suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	4b69a31dc3	detect/integers: count argument for multi-integers Ticket: 7211 Allows to count the number of elements, without matching on individual elements	4 weeks ago
Philippe Antoine	7f0087f19a	rust/detect: fix correct pointer type in SCDetectU32ArrayFree	4 weeks ago
Philippe Antoine	096ba42ce9	detect/integers: add some meaningful error messages To help rule writers	2 months ago
Philippe Antoine	867f5bfa21	detect/integers: generic detect_parse_uint_bitflags Ticket: 6724 This will ease other keywords with bitflags, by having a generic function + an association between flag string and bit value.	2 months ago
Philippe Antoine	cb9ab951b9	detect/integers: subslice for multi-integers	2 months ago
Philippe Antoine	82f0e725a2	detect/integers: index or_absent and or_oob To match if array is empty, or index is out of bounds	2 months ago
Philippe Antoine	1480cf47ab	detect/integers: nb index to match a specific number of times For example dns.rrtype: !A,nb>3 will match if we have more than 3 dns records which are not A	2 months ago
Philippe Antoine	6f848eeaaf	detect/integers: all1 index to match only on non-empty arrays	2 months ago
Philippe Antoine	dd81cfa733	detect/uint: wait for end of progress to match on all As is done for absent keyword for instance	2 months ago
Philippe Antoine	5add185f22	http2/detect: http2.window can now use index Ticket: 7480	2 months ago
Philippe Antoine	83868778b9	http2/detect: http2.priority can now use index Ticket: 7480	2 months ago
Philippe Antoine	d8c1f8e7be	rust/detect: generic detect_uint_match_at_index and make ldap use it Ticket: 7480 No behavior change, just code restyling	2 months ago
Philippe Antoine	f555f02ed4	rust/detect: generic detect_parse_array_uint_enum And make ldap use it Ticket: 7480 No behavior change, just code restyling	2 months ago
Philippe Antoine	c6d3857793	rust/detect: create generic DetectUintArrayData And make ldap use them Ticket: 7480 No behavior change, just code restyling	2 months ago
Philippe Antoine	e01d19889e	rust/detect: move DetectUintIndex definition to generic file Ticket: 7480 No behavior change, just code restyling	2 months ago
Philippe Antoine	2ed7a85356	rust: rustfmt detect uint	2 months ago
Philippe Antoine	d0a513df6a	detect/integers: support kibibyte unit Ticket: 7869	2 months ago
Jason Ish	bfd6c29f5a	detect: SC prefix for extern pub Rust functions Ticket: #7498	7 months ago
Alice Akaki	73455179d7	detect/integers: add support for negated strings when enum is used function detect_parse_uint_enum can parse strings like !bind_request Ticket: #7513	9 months ago
Philippe Antoine	0a1062fad2	detect/mqtt: move keywords to rust Ticket: 4863 On the way, convert some keywords to use the first-class integer support. And helpers for pure rust the support for multi-buffer. Move the C unit tests about keyword mqtt.protocol_version to unit tests for generic integer parsing, and test version 5 instead of testing twice version 3. Also iterate all tx's messages for reason code as is done for other keywords. And allow detection on empty topics.	1 year ago
Philippe Antoine	7dfddab9ed	detect: parse units for integer for every cases Ticket: #6423 Not just equality, but also >3MB should work For example flow.bytes_toserver>3MB	1 year ago
Philippe Antoine	16952d67e7	detect/dhcp: move keywords to rust Ticket: 4863	1 year ago
Philippe Antoine	f6e1a20215	detect: dns.opcode as first-class integer Ticket: 5446 That means it can accept ranges	2 years ago
Philippe Antoine	d05f3ac791	detect: integer keywords now accept bitmasks Ticket: 6648 Like &0x40=0x40 to test for a specific bit set	2 years ago
Philippe Antoine	370ac05419	detect/integer: rust derive for enumerations Ticket: 6647 Allows keywords using integers to use strings in signature parsing based on a rust enumeration with a derive.	2 years ago
Philippe Antoine	06c5dd3133	detect: integer keywords now accept negated ranges Ticket: 6646	2 years ago
Philippe Antoine	3b65a2bb61	detect: integer keywords now support hexadecimal So that we can write enip.revision: 0x203 Ticket: 6645	2 years ago
Philippe Antoine	a8199bf2ca	rust: fix assertions_on_constants for assert!(false) using panic! instead with a string message	2 years ago
Philippe Antoine	ae72ce77fa	detect: parse units for integers Ticket: #6423 Especially for filesize, instead of just a number, a signature can use a number and a unit such as kb, mb or Gb	2 years ago
Jason Ish	565da0d0af	rust: fix clippy lints for clippy::redundant_field_names	3 years ago
Jason Ish	c4034dafa1	rust: fix clippy lints for clippy::derive_partial_eq_without_eq	3 years ago
Jeff Lucovsky	484c34bc60	detect/uint: Move uint logic into a separate module This commit moves the uint logic into its own module.	3 years ago

32 Commits (4b69a31dc300f9b60c0c303fd5dcb35ba03fabed)