aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,266 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '71bbba9248'
${ noResults }
Commit Graph

771 Commits (71bbba9248e696f0fd2e912ad9631052b3788775)

Author SHA1 Message Date
Jason Ish 5d5b0509a5 requires: add requires keyword 
Add a new rule keyword "requires" that allows a rule to require specific
Suricata versions and/or Suricata features to be enabled.

Example:

  requires: feature geoip, version >= 7.0.0, version < 8;
  requires: version >= 7.0.3 < 8
  requires: version >= 7.0.3 < 8 | >= 8.0.3

Feature: #5972

Co-authored-by: Philippe Antoine <pantoine@oisf.net>
 1 year ago
Juliana Fajardini bba3d4fc63 userguide/eve: explain pgsql requests & responses 
Add a more visible explanation of that requests, responses, frontend and
and backend are, in Pgsql context, to avoid having to repeat that over
different portions of the docs.
 1 year ago
Juliana Fajardini 30ac77ce65 pgsql: add cancel request message 
A CanceldRequest can occur after any query request, and is sent over a
new connection, leading to a new flow. It won't take any reply, but, if
processed by the backend, will lead to an ErrorResponse.

Task #6577
 1 year ago
Juliana Fajardini 7dcc2e7a71 doc/eve-format: break pgsql section to char limit 1 year ago
Jason Ish c1a8dbcb72 doc/userguide: document dns.query.name, dns.answer.name 
With some other minor cleanups in the DNS keyword section.
 1 year ago
Jason Ish b11bb1c412 detect: rename DetectAppLayerInspectEngineRegister2 
Rename DetectAppLayerInspectEngineRegister2 to
DetectAppLayerInspectEngineRegister as there is no other variant of
this function, and the versioning with lack of supporting
documentation can lead to confusion.
 1 year ago
Jason Ish 50be098839 detect: rename DetectAppLayerMpmRegister2 to DetectAppLayerMpmRegister 
The old DetectAppLayerMpmRegister has not been around since 4.1.x.
Rename the v2 of this function to a versionless function as there is no
documentation referring to what the 2 means.
 1 year ago
Victor Julien 3456dea276 doc/userguide: update guidance on 5 to 6 upgrading 
TCP memory use can be higher than expected in certain configs.

Ticket: #6552.
 1 year ago
Shivani Bhardwaj b9540df5ad doc: clarify IP-only with iprep 1 year ago
jason taylor fc81c99b58 doc: add file.name information to smtp keyword doc 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
jason taylor 9d1ad0187e doc: add file.name information to nfs keyword doc 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
jason taylor 327ba7397a doc: add file.name information to smb keyword doc 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
jason taylor e4077b8803 doc: update ftp keyword doc example rule format 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
jason taylor bb1f7575d3 doc: add file.name information to ftp keyword doc 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
jason taylor bbc17b1c7d doc: add file.name information to http keyword doc 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
Shivani Bhardwaj 2b73a17bb0 detect: rename whitelist to score 
The term "whitelist" is actually used to store a list of DetectPort type
items for tcp and udp in detect.h. Using the same term for also keeping
the score that affects the grouping of rules is confusing. So, rename
the variable to "score".
 1 year ago
Jason Ish cc0adaaf4a userguide: remove old css files 
In our conf.py we reference some ReadTheDocs stylesheets that appear to
be old and break formatting of some items like bulletted lists.

Bug: #6589
 1 year ago
Philippe Antoine 32cce122e1 detect: header_lowercase transform 
Ticket: 6290
 1 year ago
jason taylor c50002978d doc: update file.data keyword documentation 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
Juliana Fajardini a649a92afd userguide: update tls not_after/not_before mentions 
Our tls fields not_after and not_before are actually logged as
`notafter` and `notbefore`, but were documented with the underscore.

Update the documentation, since updating the log format itself would be
a breaking change.

Task #5494
 1 year ago
Juliana Fajardini 58fb559594 userguide: document flow_id, with examples 
Flow_id explanation expanded from version shared by Peter Manev.

Task #6445
 1 year ago
Sascha Steinbiss 0c55fe3515 detect: add mqtt.connect.protocolstring 
Ticket:  OISF#6396
 1 year ago
Victor Julien 6b2c33990f doc/userguide: add tag keyword page 
Ticket: #3015.
 1 year ago
Victor Julien 4a02a14df1 doc/userguide: document host table yaml settings 1 year ago
Jeff Lucovsky 9ee55d2394 doc/transform: Document case-changing transforms. 
Issue: 6439
 1 year ago
Ralph Eastwood 9865164e75 napatech: update docs to remove hba reference 1 year ago
Philippe Antoine ab9b6e30b1 detect: adds flow integer keywords 
Ticket: #6164

flow.pkts_toclient
flow.pkts_toserver
flow.bytes_toclient
flow.bytes_toserver
 1 year ago
Kirjan Kohuladas c8a7204b15 doc/rule-profiling: fix suricatasc typo 1 year ago
Juliana Fajardini 54d8f45afc userguide: add proper label to RPM install section 
Use a reference label that is stable, instead of one that could change
in case a new section is added above it.
 1 year ago
Daniel Olatunji 0e5fdbb8fb doc: be consistent with the use of "sudo" 
Issue: #5720
 1 year ago
Comfort Amaechi cf8b630ed2 userguide: cover install-full and install-conf 
Ticket: #6342
 1 year ago
jason taylor 535938d7f6 doc: add tls.cert_chain_len docs 
Ticket: #6386

Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
Juliana Fajardini 1a132f454a docs: adjust readthedocs config to new options 
Our documentation was failing to build, seems connected to the new way
of indicating build options (cf
https://readthedocs.org/projects/suricata/builds/22112658/,
https://docs.readthedocs.io/en/stable/config-file/v2.html#build,
and https://docs.readthedocs.io/en/stable/config-file/v2.html#build-os).

Added the build.os required new field, and adjusted the way python
version is passed.

For the new configuration style for read the docs, one of the ways to
pass extra configuration for python is having a requirements file.
 1 year ago
Juliana Fajardini ffed5eb3d3 doc/quickstart: add software-properties instruction 
This is indicated in the `Installation` section, but not in the
quickstart, and it felt like a valid addition, here, too.
 1 year ago
Juliana Fajardini 4ab4f711de doc/install: link to devguide's install from git 
Although we have an updated version of instructions for installation
from git, our install guide was only referring to RedMine, which is less
up-to-date.

Kept that reference, since it might still be useful for non-Ubuntu
cases.
 1 year ago
Shivani Bhardwaj 0a4011655f doc/code-submission: add commit sign guide 1 year ago
Travis Green 96a0e7016f doc: add tcp flags documentation 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 1 year ago
Jason Ish 2b57179d65 readthedocs: pin theme to sphinx_rtd_theme 
ReadTheDocs changed the default theme.
 2 years ago
Jason Ish ae3b1a9e36 configure: more idiomatic autoconf for sphinx-build checks 
- Use SPHINX_BUILD instead of HAVE_SPHINX_BUILD, as here we're
  actually using the path of the program.

- Wrap some elements in [] as is done in modern idiomatic autoconf
 2 years ago
Victor Julien c0201d3212 doc/userguide: add reload-tenant(s) doc 2 years ago
Victor Julien 6ba0956a75 multi-tenant: allow reload w/o yaml path 
Store yaml path in de ctx, for reloads w/o path.

This allows for a simpler `reload-tenant N`, where the previously
used yaml is reloaded.
 2 years ago
Victor Julien c87803ea0e detect: add multi-detect.config-path 
Add option to specify path from which to load the tenants.

Mostly meant to be used in testing.
 2 years ago
jason taylor be324d7856 doc: update file.magic information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
jason taylor 008cc78a03 doc: update fileext keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
jason taylor e99b1787a2 doc: update file.name keyword information 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Alexandre Iooss c80941dd8d doc/userguide: improve SCStreamingBuffer example 
Add direction indication in SCStreamingBuffer usage example.
This adds documentation for the changes introduced by commit
5b1d8c7e94.
 2 years ago
Juliana Fajardini 5cef8fdfdf userguide/ppa: fix typo 
The launchpad repo for suricata-beta read 'oisd' instead of 'oisf'
 2 years ago
Juliana Fajardini 4fd3205bf0 userguide/install: add info on ubuntu ppa installs 
Bringing info that was only in our Redmine wiki to our documentation.

Task #6231
 2 years ago
Juliana Fajardini 765b05f139 docs: miscellanea updates 
- Fix a DPDK reference link, add some line breaks.
- Exemplify what a good commit message looks
like, for Suricata's commit style.
 2 years ago
Jason Ish 3e2a62915b doc/userguide: display version on front page 
When viewing the docs online at Readthedocs, or similar it might be
immediately apparent what version of the documentation is being
displayed. Display the version on the first line before the table of
contents to make it clear.
 2 years ago