aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,653 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '657419b53e'
${ noResults }
Commit Graph

15653 Commits (657419b53e5e2d79f45efc2e1f87aabdc3b2cbee)
 

Author SHA1 Message Date
Juliana Fajardini 657419b53e decode/flow: add exception policy stats counters 
We will register stats counters for all policies, even though for now
Suri only uses one possible configuration policy at a time. The idea is
that this could change in the near future, so we want to have this
ready.

Task #5816
 11 months ago
Juliana Fajardini c2c8cdb78a exceptions: make types and ToStr fns more accessible 
Decode file needed ExceptionPolicy types and exception-policy file
needed Decode types, rendering some works quite difficult to work
around.

ExceptionPolicyToStr is useful for registering exception policy
counters, so make that public.

Part of
Task #5816
 11 months ago
Juliana Fajardini ce001d8eae schema: apply clang formatting changes 11 months ago
Juliana Fajardini 112f5cc0ad app-layer/htp: clean up unused code in unittests 
Remove unit test that was disabled and printf statements that were
replaced but not deleted, both in 48cf0585fb.
 11 months ago
Juliana Fajardini cea917c38c app-layer: fix minor typo and formatting in LogInfo 
Also update copyright years.
 11 months ago
Daniel Olatunji d9148d1023 detect/analyzer: add more details for tcp_seq 
Log the matched Sequence number of a packet
Issue: 6353
 11 months ago
Lukas Sismis e54084fa87 dpdk: implement DPDK SW tests 
Implement Github CI tests to run DPDK Suri with the minimal
configuration to verify that Suricata can start in both IDS
and IPS configuration.
 11 months ago
Lukas Sismis 28ac3c2097 dpdk: fix thread slot assignment 
Commit 5592ec07 introduced a bug where ptv->slot was
assigned with the current one instead of the next one
in the list. This caused a Suricata crash in the DPDK mode.

Ticket: 6877
 11 months ago
Lukas Sismis 3fdcf7fbe4 dpdk: make static variables thread_local 
Per a newly obtained knowledge, static variables in functions
are not thread-safe and as a result thread_local attribute was
added.
 11 months ago
Lukas Sismis 78313100a4 ci: bump up the DPDK versions 11 months ago
jason taylor 7de16809ef doc: update http keyword listing order 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 8b3db3c3b5 doc: update file.name keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 49dba7bb94 doc: update file.data keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor bee3aa9709 doc: update http.response_header keyword 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor dcb548106e doc: update http.request_header keyword 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 3f5d228b9e doc: update http.host http.host.raw keyword 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 739dfe5e5e doc: update http.location keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 9ddd8cf9e0 doc: update http.server keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 3af98f3b92 doc: update http.response_body keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 64760e2e75 doc: update http.response_line keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 566bc0d39c doc: update http.stat_msg keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 271321249f doc: update http.stat_code keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 71d8488cb5 doc: update http.request_body keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor c2783e9391 doc: update http.header_names keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 5eadbc2ff0 doc: update http.start keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 7e65554462 doc: update http.referer keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 876dfb99ca doc: update http.content_len keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 8ff06c1bc0 doc: update http.content_type keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor b2854486dd doc: update http.connection keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 75436dff9c doc: update http.accept_lang keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor f6375e487e doc: update http.accept_enc keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 7e3288f5a7 doc: update http keyword normalization notes 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 9e87d89d2e doc: update http.accept keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 8307168ae7 doc: update http.user_agent keyword 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 75c4cdfa1c doc: update http.cookie keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor ebd5cd61c2 detect: minor http.cookie keyword typo fix 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 7a28874c8d doc: update http.header keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor b3af723486 doc: remove legacy description/duplicated data 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 292b3eb9b3 doc: update http.request_line keyword information 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor c7f351bd6e doc: update http.protocol keyword documentation 
Ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 2d0ceedeba doc: update urilen keyword documentation 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor ef118aa582 doc: remove legacy uricontent information 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 96e8c10276 doc: update http.uri and http.uri.raw keywords 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor bf192926a8 doc: update http.method keyword 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 0cce5ba447 doc: add http keyword links 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor fd46175203 doc: update http primer information 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
jason taylor 54fd35c5b4 doc: remove legacy tables and image references 
ticket: 3025

Signed-off-by: jason taylor <jtfas90@gmail.com>
 11 months ago
Victor Julien 34f53f85bc systemd: reimplement sd_notify logic using UNIX socket 
One of the lessons of the XZ backdoor story was that just linking to
libsystemd to call sd_notify is discouraged by the systemd project:

Lennart Poettering:
"PSA: In context of the xzpocalypse we now added an example reimplementation
of sd_notify() to our man page:

https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html#Notes

It's pretty comprehensive (i.e. uses it for reload notification too), but
still relatively short.

In the past, I have been telling anyone who wanted to listen that if all you
want is sd_notify() then don't bother linking to libsystemd, since the
protocol is stable and should be considered the API, not our C wrapper
around it. After all, the protocol is so trivial"

From: https://mastodon.social/@pid_eins/112202687764571433

This commit takes the example code and uses it to reimplement the notify
logic.

The code is enabled if Linux is detected in configure. Since the code
won't do anything if the NOTIFY_SOCKET env var isn't set, this should
also work fine on systems w/o systemd.

Ticket: #6913.
 11 months ago
Daniel Olatunji 6d40517502 detect/analyzer: add more details for the tcp ack keyword 
Issue: 6354
Added the DETECT_ACK case to detect-engine-analyzer.c
 11 months ago
Victor Julien 561b81dd9e decode: don't clear computed csums twice 
Already done in a generic way by PACKET_RESET_CHECKSUMS.
 11 months ago