suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	f3b6fd3329	quic: update to nom7	3 years ago
Philippe Antoine	95125811b8	quic: reassemble crypto frames and parse it	3 years ago
Philippe Antoine	301ab96a71	ci: have one github workflow with MSRV	3 years ago
Philippe Antoine	896f0d91ce	quic: complete schema.json adding ja3 and extension fields	3 years ago
Philippe Antoine	f242fb7f22	quic: events and rules on them	3 years ago
Philippe Antoine	b9c1d9e86b	quic: parse gquic version Q039 Ticket: #5166	3 years ago
Philippe Antoine	018fef5ef8	quic: ja3 computation and logging and detection Logging as is done in TLS. Detection using the generic generic ja3.string keyword Ticket: #5143	3 years ago
Philippe Antoine	c6cf61a39b	quic: complete parsing of initial for non gquic The format of initial packet for quic ietf, ie quic v1, is described in rfc 9000, section 17.2.2 Parse more frames and logs interesting extensions from crypto frame Do not try to parse encrypted data, ie after we have seen a crypto frame in each direction. Use sni from crypto frame with tls for detection already implemented Ticket: #4967	3 years ago
Philippe Antoine	7044131c39	quic: rustfmt	3 years ago
Philippe Antoine	0c346af4a9	rust: bump up digest crates so that we can use hkdf crate for quic	3 years ago
Philippe Antoine	2294e9cdbc	rdp: bump up tls-parser crate version so that we can use new functions in quic parser	3 years ago
Juliana Fajardini	5f4bcfe313	detect/engine: fix typos in assorted files	3 years ago
Juliana Fajardini	58928b249d	commandline: add alert-queue expand failure option For testing purposes. Meant to simulate a reallocation failure when dynamically growing the alert queue in DetectEngineThreadCtx, so we can check that Suri's behavior doesn't break under such circumstances. Task #5319	3 years ago
Victor Julien	ebc2714e07	nflog: fix missing util-time include; cleanups	3 years ago
Victor Julien	09c0128138	nflog: update copyright years	3 years ago
Jeff Lucovsky	e566563875	classification/config: Propagate validation errors Issue: #4554 This commit modifies the workflow to propagate classification parsing errors when in test mode. When not in test mode, errors continue to be displayed but they do not halt Suricata execution.	3 years ago
Jeff Lucovsky	2621c90ea1	classification/config: Raise error on validation errors This commit adds logic which raises an error if parse errors occur while loading classification.config Issue: 4554	3 years ago
Jufajardini Reichow	61f9f0df55	userguide/rules/meta: minor formatting adjustments	3 years ago
Jufajardini Reichow	45f14bb97c	userguide/rules: explain sid uniqueness within gid While Suri will throw an error if two signatures have the same `sid` and no `gid`, or same `sid` and same `gid`, it will just accept same `sid` for different `gid`s. Related to Task #5441	3 years ago
Philippe Antoine	83a8cd80b2	detect: remove wrappers around DetectEngineInspectGenericList	3 years ago
Scott Jordan	7eaf1688b5	stream: fix StreamTcpSegmentForSession missing segments Bugfix, segment traversal was being initialized at root node, but should have been started at the min node. Bug resulted in captures missing segments left of root node.	3 years ago
jason taylor	87990b138c	doc: update priority wording userguide meta Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	a7d739a05b	doc: update to 80 char formatting userguide meta Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	9bd55ff81b	doc: metadata information update userguide meta Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	563dc66837	doc: update priority information userguide meta Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	f73a60eb89	doc: update reference section in userguide meta Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	e611ef5ccb	doc: update userguide meta classtype information Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	39bc56ec97	doc: update rev and gid userguide meta wording Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	b9cb66c58f	doc: add clarity around userguide meta information Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	790ef9a53f	doc: add sid reserved range reference Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	38a179d89d	doc: add clarity to rule msg tips Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	299a931e49	doc: update example rule list Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	98c29da6ec	doc: add clarity to role wording Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	c0bdb6cc10	doc: meta keyword doc example rule update Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
jason taylor	ca9e9009ba	doc: add bsize keyword examples Signed-off-by: jason taylor <jtfas90@gmail.com>	3 years ago
Victor Julien	ad3e68f378	detect/file: minor cleanups	3 years ago
Victor Julien	af145ad125	detect/file: reduce scope of keyword data structures	3 years ago
Victor Julien	73eb7744d8	detect/file: update copyright years	3 years ago
Victor Julien	6f8ca41eb3	detect/cip: cleanup includes	3 years ago
Philippe Antoine	11e0eb9c89	quic: do not log empty cyu array Ticket: #5167	3 years ago
Philippe Antoine	16fc78645d	dnp3: do not log empty objects array Ticket: #5167	3 years ago
Philippe Antoine	632581ac95	ike: do not log empty notify array Ticket: #5167	3 years ago
Philippe Antoine	262a93ce18	mqtt: do not log reason_codes if there is none Ticket: #5167	3 years ago
Philippe Antoine	da0be16d36	output: do not log empty arrays for sid Ticket: #5167	3 years ago
Jufajardini Reichow	f9c9091bb5	userguide: fix typo in inline mode illustration The image describing Suricata's sliding window had two of the "packets" with the same text. Now they actually give the sense of a sliding window. This was found by Zhiyuan-liao.	3 years ago
dependabot[bot]	8090cba7c4	github-actions: bump actions/cache from 3.0.4 to 3.0.5 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.4 to 3.0.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](`c3f1317a9e...0865c47f36`) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	3 years ago
Philippe Antoine	adeb1fdfc3	threads: cleaner code with one instruction per line As reported by Shchelk	3 years ago
Victor Julien	9fa0033966	detect: reduce datatype scope for various keywords	3 years ago
Victor Julien	ad76502df0	detect/cip: remove dead code	3 years ago
Victor Julien	08e349a8bb	detect: update copyright years	3 years ago

... 3 4 5 6 7 ...

13562 Commits (839a4f5ab47350b5c3ef6aed4d9fa3f04911c0c9) All Branches Search

13562 Commits (839a4f5ab47350b5c3ef6aed4d9fa3f04911c0c9)

All Branches