suricata

Commit Graph

Author	SHA1	Message	Date
Anoop Saldanha	966119b6aa	support for http_raw_uri keyword + mpm engine	14 years ago
Anoop Saldanha	c9897a44a4	fast pattern support for http_cookie. Also support relative modifiers	14 years ago
Anoop Saldanha	bbbedaf963	fast pattern support for http_method. Also support relative modifiers	14 years ago
Anoop Saldanha	7ec0382774	support fast pattern for http raw header. Also support relative modifiers for http raw header	14 years ago
Anoop Saldanha	c61c68fd36	mpm and fast pattern support for http_header. Also support relative modifiers for http_header	14 years ago
Anoop Saldanha	0aa5cffb12	fast pattern support for http_client_body keyword added. Also mpm support for http_client_body added	14 years ago
Anoop Saldanha	68b78664fa	Add unittests for checking content flags. Fix indentation in PopulateMpmAddPatternToMpm(). Also fix DETECT_CONTENT_IS_SINGLE	14 years ago
Anoop Saldanha	eade60f0fd	make some name changes. break PopulateMpm(). Set the avoid mpm double check flags	15 years ago
Anoop Saldanha	4883efd0f6	unifying content structure - uricontent now uses DetectContentData	15 years ago
Anoop Saldanha	a85fa6b792	support for fast_pattern only and fast_pattern:offset,length. Also support the new option for engine-analysis	15 years ago
Victor Julien	fc248ca7a1	Many small performance updates.	15 years ago
Victor Julien	57b098e98c	Add padding to commonly used data structures.	15 years ago
Gurvinder Singh	07e10681d6	fixed a typo in the detect-content.h	15 years ago
Victor Julien	7a427ec7f4	Switch to pattern id based results checking in the mpm. Move app layer proto detection towards a more signature based approach.	15 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	15 years ago
Pablo Rincon	9209eaeaf6	Fix some error messages and coding style at uri/content modifiers	15 years ago
Pablo Rincon	86185ecd97	Enable spm inspection with precooked pattern contexts on content, uricontent and http_client_body (we will also add this to http_header when it gets commited)	15 years ago
Pablo Rincon	227fe516a0	Adding Boyer Moore context to content patterns, should speed up the search	15 years ago
Pablo Rincon	c7350a8ac6	Fixing some naming convention issues and incorrect error messages	15 years ago
Pablo Rincon	b708d7f65d	Adding Uricontent inspection with spm. Modifiers for uricontent are now supported	15 years ago
Victor Julien	80dc4f1dbe	Further simplify content api: merge flags that indicate a next relative match, remove chunks as they are unnecessary now, make negated a bitflag.	15 years ago
Victor Julien	dd846c9b0e	Remove all search code from the pattern matchers, cleanup mpm api, remove unused http code, more cleanups.	15 years ago
Victor Julien	bef70a04ce	First stage of detect engine redesign: equal patterns share id's, search phase no longer used, new match verification phase.	15 years ago
Victor Julien	50e41817a7	Share content id's between identical patterns.	15 years ago
Victor Julien	b7bac14040	Fixup code to compile with -Wall -Werror -Wextra -Wno-unused-parameter compiler options.	15 years ago
Gurvinder Singh	71a77bf8d6	removeh http_cookie flag	15 years ago
Gurvinder Singh	a0f184866c	http_cookie keywork support	15 years ago
Anoop Saldanha	6ca5dbc9e9	Support fast_pattern modifier keyword for content	16 years ago
Anoop Saldanha	1c7ac13c25	Support for negated content	16 years ago
Pablo Rincon	9a3c21fbf3	Updating real unittests. Small fix on TestWithinDistanceOffsetDepth to skip to the next DETECT_CONTENT SigMatch. Adding some checks on within/distance setups.	16 years ago
Pablo Rincon	f233f9fa31	Adding detect_content chunks handling for max_pattern_length and unittests. Updating modifiers to use it.	16 years ago
Pablo Rincon	bdf119ade3	Adding window and isdataat keyword and some unittests	16 years ago
Victor Julien	c73f4334d0	Fix compiler warning.	16 years ago
Victor Julien	4369816cdd	Improvements to content keyword memory handling. First version of a simple pattern based L7 proto detection engine. Currently just works by matching a single pattern in the initial data. Implemented HTTP, SSL, MSN, JABBER, SMTP and a few more. Couple of pattern matcher cleanups.	16 years ago
Brian Rectanus	fa5939ca91	64 bit cleanup part2	16 years ago
Victor Julien	689bbfdc45	Rename all structure definitions in the "typedef struct _SomeStruct" format to "typedef struct SomeStruct_" to make the Doxygen output more useful. Remove the Trie multi pattern matcher code. It wasn't used anymore.	16 years ago
Victor Julien	5df5b35e90	Put all globals in the detection engine ctx. Add HashList type, a hash that also stores the items ina list to it can be traversed. Many cleanups.	16 years ago
Victor Julien	dc224cb2d2	Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented.	16 years ago
Victor Julien	bab4b62376	Initial add of the files.	16 years ago

39 Commits (64b069369e1f84322c54f08fabe393e12a0daf48)