4bb7f827e0 
								
							
								 
							
						 
						
							
							
								
								output/tx: minor cleanups/optimizations  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								39cf5b151a 
								
							
								 
							
						 
						
							
							
								
								src: includes cleanup  
							
							... 
							
							
							
							Work towards making `suricata-common.h` only introduce system headers
and other things that are independent of complex internal Suricata
data structures.
Update files to compile after this.
Remove special DPDK handling for strlcpy and strlcat, as this caused
many compilation failures w/o including DPDK headers for all files.
Remove packet macros from decode.h and move them into their own file,
turn them into functions and rename them to match our function naming
policy. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								3e2295a963 
								
							
								 
							
						 
						
							
							
								
								detect: clean up detect-engine-state.h  
							
							... 
							
							
							
							Remove prototypes that are not about purely the data structures. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ad0a29cabc 
								
							
								 
							
						 
						
							
							
								
								detect: remove wrapper func  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								1dd0a2fed6 
								
							
								 
							
						 
						
							
							
								
								detect: move DetectTransaction to header its used in  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								41265a859e 
								
							
								 
							
						 
						
							
							
								
								detect/files: optimize file.data by skipping non-file txs  
							
							... 
							
							
							
							As well as 'file' txs not in our direction.
Implement the same logic for file.name and file.magic prefilter engines. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								db0f9ddc69 
								
							
								 
							
						 
						
							
							
								
								files/tx: inspection, logging and loop optimizations  
							
							... 
							
							
							
							Introduce AppLayerTxData::file_tx as direction(s) indicator for transactions.
When set to 0, its not a file tx and it will not be considered for file
inspection, logging and housekeeping tasks.
Various tx loop optimizations in housekeeping and output.
Update the "file capable" app-layers to set the fields based on their
directional file support as well as on the traffic. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								3263202094 
								
							
								 
							
						 
						
							
							
								
								detect/tx: add AppLayerTxData to PrefilterTx  
							
							... 
							
							
							
							In preparation of some file inspection optimizations, for which we need the
tx data.
Update all users. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								602c39ed01 
								
							
								 
							
						 
						
							
							
								
								files: remove unused code  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								b1c22169f8 
								
							
								 
							
						 
						
							
							
								
								files: don't set NOSTORE in 'store all' case  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								d39a79b6f2 
								
							
								 
							
						 
						
							
							
								
								smtp: remove bad tests  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								79499e4769 
								
							
								 
							
						 
						
							
							
								
								app-layer: move files into transactions  
							
							... 
							
							
							
							Update APIs to store files in transactions instead of the per flow state.
Goal is to avoid the overhead of matching up files and transactions in
cases where there are many of both.
Update all protocol implementations to support this.
Update file logging logic to account for having files in transactions. Instead
of it acting separately on file containers, it is now tied into the
transaction logging.
Update the filestore keyword to consider a match if filestore output not
enabled. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								01e64d80da 
								
							
								 
							
						 
						
							
							
								
								app-layer: trunc parser per direction  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ff9d1807f9 
								
							
								 
							
						 
						
							
							
								
								app-layer: parser flags to u16  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								a1d728bb65 
								
							
								 
							
						 
						
							
							
								
								app-layer: specify direction in tx cleanup  
							
							... 
							
							
							
							In preparation of per tx files storage. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								c27df6304d 
								
							
								 
							
						 
						
							
							
								
								app-layer: introduce common AppLayerStateData API  
							
							... 
							
							
							
							Add per state structure for storing flags and other variables. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								96b642c32d 
								
							
								 
							
						 
						
							
							
								
								file: minor debug updates  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								2218a3716e 
								
							
								 
							
						 
						
							
							
								
								file: clean up file flags handling  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								408b64558f 
								
							
								 
							
						 
						
							
							
								
								files: debug log flags  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								bdbaaa3b24 
								
							
								 
							
						 
						
							
							
								
								lua: store id with tx ptr  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								db5cf1f8f9 
								
							
								 
							
						 
						
							
							
								
								userguide: Add rule file globbing option details  
							
							... 
							
							
							
							Signed-off-by: jason taylor <jtfas90@gmail.com> 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								7771402a3a 
								
							
								 
							
						 
						
							
							
								
								github-actions: bump codecov/codecov-action from 3.1.0 to 3.1.1  
							
							... 
							
							
							
							Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](81cd2dc814...d9f34f8cd5 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								5490fe00ab 
								
							
								 
							
						 
						
							
							
								
								github-actions: bump ossf/scorecard-action from 2.0.3 to 2.0.4  
							
							... 
							
							
							
							Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](865b409285...e363bfca00 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								8438ee48aa 
								
							
								 
							
						 
						
							
							
								
								decode-ipv4: adjust validation to RFC  
							
							... 
							
							
							
							RFC1108 only specifies a minimum field length of 3, not
a fixed length of 11. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								fb790121bb 
								
							
								 
							
						 
						
							
							
								
								decode-ipv4: implement extended security option  
							
							... 
							
							
							
							IP option 0x85 (extended security) is mentioned in the
documentation for the ipopts keyword but was not implemented. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								eb155639c6 
								
							
								 
							
						 
						
							
							
								
								ci: build with -Wimplicit-int-conversion  
							
							... 
							
							
							
							Seems to have got lost on the way in CFLAGS 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ae6abd8ca3 
								
							
								 
							
						 
						
							
							
								
								ssl: fix compiler warning  
							
							... 
							
							
							
							implicit conversion loses integer precision: 'int' to 'uint16_t'
because C shifts << translates automatically to signed integers 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								879a46f085 
								
							
								 
							
						 
						
							
							
								
								rust: lock to time 0.3.13 to avoid MSRV bump to 1.59  
							
							... 
							
							
							
							Indirect dependency through x509-parser. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								16db04c1a7 
								
							
								 
							
						 
						
							
							
								
								rust: remove nom 5 dependency  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								0acf75bff7 
								
							
								 
							
						 
						
							
							
								
								rust/applayertemplate: convert to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								378e915846 
								
							
								 
							
						 
						
							
							
								
								rust/asn1: convert parsers to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								0ba0572c4a 
								
							
								 
							
						 
						
							
							
								
								rust/x509: finish transition to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								3ef5121ab0 
								
							
								 
							
						 
						
							
							
								
								rust/telnet: convert parsers to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								d98b386f36 
								
							
								 
							
						 
						
							
							
								
								rust/conf: convert parser to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								db9a1e17b6 
								
							
								 
							
						 
						
							
							
								
								rust/ssh: finish transition to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								b31c72c06a 
								
							
								 
							
						 
						
							
							
								
								rust/rdp: convert parsers to nom7  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								49520b2143 
								
							
								 
							
						 
						
							
							
								
								rust/rdp: upgrade dependency on tls-parser  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								beadd090b8 
								
							
								 
							
						 
						
							
							
								
								rust: upgrade versions of BER/DER, Kerberos and SNMP parsers  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								baab1de735 
								
							
								 
							
						 
						
							
							
								
								rust: update x509-parser to 0.14.0  
							
							... 
							
							
							
							Resolves RustSec issues in time and chrono:
- https://rustsec.org/advisories/RUSTSEC-2020-0071 
- https://rustsec.org/advisories/RUSTSEC-2020-0159 
Ticket: #5259 .
Ammended by Victor Julien to bump to 0.14 instead of 0.13. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								3aace49649 
								
							
								 
							
						 
						
							
							
								
								rust/x509: update dependency on x509-parser  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								b06c0579f5 
								
							
								 
							
						 
						
							
							
								
								stream: fix reachable assertion  
							
							... 
							
							
							
							Fix `Flow::thread_id` not always getting properly set up, leading to
a reachable assertion.
Bug #4582 . 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								7b0008d4f0 
								
							
								 
							
						 
						
							
							
								
								userguide: add section about exception policies  
							
							... 
							
							
							
							This describes briefly what the exception policies are, what is the
engine's behavior, what options are available and to which parts are
they implemented.
Task #5475 
Task #5515  
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								6f294f2f2d 
								
							
								 
							
						 
						
							
							
								
								userguide: minor rewording and typo fixes  
							
							... 
							
							
							
							Some of these were recently introduced, some were highlited after the
applayer sections got merged. Some paragraphs seem to have been changed
due to trying to respect character limits for lines. Also includes a
typo pointed out by one of our community members via Discord. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								9d9bc04886 
								
							
								 
							
						 
						
							
							
								
								stream/tcp: typo fix  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								489af24132 
								
							
								 
							
						 
						
							
							
								
								detect: update ttl debug log messages  
							
							... 
							
							
							
							Signed-off-by: jason taylor <jtfas90@gmail.com> 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								ab4d0f7f4a 
								
							
								 
							
						 
						
							
							
								
								detect/stream_size: Rename detect.rs to stream_size.rs  
							
							... 
							
							
							
							This commit renames detect.rs to stream_size.rs to reflect its content. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								2386f2614f 
								
							
								 
							
						 
						
							
							
								
								detect/iprep: Move iprep logic into a separate module  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								c957882d1c 
								
							
								 
							
						 
						
							
							
								
								detect/uri: Move uri logic into a separate module  
							
							
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								484c34bc60 
								
							
								 
							
						 
						
							
							
								
								detect/uint: Move uint logic into a separate module  
							
							... 
							
							
							
							This commit moves the uint logic into its own module. 
							
						 
						
							3 years ago  
				
					
						
							
							
								 
						
							
							
								33c424f9ed 
								
							
								 
							
						 
						
							
							
								
								doc/byte_math: Add byte_math differences with snort  
							
							... 
							
							
							
							Issue: 5077 
							
						 
						
							3 years ago