suricata

Commit Graph

Author	SHA1	Message	Date
Anoop Saldanha	88d94b136d	Support for reference.config file	15 years ago
Anoop Saldanha	fe700737a3	fix null dereference in detect parse test - clang fix	15 years ago
Anoop Saldanha	f094523eb1	clang fix - some minor fixes for unittests	15 years ago
Pablo Rincon	bbab0f9987	Set default gid to 1 on Sig init	15 years ago
Victor Julien	c62a3d995e	Fix signatures with trailing spaces being rejected by the regex. Add test.	16 years ago
Victor Julien	05ae4f99d8	Kick out invalid signature with uricontent and flow:to_client or flow:from_server.	16 years ago
Pablo Rincon	c6e090f72c	App layer proto specific sigs (use the app layer to match proto)	16 years ago
Victor Julien	102092a89c	Make signature address matching more cache efficient.	16 years ago
Anoop Saldanha	89e3d92cdb	fix creating a static array of length 0 in SigMatchGetLastSMFromLists - clang fix	16 years ago
Pablo Rincon	693d4f54eb	Load signatures with incompatible fast_pattern option (due to design differences for optimization)	16 years ago
Anoop Saldanha	673322f01f	unittests for dce_stub_data content based singature parsing + fixes	16 years ago
Anoop Saldanha	ce8d27425d	fix signature parsing to how snort does it for content based keywords along with dce_stub_data	16 years ago
Anoop Saldanha	5fb6981e9e	content handling changes in detect-engine-payload.c for multiple relative matches	16 years ago
Victor Julien	393acd77d2	Detection improvements: uricontent escaping now working, better negated pattern (content) handling.	16 years ago
Victor Julien	7454336ef5	Make SigWrapper private to detect-parse.c and rename to SigDuplWrapper to reflect it's use and purpose.	16 years ago
Anoop Saldanha	9ecade76b9	in case of duplicate signatures used the one with the latest revision	16 years ago
Pablo Rincon	b931895901	Fixing flow cleanup and ctx initialization	16 years ago
Pablo Rincon	eed0ef6e69	Adding tag keyword support	16 years ago
Victor Julien	37442a8a84	Prefilter signatures before fully scanning them.	16 years ago
Anoop Saldanha	45ea0d914e	dce stub content keywords support using dcepayload.c support for all dce related content keywords	16 years ago
Victor Julien	0a607fce3d	Finish http_uri keyword, fix invalid read issue in one of the tests.	16 years ago
Gurvinder Singh	cda664a8c4	memroy leaks fixes in detection module, app layer and counters	16 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	16 years ago
Victor Julien	7a427ec7f4	Switch to pattern id based results checking in the mpm. Move app layer proto detection towards a more signature based approach.	16 years ago
Gurvinder Singh	3721037de5	unittests for bug 134&139 and some typo correction	16 years ago
William Metcalf	5fb405335e	Small wrapper fixes to allow for windows compilation	16 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	16 years ago
Victor Julien	070ed778b8	Libcap-ng support by Gurvinder Singh and myself. Basic support for per thread caps is added, but not activated as it doesn't seem to work yet. Work around for incompatibility between libnet 1.1 and libcap-ng added.	16 years ago
Victor Julien	565b44a7e5	Improve sig parsing unittest error handling.	16 years ago
Gurvinder Singh	69a4fee757	fixed the API and logic error reported by clang tool	16 years ago
Victor Julien	fe7ece997a	Different approach to the reference keyword. Lots of cleanups, bug fixes in reference keyword code and tests.	16 years ago
Breno Silva	89baf93a40	Reference Support	16 years ago
Victor Julien	01c0e316b9	Cleanup of libnet patch.	16 years ago
William Metcalf	3678dda185	libnet now optional	16 years ago
Pablo Rincon	e7a989e305	IP Only Engine using radix trees	16 years ago
Pablo Rincon	c7350a8ac6	Fixing some naming convention issues and incorrect error messages	16 years ago
Pablo Rincon	b708d7f65d	Adding Uricontent inspection with spm. Modifiers for uricontent are now supported	16 years ago
Victor Julien	c1a19bcd6b	Fix compilation of new detect-filter code, fix ip-only compatibility of detect-filter code.	16 years ago
Victor Julien	80dc4f1dbe	Further simplify content api: merge flags that indicate a next relative match, remove chunks as they are unnecessary now, make negated a bitflag.	16 years ago
Victor Julien	f298fec872	Make sure nocase applies to the last pattern, content or uricontent.	16 years ago
Victor Julien	0e7cb90212	Fix broken pmatch list handling.	16 years ago
Victor Julien	8b30226914	Detection keyword cleanup	16 years ago
Victor Julien	6637873348	Update prev ptrs in SigMatchReplaceContent	16 years ago
Victor Julien	b259e362cd	Convert uricontent to use new scanning methods as well. Move http_method and http_cookie keywords out of pmatch list for now.	16 years ago
Victor Julien	bef70a04ce	First stage of detect engine redesign: equal patterns share id's, search phase no longer used, new match verification phase.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gerardo Iglesias Galvan	ba6d807a6e	Improve information about errors on signature failure	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Victor Julien	2481f2102b	Add missing return value evaluation in port parsing and fix broken unittest.	16 years ago
Victor Julien	4284276b11	Merge applayer detect function into normal match function. Should speed up detection.	16 years ago

1 2 3

115 Commits (59923316bc2afd6a01c12f5c76d1f2c17c5f1977)