve.stats: warn that output might miss decoder-events	6 years ago
Victor Julien	0d86263efd	eve.stats: make decoder event prefix configurable	6 years ago
Victor Julien	932c2a7ec5	eve: fix missing decoder-events in stats In the eve log the decoder events are added as optional counters. This behaviour is enabled by default. However, lots of the counters are missing, as the names colide with other counters. E.g. decoder.ipv6 counts ipv6 packets decoder.ipv6.unknown_next_header counts how often an unknown next header is encountered. In this example 'ipv6' would be both a json integer and a json object. It appears that jansson favours the first that is generated, so the event counters are mostly missing. This patch registers them as 'decoder.events.<event>' instead. As these names are generated on the fly, a hash table to contain the allocated strings was added as well.	6 years ago
Victor Julien	0f1fc1f0c8	hash: move string hash funcs into util files	6 years ago
Victor Julien	c140505bec	decoder: add gre over ipv6 support	6 years ago
Victor Julien	8709a20d94	af-packet: minor code cleanups	6 years ago
Victor Julien	c99dc5a7bf	af-packet: re-enable sync for tpacket v2 Synchronize start was disabled for v2 when v3 was introduced, without a reason being given. Re-enable as v2 will otherwise also start reading packets before the other threads are set up. This will lead to hashing issues. Part of bug #2788.	6 years ago
Victor Julien	cebbe06f70	af-packet: fix sync start for tpacket v3 The tpacket-v3 implementation of the synchonize start logic would not correctly consider the timestamp parameter, leading to threads starting before synchronization between threads was complete. Bug #2788	6 years ago
Alexander Gozman	03af3e1ed8	nfqueue: inject fake packet on timeout Fixes nfqueue and delayed-detect. On systems with small amount of traffic (or with no traffic at all) nfqueue with 'delayed-detect' enabled hanged in 'workers' mode. Bug #2362.	6 years ago
Pascal Delalande	f2dca46382	doc: fix minor typo	6 years ago
Eric Leblond	a51d1f7c46	lua: add lua dir with example to make dist	6 years ago
Eric Leblond	2b72dfaf01	coccinelle: add missing tests to make dist	6 years ago
Eric Leblond	0e3b1eba86	util-binsearch: remove the files	6 years ago
Eric Leblond	7a121d9b4c	doc: add _static dir to make dist	6 years ago
Eric Leblond	97da91dc5e	ebpf: include files in make dist	6 years ago
Victor Julien	b51e4a3959	changelog: update for 4.1.2 release	6 years ago
Victor Julien	8b570c0293	smb: improve request/response mapping Only use ssn_id and msg_id for mapping a response to a request. By not using the tree_id it can always be included in the tx.hdr which means it can be logged properly in case of IOCTL and DCERPC.	6 years ago
Travis Green	6f5eb487a1	doc: add missing and fix 404 for --list-keywords	6 years ago
Travis Green	c2adb9e669	doc: added tos keyword Redmine issue: https://redmine.openinfosecfoundation.org/issues/2583	6 years ago

... 4 5 6 7 8 ...

9712 Commits (4705314fd2741ac0b375b822706da7f34810e37c) All Branches Search

9712 Commits (4705314fd2741ac0b375b822706da7f34810e37c)

All Branches