aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,019 Commits
8 Branches
163 Tags
184 MiB
main-7.0.x
main-8.0.x
main
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b11b4d3a1'
${ noResults }
Commit Graph

85 Commits (7b11b4d3a1b4787992279dfa0d4583f3fb94add2)

Author SHA1 Message Date
Victor Julien 44d3f264bf app-layer: update API to return more details 
Add AppLayerResult struct as the Parser return type in
preparation of allowing returning 'Incomplete(size)' similar
to what nom in Rust allows.
 6 years ago
Victor Julien 3bcf948a75 app-layer: change return codes 
This patch simplifies the return codes app-layer parsers use,
in preparation of a patch set for overhauling the return type.

Introduce two macros:

APP_LAYER_OK (value 0)
APP_LAYER_ERROR (value -1)

Update all parsers to use this.
 6 years ago
Jason Ish a0e3e2d7b4 dns: register parsers from Rust 
And port the C DNS tests to Rust.
 6 years ago
Jason Ish 0af9a3a5f7 dns: remove C wrapper functions to Rust 
Remove registration of C wrapper functions and register
the Rust functions directly for UDP.
 6 years ago
Jason Ish 1b44f839e6 dns: cleanup: move event callbacks into Rust 
Remove app-layer-dns-common.c as its no longer needed.
 6 years ago
Jason Ish ca5a3f0f04 dns: cleanup: remove unused events 
Removed events that are no longer used since the Rust
implementation of DNS:
- UnsolicitedResponse
- StateMemCapReached
- Flooded
 6 years ago
Pierre Chifflier 442500678b rust: use the streaming version of combinators to fix incomplete reads 6 years ago
Pierre Chifflier f3ddd7127c rust: Add types annotation when required 
Unfortunately, the transition to nom 5 (and functions instead of macros)
has side-effects, one of them being requiring lots of types annotations
when using a parsing, for ex in a match instruction.
 6 years ago
Pierre Chifflier 5b809f77f1 rust: upgrade all parsers to nom 5 6 years ago
Jason Ish 5f1d21f247 dns: handle mid stream pickup on response packet 
Related Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2146
 6 years ago
Jason Ish 42e5065ab8 rust: update to Rust 2018 with cargo fix 
Migrate to Rust 2018 edition.

Credit to Danny Browning for first demontrating this:
https://github.com/OISF/suricata/pull/3604/commits
 6 years ago
Victor Julien 579cc9f02b const: constify decoder, app-layer, detect funcs 6 years ago
Victor Julien 3f6624bf16 rust: remove libc crate dependency 
Use std::os::raw instead.
 6 years ago
Jeff Lucovsky d568e7fadd eve/logging: 2991 Optimize logging by TX 
This changeset makes changes to the TX logging path. Since the txn
is passed to the TX logger, the TX can be used directly instead of
through the TX id.
 6 years ago
Victor Julien bf1bd407dd rust: fix libc deprecation warnings for int types 6 years ago
Pierre Chifflier 13b7399790 rust: upgrade all parsers to nom4 7 years ago
Jason Ish b7a58680db dns/rust - if let Some over options instead of loop. 
Except in one case where the loop makes more sense for easy break
out.

Also remove one line of non-conforming debug logging.
 7 years ago
Jason Ish d83707bef9 rust/dns - remove extra parantheses 
Removes rust compiler warning.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2521
 7 years ago
Jason Ish c411519605 app-layer: remove has events callback - not used 8 years ago
Victor Julien f815027cdf rust/dns: simplify tx freeing 
Now that we no longer need the state when freeing a TX, we can simply
do cleanup from the Drop trait.
 8 years ago
Victor Julien 7548944b49 app-layer: remove unused HasTxDetectState call 
Also remove the now useless 'state' argument from the SetTxDetectState
calls. For those app-layer parsers that use a state == tx approach,
the state pointer is passed as tx.

Update app-layer parsers to remove the unused call and update the
modified call.
 8 years ago
Victor Julien 98eca55241 rust/dns: implement detect_flags API 8 years ago
Victor Julien bca0cd71ae app-layer: use logger bits to avoid looping 
Avoid looping in transaction output.

Update app-layer API to store the bits in one step
and retrieve the bits in a single step as well.

Update users of the API.
 8 years ago
Jason Ish 5a8537fe4a rust/dns - convert more type values to text 
Issue:
https://redmine.openinfosecfoundation.org/issues/2364

Convert more record type and errr code values to text.
Remove duplicate type declarations.
 8 years ago
Victor Julien e023ce9aad rust/dns: fix new warning in rustc 1.21 8 years ago
Jason Ish 3063851d85 rust/dns/tcp - probe even if payload is short 
As the DNS probe just uses the query portion of a response, don't
require there to be as many bytes as specified in the TCP DNS
header. This can occur in large responses where probe is called
without all the data.

Fixes the cases where the app proto is recorded as failed.

Fixes issue:
https://redmine.openinfosecfoundation.org/issues/2169
 8 years ago
Jason Ish 40991cab82 rust/dns: handle multiple txt strings 
Fix handling of TXT records when there are multiple strings
in a single TXT record. For now, conform to the C implementation
where an answer record is created for each string in a single
txt record.

Also removes the data_len field from the answer entry. In Rust,
the length is available from actual data, which after decoding
may actually be different than the encoded data length, so just
use the length from the actual data.
 8 years ago
Jason Ish 829155b9d5 rust/dns: pass byte arrays directly to rust/json 
Using the json.set_string_from_bytes which will
safely convert the bytes printable ascii string
before logging.
 8 years ago
Jason Ish ecc63481c6 rust/dns: fix tcp message length verification 
And add Rust unit tests to check length validation.

Redmine issue 2144:
https://redmine.openinfosecfoundation.org/issues/2144
 8 years ago
Jason Ish 70808a4f1d rust/dns: support gaps in TCP DNS 8 years ago
Jason Ish 2aebfbce94 rust/dns: support txt records 8 years ago
Jason Ish ba1a67e2cb rust: dns: add log filtering on rrtype 
While the filtering is still configured in C, the filtering
flags are passed into Rust so it can determine if a record
should be logged or not.
 9 years ago
Jason Ish c54fc7f98f rust: use LoggerFlags type to track logged state 9 years ago
Jason Ish 73388042b2 rust: DNS app-layer. 
A DNS application layer in Rust. This is different than the
C based one, as it is partially stateless by not matching
up responses to replies.
 9 years ago
Jason Ish 9449739dd5 rust: dns: nom DNS parsers 9 years ago