aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,780 Commits
10 Branches
154 Tags
166 MiB
dependabot/github_actions/actions/checkout-4.2.1
dependabot/github_actions/github/codeql-action-3.26.12
dependabot/github_actions/actions/upload-artifact-4.4.3
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5499a6f7cd'
${ noResults }
Commit Graph

11780 Commits (5499a6f7cd2265072945dbb3b5a61e2a5e1f7ad1)
 

Author SHA1 Message Date
Kirby Kuehl 5499a6f7cd doc: fix URL for unix-socket python example 4 years ago
Jeff Lucovsky 8ce2078a38 tftp: Add test cases 
This commit adds test cases for the TFTP parser.
 4 years ago
Jeff Lucovsky e900b6d265 tftp: Improve parser 
This commit improves TFTP parsing by ensuring the mode and opcode are
valid.
 4 years ago
Jason Ish 18a1fd22c2 github-ci: use python3 in debian builds 4 years ago
Jason Ish 7904ef82d0 github-ci/macos: use brew to install Python 3 
The default Python on MacOS is Python 2. Suricata-Verify now
depends on Python 3, so install it with Brew.
 4 years ago
Jason Ish 37eff69a37 github-ci: update min Rust version from 1.34.2 to 1.41.1 4 years ago
Jason Ish f77fd0c0cb rust: include file cleanup 
The cbindgen generated header should not include rust.h as
rust.h already includes the generated binding.

Fixup C source code that only pulled the generated include, it
should instead pull in "rust.h" which includes the generated
binding plus other misc. stuff.
 4 years ago
Philippe Antoine 47dd9a5ebc signature: Fix leak in urilen parsing 
cf #4254
 4 years ago
Victor Julien 423a5e2f6c detect/file.data: support ftp and ftp-data 4 years ago
Victor Julien 45eddde573 detect/file.name: register inspect engine for ftp-data 4 years ago
Jeff Lucovsky f8fef0dd05 decode/tcp: Improved handling of TFO options 
This commit improves handling of TCP fast open options
- Option length must be in [6, 18]
- Option length must be an even value
 4 years ago
Gianni Tedesco 10ea60a237 detect: Validate that NOOPT options don't have optvals 
Without this, a simple typo between : and ; is able to hide actual bugs
in rules.

I discovered 2 bugs in ET open ruleset this way.
 4 years ago
Gianni Tedesco cebe15c23b detect-fast-pattern: Mark as OPTIONAL_OPT, instead of NOOPT 
Also update the erroneous comment about it.
 4 years ago
Sascha Steinbiss f78f444a5e doc: build all manpages 4 years ago
Eric Leblond dfe5785bfa ebpf: avoid need of 32 bit header 
Compilation of xdp_lb.c was failing in some case with the following
error:

/usr/include/x86_64-linux-gnu/gnu/stubs.h:7:11: fatal error: 'gnu/stubs-32.h' file not found

This patch add some define to be able to skip recursive inclusion of
header files leading to the problem.
 4 years ago
Juliana Fajardini e33bbee9b7 nbss: add parser tests 
Add tests to parse_nbss_record and parse_nbss_record_partial
 4 years ago
Eric Leblond 8d034b4163 eve/dhcp: avoid to call common logging twice 4 years ago
Joshua Lumb 9d432bbab3 threads: More descriptive startup output 4 years ago
Carl Smith 9b840104bd lua: Make the rule action available to output scripts 
Useful for those that want to do custom logging from lua
 4 years ago
Justin Ossevoort 320de5f43d eve: Log tenant_id for all eve-json messages 4 years ago
Carl Smith 660b68a083 nsh: Parsing of Network Services Header and payload 
Support for EtherType 0x894F and basic header
 4 years ago
Victor Julien db2dbaaf40 stream/midstream: handle packet loss after SYN/ACK 4 years ago
Victor Julien 895938080f stream/tcp: fix invalid ack events in timewait state 4 years ago
Victor Julien 49bd1f85b9 flow/timeout: fix TCP seq/ack for reversed flows 
When a flow is swapped it also swaps the stream trackers, so it does
not make sense to reverse them during pseudo packet creation.
 4 years ago
Victor Julien 3c7c361b60 detect/stream: fix async stream inspection 
Move raw progress forward only if detect uses stream data, indicated
by the PKT_DETECT_HAS_STREAMDATA flag.
 4 years ago
Victor Julien 8aa02c6d15 stream/tcp: fix async mode ACK validation 4 years ago
Philippe Antoine 8d659c6500 fuzz: improves sigpcap target with PacketPoolInit 4 years ago
Victor Julien 372fc26739 ci: buildbot is decommissioned, so remove prscript refs 4 years ago
Jason Ish 49ca070446 github-ci: use a unique id for the commit check cargo cache 
All builds have been using the same cache id for ~/.cargo which
could lead us to conflict situations which is what I think we are
seeing with the commit-check job.
 4 years ago
Shivani Bhardwaj 6c19e7d0d4 counters: convert to FAIL/PASS API 4 years ago
Shivani Bhardwaj 7eef4e83e5 confyaml: convert to FAIL/PASS API 4 years ago
Shivani Bhardwaj fb311e3d9d applayer: convert to FAIL/PASS API 4 years ago
Shivani Bhardwaj bfd956ce67 applayer/htp/xff: convert to FAIL/PASS API 4 years ago
Shivani Bhardwaj b195ffbe18 applayer/ftp: convert to FAIL/PASS API 4 years ago
Shivani Bhardwaj 2e3d408e6f fastlog: convert to FAIL/PASS API 4 years ago
Janani Ramjee 2d3cf11906 detect/mark: convert unittests to use PASS/FAIL API 4 years ago
Juliana Fajardini 2765bff0c5 detect/msg: convert to FAIL/PASS API 
Issue 4053. Adjust code formatting style (wrap long lines).
Replace SigInit with DetectEngineAppendSig.
 4 years ago
Sumera Priyadarsini d4264748d8 detect: filesha1: convert unittests to use PASS/FAIL API 
Currently, unit tests use integer values 1 and 0 to denote pass
and fail status of tests respectively. Modify the unit test
detect-filesha1 to use the PASS/FAIL API instead.
 4 years ago
Juliana Fajardini 5226ba1c15 Rust: generic files definition 
Issue: Optimization 3825
- filecontainer: add Files structure, to replace/unify SMBFiles,
NFSFiles and HTTP2Files
- smb/files: delete SMBFiles implementation
- smb/smb: replace SMBFiles with Files
- nfs/nfs: delete NFSFiles implementation, replace its former
 declarations with Files' ones
- http2/http2: replace HTTP2Files with Files
- http2/mod: Delete reference to file files.rs
- http2/files: Delete
 4 years ago
Juliana Fajardini d2144c0dfb detect-sid: fail/pass api 
- convert unittests to new FAIL/PASS API.
 4 years ago
Jason Ish f09536a936 github-ci: fix centos 8 build 
The "PowerTools" repo that we need to enable has been renamed
to "powertools".
 4 years ago
Jason Ish f2ab5803fb dns: initialize log flags as an unsigned long long 
On 64 bit all 64 bits were being initialized, but on 32 bit
only 32 bits were as it was being initialized as a long.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4206
 4 years ago
Sascha Steinbiss a4556c9427 dns: use rest() for NULL parsing 4 years ago
Sascha Steinbiss 81b206a5f4 dns: add test for SRV 4 years ago
Sascha Steinbiss 15c42e0d83 doc: add documentation for SRV DNS JSON structure 4 years ago
Sascha Steinbiss 08a6f1441a dns: parse SRV records 4 years ago
Antti Tönkyrä f3ad7f14fa dns: add rdata logging for NS rrtype 4 years ago
Simon Dugas 4336a0e739 dns: log rdata for NULL record type 
Logs the rdata for a NULL record type as a printable string.
 4 years ago
Jason Ish 858ab07775 github-ci: add sccache to per-commit check 
Also use the pre-build cbindgen binary.
Hopefully speeds up the build process.
 4 years ago
Victor Julien efc9a7a398 app-layer: remove callback for completion status 
Since the completion status was a constant for all parsers, remove the
callback logic and instead register the values themselves. This should
avoid a lot of unnecessary callback calls.

Update all parsers to take advantage of this.
 4 years ago