aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,137 Commits
10 Branches
154 Tags
164 MiB
dependabot/github_actions/actions/checkout-4.2.1
dependabot/github_actions/github/codeql-action-3.26.12
dependabot/github_actions/actions/upload-artifact-4.4.3
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7384744c3e'
${ noResults }
Commit Graph

10137 Commits (7384744c3e52977b8db8a451df7f15a06cb8a2b8)
 

Author SHA1 Message Date
Eric Leblond d239e0f2d5 flow-hash: doc and code cleaning 5 years ago
Eric Leblond b736344975 flow-bypass: clock_gettime error handling 
Only reason clock_gettime could fail is a permission so let's
error and leave the flow bypass manager if it is the case.

Also let's suppress the error message if ever the error appear in
the middle of a run (which is unlikely).
 5 years ago
Eric Leblond 4129938c21 util-ebpf: log level fixes and code cleaning 5 years ago
Eric Leblond 140269a6be util-ebpf: init code optimization 5 years ago
Eric Leblond ccb8f3cd4b configure: libbpf path 5 years ago
Eric Leblond 373afab9e0 ebpf: reindent xdp_filter.c 5 years ago
Eric Leblond ca50f8852e doc: improve ebpf doc 
Add example of bypass rules and explain clang dependency.
 5 years ago
Eric Leblond c11eb78141 doc: document netronome hardware bypass usage 5 years ago
Eric Leblond c5e2af0545 util-ebpf: fix error reported by coccinelle check 
Some allocation errors were not checked during init phase.
 5 years ago
Eric Leblond c1fd0da550 af-packet: add vlan_id in bypass key 
Bypassing on vlan was not supported due to the missing key.
 5 years ago
Eric Leblond 651a27e4fb ebpf: fix percpu hash handling 
An alignement issue was preventing the code to work properly.
We introduce macros taken from Linux source code sample to get
something that should work on the long term.
 5 years ago
Eric Leblond 142c69e1ef flow-bypass: increase bypass timeout 
This is needed as we did switch from counter maintained in kernel
to internal polling so we need a bigger value.
 5 years ago
Eric Leblond b8e184ceb5 flow-bypass: fix timeout of maps bypassed flows 
The time is taken from the parameter and is checked against real
flow entries so we need a standard time.
 5 years ago
Eric Leblond 07d0bd3a0f util-ebpf: fix IPv6 deletion loop 5 years ago
Eric Leblond b481f290e2 af-packet: fix bypass for IPv6 5 years ago
Eric Leblond 3bd8ba5d00 util-ebpf: add message if key deletion fails 5 years ago
Eric Leblond 269f601f8a util-ebpf: can't delete in place so update algo 5 years ago
Eric Leblond 5b056c15bf af-packet: fix default in pinned maps name 5 years ago
Eric Leblond eff56acca5 af-packet: be sure to nullify option if not set 5 years ago
Eric Leblond 36c6a62954 util-ebpf: simplify function declarations 5 years ago
Eric Leblond 69630d7a17 util-ebpf: micro optimization 5 years ago
Eric Leblond d21c3a6555 util-ebpf: create flow from bypassed flows 5 years ago
Eric Leblond 04c65a309e flow-hash: new function to get flow from flowkey 5 years ago
Eric Leblond 885fc992de ebpf: make table iterator generic 
Also adds a basic skeleton for flow creation loop.
 5 years ago
Eric Leblond 880c42f11c af-packet: bypass with init function 5 years ago
Eric Leblond f93573ac5e ebpf: fix indentation in xdp_filter 5 years ago
Eric Leblond 522e98d830 util-ebpf: fix iteration in flow timeout 
We were not setting the key using the correct item in map. Result
was deletion of wrong flow.
 5 years ago
Eric Leblond f270e53477 ebpf: set number of RSS queues to a power of 2 
This is needed as netronome can not do a division (so can't do a modulo)
in hardware.
 5 years ago
Eric Leblond 82c4f5135b doc: use github mirror to setup libbpf 5 years ago
Eric Leblond 94bda5b7fb ebpf: implement RSS load balancing in hardware mode 5 years ago
Eric Leblond 8b4c365352 ebpf: use atomic for counter in hw offload case 5 years ago
Eric Leblond 0c3e1e8579 af-packet: correctly set up hardware offload 5 years ago
Eric Leblond 7f60be83f5 ebpf: more conditional code for netronome support 5 years ago
Eric Leblond 638a006e87 ebpf: remove BPF_LL_OFF in nhoff offset 
It fixes invalid parsing in with recent kernels and does
not affect older kernels.
 5 years ago
Eric Leblond bd28f77a1e af-packet: fix loading of ebpf filter 5 years ago
Eric Leblond f8724485ed ebpf: sync header with upstream 5 years ago
Eric Leblond 1c4d214cdb doc: typo fixes on ebpf doc 5 years ago
Eric Leblond 6fdcb127e9 af-packet: fix the start when XDP is pinned 5 years ago
Eric Leblond 7e0ef4cec8 util-ebpf: change return of pinned maps loading 
The calling function needs to be able to see when this is a success
and XDP do not need to be reloaded.
 5 years ago
Eric Leblond b7560d7547 doc: document externally managed global switch 
This is currently implemented as an exposed map and it seems
a good way to do it.
 5 years ago
Eric Leblond d950a9f272 util-ebpf: conditional flow table loading 5 years ago
Eric Leblond 4777af213c ebpf: implement global switch bypass 
Add a switch to allow to bypass all traffic if the switch is on.
Concept is to use a persistant script and pinned maps, so an
external tool can be used to trigger global bypass in case Suricata
is dead.
 5 years ago
Eric Leblond d25e8dbfc7 af-packet: implement pinned-maps-name 5 years ago
Eric Leblond 36838017fe af-packet: fix build when eBPF not built-in 5 years ago
Eric Leblond b1769d5f8f util-ebpf: implement pinned maps loading 
Load flow tables at start if asked to.
 5 years ago
Eric Leblond 96f1454ebf util-ebpf: only unlink pinned maps in eBPF filter 5 years ago
Eric Leblond 4cf531008e af-packet: conditionaly remove XDP filter 
Only remove the XDP filter if we are in XDP mode and not using the
pinned maps.
 5 years ago
Eric Leblond 19c0a5edf5 doc: white space and typo fix 5 years ago
Eric Leblond 4f48c45727 util-ebpf: conditional pinning of maps 
Only pin maps if `pinned-maps` is set in the configuration. This
ensure backward compatibility.
 5 years ago
Eric Leblond 6d41a0ced0 doc: more eBPF and XDP capabilities 5 years ago