aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,911 Commits
7 Branches
155 Tags
198 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '522e98d830'
${ noResults }
Commit Graph

9911 Commits (522e98d830cd3910c16152747622925ed635093b)
 

Author SHA1 Message Date
Pierre Chifflier 8c61cfdca5 snmp.version: move unittests to tests/ 6 years ago
Pierre Chifflier 58d85b1460 snmp.pdu_type: move unittests to tests/ 6 years ago
Pierre Chifflier ff0ff6344f snmp.community: move unittests to tests/ 6 years ago
Pierre Chifflier 509a54281f detect/snmp: convert snmp.community keyword to v2, and MPM 6 years ago
Pierre Chifflier c60f2028e5 rust/snmp: fix missing IPPROTO_* declarations (use core) 6 years ago
Pierre Chifflier c67a53773b detect/snmp: rename keywords to snmp.<name>, and make rust mandatory 6 years ago
Pierre Chifflier 031cbbe868 rust/snmp: fix selection of v1/v2c parser 6 years ago
Pierre Chifflier 9dfec7e734 SNMP: add the "snmp.pdu_type" detection keyword 6 years ago
Pierre Chifflier e1dd19a0eb SNMP: add the "snmp.community" detection keyword 6 years ago
Pierre Chifflier aa608e0ca2 SNMP: add the "snmp.version" detection keyword 6 years ago
Pierre Chifflier ed4823bbe8 SNMP: add missing case for profiling enum 6 years ago
Pierre Chifflier 60324740e6 SNMP: use explicit references to support build with old rust compiler 6 years ago
Pierre Chifflier 57b233f462 SNMP: start looking for transactions from end of list 6 years ago
Pierre Chifflier 6fc7fc74cb SNMP: add logger 6 years ago
Pierre Chifflier 2df840a8b8 Add SNMP (v1/v2c/v3) application layer 6 years ago
Pierre Chifflier b65896c0de Rust: expose function AppLayerParserRegisterGetTxIterator 6 years ago
Victor Julien b1d4931842 rust: fix warnings about wrong type of comments 
"rustdoc does not generate documentation for macro expansions"
 6 years ago
Victor Julien bf1bd407dd rust: fix libc deprecation warnings for int types 6 years ago
Victor Julien cdd061ba37 ikev2: clean up c glue code 6 years ago
Victor Julien 3f36a6ce59 tftp: c glue code cleanup 6 years ago
Victor Julien 723f1586ca ikev2: remove excess new lines 6 years ago
Victor Julien adcbac1c77 tftp: properly implement tx handling 6 years ago
Victor Julien ade2b1e6cf output: get rid of BUG_ONs 6 years ago
Victor Julien 9ea6db3889 pool: don't call Cleanup after failed Init 
Stream reassembly memcap is regulated by the Init and Cleanup
callbacks. If Init fails due to memcap reached, Cleanup had no
way of knowing and it would decrease the memcap even if it hadn't
been increased by Init. This could lead to too much memory use and
memcap counter underflow.

This patch fixes the issue by not calling Cleanup in this case. It's
fair to see a failed Init the responsibility of Init.
 6 years ago
Victor Julien 597ff3c8e3 pool/thread: clean up tests 6 years ago
Victor Julien 025cc64f55 pool/thread: remove old grow function 6 years ago
Victor Julien 67ba132c10 stream: simplify segment and ssn pool inits 6 years ago
Victor Julien 0b02efdf01 pool/thread: introduce simpler way to grow thread pool 6 years ago
Victor Julien 6e6c1bad7d pool/thread: minor code cleanups 6 years ago
Victor Julien 924982e792 app-layer: minor cleanups 6 years ago
Victor Julien ce71bf1fff capture: check for flow packets on capture timeout 
The capture threads can receive packets from the flow manager in their
Threadvars::stream_pq packet queue. This mechanism makes sure the packets
the flow manager injects into the engine are processed by the correct
worker thread.

If the capture thread(s) would not receive packets for a long time, the
Threadvars::stream_pq would not be checked and processed. This could
lead to packet pool depletion in the flow manager. It would also lead
to flows not being timed out/logged until either packets started flowing
again or until the engine was shut down.

The scenario is more likely to happen in a test (e.g. replay) but could
also delay logging on low traffic sensors.
 6 years ago
Victor Julien 952cbb563c app-layer: mandatory tx registration checks 
All protocols now implement the TX API, so the runtime checks for
whether or not a protocol supports the TX API can be removed.
 6 years ago
Victor Julien 8bc1e120ea app-layer: make tests tx aware 
Make tests minimally TX-aware so we can asume all parsers use
the tx API.
 6 years ago
Victor Julien 3526569b25 ssh: test cleanup 
Remove explicit locks. Set ALPROTO_SSH in all tests.
 6 years ago
Victor Julien 480f497d05 packetpool: move return stack to pool earlier 
If waiting for N packets move the return stack to the main
stack every time we take the return stack lock.

Make sure we consider enough packets when setting the pending pool
flush logic. This should at least make sure to have the 9 packets
the flow manager requires per run.
 6 years ago
jason taylor fa0008dbbe detect/content: clean up logging output 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 6 years ago
Eric Leblond e9be6126e2 suricatasc: fix reconnect 6 years ago
Jeff Lucovsky ab1d95446a doc: http keyword update 
This changeset updates the keyword type for http.location and http.server
 6 years ago
Jeff Lucovsky 0960ca0d00 detect/analyzer Add missing HTTP values 
This changeset adds recognition of missing HTTP values
- Raw host
- Header names
- Server body
- User agent
 6 years ago
Philippe Antoine a370d2a91d signature: fix memory leak in DetectBytejumpSetup 6 years ago
Philippe Antoine 8a339e73d3 http: adds an event for double encoded uri 6 years ago
Philippe Antoine e5879650bb http: fixes double-encode configuration keywords 6 years ago
Victor Julien a5f1f19b27 travis: move checks into script 
This makes error handling easier and more robust:
https://docs.travis-ci.com/user/job-lifecycle#complex-build-commands
 6 years ago
Victor Julien 68455caa6a travis: add sphinx to trigger doc build 6 years ago
Mats Klepsland f634da61c9 ja3s-string: move unittests to tests/ 6 years ago
Mats Klepsland 736d35f36e ja3s-hash: move unittests to tests/ 6 years ago
Mats Klepsland b59e82a642 userguide: add documentation for ja3s.string keyword 6 years ago
Mats Klepsland 0b489f329c detect: add (mpm) keyword ja3s.string 
Match on JA3S string using ja3s.string keyword, e.g:

  alert tls any any -> any any (msg:"ja3s.string test";
      ja3s.string; content:"10-11-12"; sid:1;)
 6 years ago
Mats Klepsland 76b94c7073 userguide: add documentation for ja3s.hash keyword 6 years ago
Mats Klepsland 80cee50916 detect: add (mpm) keyword ja3s.hash 
Match on JA3S hash using ja3s.hash keyword, e.g:

  alert tls any any -> any any (msg:"ja3s.hash test";
      ja3s.hash; content:"b26c652e0a402a24b5ca2a660e84f9d5"; sid:1;)
 6 years ago