aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,298 Commits
8 Branches
154 Tags
167 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '57ed5dfd32'
${ noResults }
Commit Graph

4298 Commits (57ed5dfd32d6bdf40d49a480cebb6c5a2e8aaaae)
 

Author SHA1 Message Date
Victor Julien 6645620c03 Merge SIG_FLAG_MPM_HTTP and SIG_FLAG_MPM_DNS into SIG_FLAG_MPM_APPLAYER, do the same for the _NEG variant. 11 years ago
Victor Julien 43ba5a677e DNS: enable mpm/fast_pattern support for dns_query 11 years ago
Victor Julien 4817e1305f DNS: add /F modifier to pcre to inspect DNS query name 11 years ago
Victor Julien 4f20f72f4d DNS: add event rules file 11 years ago
Victor Julien e567e12230 DNS: add unittests for UDP and TCP for dns_query keyword 11 years ago
Victor Julien f10dd603ff DNS: adding dns_request content modifier 11 years ago
Victor Julien 6674f4892c DNS: add per tx internal id 
Add per TX id. Rename transaction_cnt to transaction_max (id) and increment it on tx creation.
 11 years ago
Victor Julien 59780ca770 Hacks to enable alert dns even though we have dnstcp and dnsudp parsers. Needs proper solution later. 11 years ago
Victor Julien 8e01cba85d DNS TCP and UDP parser and DNS response logger 11 years ago
Eric Leblond 4521de2dfd Use PACKET_* macro instead of UPDATE 
Setting the ACTION_DROP flag can be done via PACKET_DROP instead
of using PACKET_UPDATE_ACTION.
 11 years ago
Eric Leblond c0c59fbd17 decode: factorize macro code 
PACKET_* are now wrapper to the newly introduced PACKET_SET_ACTION
macro.
 11 years ago
Eric Leblond 3f107fa130 decode: Packet action start with PACKET 
Rename all Packet action macro to have them prefixed by PACKET.
 11 years ago
Anoop Saldanha 3304c91c91 Don't let geoip match on pseudo packets. 11 years ago
Anoop Saldanha 1fb4aae993 Coverity 1038523: Fix using cuda buffer slice that has been returned to the pool. 11 years ago
Victor Julien 51cdd464a6 stream: detect keep-alive and keep-alive ACK 11 years ago
Victor Julien 03c3ff5632 stream: fix typo in function name 11 years ago
Eric Leblond 4c6595f437 Coverity 1038106: fix FP out-of-bond access 
A cast during the reading of a configuration variable was invalid
because a 16 bit integer was cast to a 32 bit integer. The called
function is only setting the pointer value to 1 or 0 so there is
no real issue there.
 11 years ago
Eric Leblond 7df156ef50 Coverity: 1038139 suppress sanity check 
The sanity check was really useless as the NULL value is checked in
the code flow.
 11 years ago
Eric Leblond 75cd1f6096 Coverity 1038515: check function return 
This is more cosmetic than useful but it is cleaner anyway.
 11 years ago
Anoop Saldanha b4e750068f Cuda make distcheck fix for cuda-ptxdump.h 11 years ago
Anoop Saldanha 7d46d59cdd Coverity 1038522: fix memset inside cuda code. Wrong size specified to memset. 11 years ago
Victor Julien d6fcd07a31 Coverity 1038085: remove 'default' statement in SCErrorToString. This way a warning will be given if an error is defined w/o updating this function. 11 years ago
Victor Julien e2444f0ed5 Coverity 1038092 & 1038093: remove dead code 11 years ago
Victor Julien 0902c7f3aa Coverity 1038518: fix wrong error check 11 years ago
Victor Julien db1dad8cc6 Coverity 1038124: memory leak on 'seq' keyword parsing failure 11 years ago
Victor Julien b2e962da03 Coverity 1038123: memory leak on 'flowint' keyword parsing failure 11 years ago
Victor Julien 5c5b2f98dd Coverity 1038116 & 1038117: memory leaks on 'app-layer-event' keyword parsing failure 11 years ago
Victor Julien 778851626c Coverity 1038115: memory leak on 'ack' keyword parsing failure 11 years ago
Victor Julien 98dbf3e62c Coverity 1038113: possibly out of bounds read 11 years ago
Anoop Saldanha 602c91ed41 Minor cosmetic changes to the cuda code. 
Moved a couple of functions to more cuda relevant files;
Re-structured some data types.
 11 years ago
Anoop Saldanha c9f076def3 Modified CudaBufferCullCompletedSlices. 
Allow readers specify max size of data they want to read.
 11 years ago
Anoop Saldanha 70cb4d30eb Add a usleep to CudaBuffer culling process. Would lead to a situation where the thread wouldn't care to yield to others." 11 years ago
Anoop Saldanha 17c763f855 Version 1 of AC Cuda. 11 years ago
Anoop Saldanha 2de59fc235 Version 1 of CudaBuffer API. Introduced to buffer data to the gpu. 
This version allows async writes to a buffer by threads.  Allows only
sequential reads though.
 11 years ago
Anoop Saldanha 557cab3dc9 We call packet and stream mpm as late as possible now. Won't affect the working of the engine. 
The rationale behind this is, if we have pkt buffered to the gpu, we'd want
to delay processing the pkt as much as possible.
 11 years ago
Anoop Saldanha d2063d98ad pool now uses a queue kinda behaviour when getting/inserting data through poolbuckets. 11 years ago
Anoop Saldanha f4c719b83a code refactoring. Call mpmprefilter slightly later than where it's called atm 11 years ago
Anoop Saldanha b787da5643 Remove all cuda related code in the engine except for the cuda api wrappers 11 years ago
Anoop Saldanha e2a6cfb6a6 update cuda API wrappers 11 years ago
Eric Leblond f7c5026c31 Add one shot run option to suri-graphite. 11 years ago
Eric Leblond 0d2f3bfa16 Import suri-graphite script 
This patch import suri-graphite into suricata contrib directory.
This script reads counters from suricata unix socket and send them
to a Graphite graphing server.
 11 years ago
Eric Leblond d8ce2b1ca4 unix-socket: fix OSX build 
MSG_NOSIGNAL is not defined on macOSX and SO_NOSIGPIPE is used
instead.
 11 years ago
Eric Leblond ce95fbdda0 action handling: add test to avoid direct access 
Direct access to the action field of Packet structure is not
allowed.
 11 years ago
Eric Leblond a35c367942 action handling: use macro for test. 
Use test macro instead of direct access to action field.

This patch has been obtained by using the following
spatch file:

  @@
  Packet *p;
  expression E;
  @@

  - p->action & E
  + TEST_PACKET_ACTION(p, E)
 11 years ago
Eric Leblond efaa9a7302 action handling: define and use macros 
The action field in Packet structure should not be accessed
directly as the tunneled packet needs to update the root packet
and not the initial packet.

This patch is fixing issue #819 where suricata was not able to
drop fragmented packets in AF_PACKET IPS mode. It also fixes
drop capability for tunneled packets.
 11 years ago
Anoop Saldanha 429b5cec10 Fix magic unittets. 
Fix segv, when magic_load() fails due to the non-availability of default
magic files.
 11 years ago
Anoop Saldanha 058e9278c5 Fix wrong casting of htp pointer. Fixed it back to (HTPState *) inside 
htp utility functions.
 11 years ago
Anoop Saldanha 21f9cc3a39 discontinue matching on buffer if urilen returns a match failure. 12 years ago
Victor Julien 56c6dd9bb2 bytetest: add unittest showing missed detection 
Tests recursive and relative negative byte_test matching.
 12 years ago
Anoop Saldanha c3d98f9640 Fix the bug specified in the previous commit. 
Bug emanates from byte_test, byte_jump and byte_extract keyword being
unable to handle negative offsets when the inspection pointer is at the
end of the buffer.
 12 years ago