d634140fa2 
								
							
								 
							
						 
						
							
							
								
								logging: unique id's per log direction  
							
							... 
							
							
							
							For loggers that register once per direction, use unique id's per
direction.
Reshuffle id's to keep tx log id's low so we can use u32 for tracking
logged loggers. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								bca0cd71ae 
								
							
								 
							
						 
						
							
							
								
								app-layer: use logger bits to avoid looping  
							
							... 
							
							
							
							Avoid looping in transaction output.
Update app-layer API to store the bits in one step
and retrieve the bits in a single step as well.
Update users of the API. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								01724f04fa 
								
							
								 
							
						 
						
							
							
								
								app-layer: register per proto logger bits  
							
							... 
							
							
							
							Create a bitmap of the loggers per protocol. This is done at runtime
based on the loggers that are enabled. Take the logger_id for each
logger and store it as a bitmap in the app-layer protcol storage.
Goal is to be able to use it as an expectation later. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								40986b1f61 
								
							
								 
							
						 
						
							
							
								
								detect: put inspect code for MATCH-list into func  
							
							... 
							
							
							
							Introduce DetectRunInspectRulePacketMatches to inspect the signatures
match list. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								70597066e0 
								
							
								 
							
						 
						
							
							
								
								detect: move detect cleanup into util func  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								01f9d0076c 
								
							
								 
							
						 
						
							
							
								
								detect: move packet hdr inspect into util func  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								9ecd60c7a2 
								
							
								 
							
						 
						
							
							
								
								detect-ftpdata: register keyword  
							
							... 
							
							
							
							Keyword registration was missing so the keyword was not existing. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								204474de39 
								
							
								 
							
						 
						
							
							
								
								runmodes: fix single runmode bug with pcap  
							
							... 
							
							
							
							Fix crash for suricata running with pcap option and single runmode.
Ticket: https://redmine.openinfosecfoundation.org/issues/2403  
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								e1e9ada9df 
								
							
								 
							
						 
						
							
							
								
								rust/nfs: improve file close handling  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								350b5d99ce 
								
							
								 
							
						 
						
							
							
								
								rust/nfs: don't panic on malformed NFS traffic  
							
							... 
							
							
							
							Instead set events. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								ce59ec5d13 
								
							
								 
							
						 
						
							
							
								
								af-packet: free ring buffer at exit  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								485663583a 
								
							
								 
							
						 
						
							
							
								
								rust/mingw: fix linker issues on mingw  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								746638b220 
								
							
								 
							
						 
						
							
							
								
								cuda: remove  
							
							... 
							
							
							
							Remove CUDA support as it has been broken for a long time.
Ticket #2382 . 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								282dad79ca 
								
							
								 
							
						 
						
							
							
								
								scan-build: fix memleak warning in port parsing  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								f342b11277 
								
							
								 
							
						 
						
							
							
								
								detect/tos: minor cleanups  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								0c36ea64c2 
								
							
								 
							
						 
						
							
							
								
								detect/tos: fix memleak in error path  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								2a4b5adce8 
								
							
								 
							
						 
						
							
							
								
								scan-build: simplify FatalErrorOnInit macro  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								8aab6016cb 
								
							
								 
							
						 
						
							
							
								
								scan-build: don't use memory wrappers  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								c563c1fcab 
								
							
								 
							
						 
						
							
							
								
								scan-build: fix warning in radix tree  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								50a5b2e458 
								
							
								 
							
						 
						
							
							
								
								scan-build: fix warning in streaming buffer  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								f2cacca9f8 
								
							
								 
							
						 
						
							
							
								
								threads: avoid NULL-ptr deref in thread init wait  
							
							... 
							
							
							
							** CID 1426745:  Null pointer dereferences  (FORWARD_NULL)
/src/tm-threads.c: 2135 in TmThreadWaitOnThreadInit()
________________________________________________________________________________________________________
*** CID 1426745:  Null pointer dereferences  (FORWARD_NULL)
/src/tm-threads.c: 2135 in TmThreadWaitOnThreadInit()
2129         struct timeval cur_ts;
2130         gettimeofday(&start_ts, NULL);
2131
2132     again:
2133         gettimeofday(&cur_ts, NULL);
2134         if ((cur_ts.tv_sec - start_ts.tv_sec) > 120) {
>>>     CID 1426745:  Null pointer dereferences  (FORWARD_NULL)
>>>     Dereferencing null pointer "tv".
2135             SCLogError(SC_ERR_THREAD_INIT, "thread \"%s\" failed to "
2136                     "initialize in time: flags %04x", tv->name,
2137                     SC_ATOMIC_GET(tv->flags));
2138             return TM_ECODE_FAILED;
2139         }
2140 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								f5b27ae767 
								
							
								 
							
						 
						
							
							
								
								Rust: fix probing function prototype: change sign and add Flow  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								28ddf48899 
								
							
								 
							
						 
						
							
							
								
								mingw: improve ipaddress parsing  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								d62a212fa2 
								
							
								 
							
						 
						
							
							
								
								mingw: fix issues in pcap directory code  
							
							... 
							
							
							
							Fix issues with 'stat' and explicitly skip . and .. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								6c7d485bf8 
								
							
								 
							
						 
						
							
							
								
								mingw: wrapper for usleep in threads  
							
							... 
							
							
							
							usleep on MinGW doesn't behave as expected. Added replacement
wrapper around 'Sleep(msec)'. As that has msec resolution and
not a usec resolution, change the various thread init and stop
functions to test for the actual time waited instead of counting
the usecs passed to usleep. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								1261d30df0 
								
							
								 
							
						 
						
							
							
								
								mingw/cygwin: explicitly disable unix socket  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								6b75162194 
								
							
								 
							
						 
						
							
							
								
								mingw: use c:\Program Files\Suricata for w64  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								650e6b316d 
								
							
								 
							
						 
						
							
							
								
								ipv6: add string validation function  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								13477d60ee 
								
							
								 
							
						 
						
							
							
								
								ipv4: add string validation function  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								aa2eddfb98 
								
							
								 
							
						 
						
							
							
								
								decode/mime: improve ip address validation  
							
							... 
							
							
							
							inet_pton on Windows/MinGW is very liberal, so do manual validation
of IP address formatting. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								d6a7f6b53f 
								
							
								 
							
						 
						
							
							
								
								mingw: work around mingw more liberal ip parsing  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								269cd03a43 
								
							
								 
							
						 
						
							
							
								
								console: no color for native windows build  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								275eb839d1 
								
							
								 
							
						 
						
							
							
								
								mingw: disable pid checking from pidfile  
							
							... 
							
							
							
							kill() call is not supported in MinGW 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								3fc73addae 
								
							
								 
							
						 
						
							
							
								
								mingw: fix 'struct tm' compilation issue  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								46cb00ec6c 
								
							
								 
							
						 
						
							
							
								
								strptime: add implementation from NetBSD  
							
							... 
							
							
							
							As MinGW doesn't come with strptime take the BSD licensed
implementation from NetBSD. More specifically, the one from
https://github.com/Alexpux/MINGW-packages/blob/master/mingw-w64-libkml/strptime.c 
It's slightly modified to get rid on 'uint'. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								11be9bd971 
								
							
								 
							
						 
						
							
							
								
								mingw: add SCNtohl and SCNtohs macro's  
							
							... 
							
							
							
							On MinGW the result of ntohl needs to be casted to uint32_t and
the result of ntohs to uint16_t. To avoid doing this everywhere
add SCNtohl and SCNtohs macros. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								895df9a6f6 
								
							
								 
							
						 
						
							
							
								
								mingw: fix use of undefined USR2 signal  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								e113fa96e9 
								
							
								 
							
						 
						
							
							
								
								mingw: fix compilation of signals code  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								d8ddd3b5bc 
								
							
								 
							
						 
						
							
							
								
								mingw: work around mingw mkdir  
							
							... 
							
							
							
							mingw doesn't come with a posix compliant mkdir as it only takes
a single argument. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								223d9a1e3a 
								
							
								 
							
						 
						
							
							
								
								eve: remove json format option - was not used  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								1587772b90 
								
							
								 
							
						 
						
							
							
								
								eve.flow: removed unused http parameters  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								c4d30ddaf9 
								
							
								 
							
						 
						
							
							
								
								eve: fix context datatype used in init functions  
							
							... 
							
							
							
							Many were using AlertJsonThread instead of OutputJsonCtx,
but as the datatypes were similar enough no harm was done.
Now that they are using their proper datatype, removed
AlertJsonThread from output.h as its no longer used. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								b005cceb0a 
								
							
								 
							
						 
						
							
							
								
								eve.dnp3: removed unsed context field  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								ecf9eda340 
								
							
								 
							
						 
						
							
							
								
								eve.flow: remove "hi" log message  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								07ab338145 
								
							
								 
							
						 
						
							
							
								
								eve.netflow: remove "hi" log message  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								6c251b8576 
								
							
								 
							
						 
						
							
							
								
								rust: add --enable-rust-debug  
							
							... 
							
							
							
							Add option to put Rust code in non-'--release' mode, preserving
debug symbols.
Until now Suricata would have to be compiled with --enable-debug for
this. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								979f964260 
								
							
								 
							
						 
						
							
							
								
								hostbits: fix test setup  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								a9ac6db0dd 
								
							
								 
							
						 
						
							
							
								
								file_data: move tests into tests/  
							
							
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								6e65cf138b 
								
							
								 
							
						 
						
							
							
								
								file_data: unify inspect engines  
							
							... 
							
							
							
							Call HTTP from the generic file_data engine. 
							
						 
						
							8 years ago  
				
					
						
							
							
								 
						
							
							
								ac0ae2dcd1 
								
							
								 
							
						 
						
							
							
								
								file_data: smtp file_data to generic file_data  
							
							... 
							
							
							
							Generalize the SMTP file_data inspection into a 'files'
file_data inspection that can be used for any protocol
that uses the File API. 
							
						 
						
							8 years ago