aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,231 Commits
8 Branches
163 Tags
191 MiB
main
main-7.0.x
main-8.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '901e99fa95'
${ noResults }
Commit Graph

14231 Commits (901e99fa951c9735b4d5b256f7a2d47727177226)
 

Author SHA1 Message Date
Jason Ish d720ead470 dns: split header and body parsing 
As part of extra header validation, split out DNS body parsing to
avoid the overhead of parsing the header twice.
 3 years ago
Jason Ish 595700ab7e dns: validate header on every incoming message 
As UDP streams getting probed, a stream that does not appear to be DNS
at first, may have a single packet that does look close enough to DNS
to be picked up as DNS causing every subsequent packet to result in a
parser error.

To mitigate this, probe every incoming DNS message header for validity
before continuing onto the body.  If the header doesn't validate as
DNS, just ignore the packet so no parse error is registered.
 3 years ago
Jason Ish c98c49d4ba dns: parse and alert on invalid opcodes 
Accept DNS messages with an invalid opcode that are otherwise
valid. Such DNS message will create a parser event.

This is a change of behavior, previously an invalid opcode would cause
the DNS message to not be detected or parsed as DNS.

Issue: #5444
 3 years ago
Jason Ish 49e9f51a03 github-ci: fedora non-root: suricata-verify -q 
Run Suricata-Verify in quiet mode for the non-root build to more
easily find the error when fails.
 3 years ago
Jason Ish 7afc2e3aed dns: rustfmt 3 years ago
Jason Ish 39d2524bf6 dns: mark test buffers with rustfmt::skip 3 years ago
Jason Ish 30a2cfa693 log-pcap: remove early output initializing if offline 
Remove early opening of output files if running in an offline mode, as
we don't yet know the timestamp to use.

Prevents the first pcap files being opened with a timestamp of 0,
bringing us back to the same behvaviour of pcap logging in 6.0.

Issue: 5374
 3 years ago
Jason Ish 64c069f162 log-pcap: fix typo in multi-mode error message 3 years ago
Jason Ish e4f85ecc2a log-pcap: display mininum limit on error 
On fatal error due to limit being less than the allowed minimum,
display the minimum value in bytes.
 3 years ago
Lukas Sismis 30d9d8c7f4 util-debug: clang-format required change 3 years ago
Lukas Sismis 03c21bfaa8 runmodes: Determine engine's copy-mode as early as possible 
Configuration and behavior of HTP app layer depends on the copy
mode of Suricata engine. Copy mode was set after the app layer setup.
Decision of engine's copy mode operation is now made earlier.

Ticket: #5706
 3 years ago
Lukas Sismis 958f94276a runmodes: remove misleading commment 3 years ago
Lukas Sismis e2a5bc7961 dpdk: add support for enabling IPS support in DPDK mode 3 years ago
Lukas Sismis 449943e1a9 util-device: remove unused functions 3 years ago
Lukas Sismis bed16ba44c runmodes: change function prototype of runmode init functions 
Commit contains prototype changes of RunModeSetLiveCaptureAutoFp and
RunModeSetLiveCaptureWorkers functions to move the IPS enable logic
out of suricata.c file.
 3 years ago
Lukas Sismis ee4f75e4b4 dpdk: port deprecated DPDK macros to the newer forms 3 years ago
Lukas Sismis 1c8205e6b1 dpdk: add Github action to build Suricata with all available (LTS) DPDK versions 3 years ago
Lukas Sismis 79130103c2 dpdk: print debug xstats counters of all DPDK ports on shutdown 3 years ago
Lukas Sismis cb6fa894ef dpdk: add a check for HW checksum validation offload 
Ticket: #5553
 3 years ago
Victor Julien da1ad843b4 time: -Wstrict-prototypes fix 3 years ago
Jeff Lucovsky 9fbe683642 time: Rework SCTime_t into a struct 
Issue: 5718

This commit changes SCTime_t to a struct with members setup as
bitfields.
 3 years ago
Jeff Lucovsky 31793aface time: Replace struct timeval with scalar value 
Issue: 5718

This commit switches the majority of time handling to a new type --
SCTime_t -- which is a 64 bit container for time:
- 44 bits -- seconds
- 20 bits -- useconds
 3 years ago
Jeff Lucovsky 7702ad410e format/clang: Apply clang-format 
Issue: 5718
 3 years ago
Victor Julien c15d511064 frames: enable only used frames 
Enable only frames that are actually used.

Ticket: #4979.
 3 years ago
Victor Julien 6cc9811edd files: move FileContainer into FileTransferTracker 
Update SMB, NFS, HTTP2.
 3 years ago
Victor Julien aa376a3b21 detect/frame: improve frame detection 
Add a per frame progress tracker.
 3 years ago
Victor Julien 169ee11ead output/frame: log frame type stream 3 years ago
Victor Julien d72bc364de output/frame: improve 'complete' logging 3 years ago
Victor Julien 6cbb5306c6 frame: add debug validation check 3 years ago
Victor Julien b43dc5a64a app-layer/frames: use absolute frame offset 
Frame offset was already a 64 bit integer, so simplify things by
making it an absolute offset from the start of the stream.
 3 years ago
Victor Julien 39d9b3adbe frames: implement generic <alproto>.stream frames 
Add a hard coded <alproto>.stream option for all stream data for
a protocol.

Starts at stream offset 0 or at the point of a protocol upgrade
in case of STARTTLS or CONNECT.
 3 years ago
Victor Julien f773b714e9 detect/frames: minor cleanup in buffer handling 
Don't lookup a buffer twice, even if the lookup should be fast.
 3 years ago
Victor Julien d0f1507c83 htp: simplify streaming buffer config 
Use a single static config instead of the per profile config.
 3 years ago
Victor Julien c79c0ca347 streaming: remove config pointer from struct 3 years ago
Victor Julien 53d9a1f39f streaming: internal switch to sbcfg by argument 3 years ago
Victor Julien ff882cd73f streaming: add sbcfg to StreamingBufferClear 3 years ago
Victor Julien 6e5f35e0a0 streaming: add sbcfg to StreamingBufferFree 3 years ago
Victor Julien 96f29440cb streaming: add sbcfg to StreamingBufferAppendRaw 3 years ago
Victor Julien 30ee9165b5 streaming: add sbcfg to StreamingBufferAppend 3 years ago
Victor Julien 3b5deb4ec7 streaming: add sbcfg to StreamingBufferSlideToOffset 3 years ago
Victor Julien b9540d1073 streaming: add sbcfg to StreamingBufferInsertAt 3 years ago
Victor Julien 058dc02e81 streaming: add sbcfg to StreamingBufferAppendNoTrack 3 years ago
Victor Julien 355f259b8c output/filedata: trunc file in output again 3 years ago
Victor Julien e3e55406a7 files: update API and callers to take stream config 
This is to allow not storing the stream buffer config in each file.
 3 years ago
Victor Julien f7dbdb7631 output/filedata: don't call file close 
Will be reenabled after file API is updated.
 3 years ago
Victor Julien 71bc9e75f5 app-layer: get sbconfg with files 3 years ago
Victor Julien a1a221066f files: remove filecontainer drop trait 
In preparation of it becoming impossible to use due to the free
function getting an cfg argument.
 3 years ago
Victor Julien 0320c03f8c http2: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago
Victor Julien 4b1e9f7c21 smb: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago
Victor Julien 3a24cce289 nfs: explicity free files 
In preparation of adding an argument to the free functions which
means the drop trait can't be used anymore.
 3 years ago