aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,174 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '977c5ea719'
${ noResults }
Commit Graph

14174 Commits (977c5ea71901db3b0108f00d9c865af71fb803df)
 

Author SHA1 Message Date
Jason Ish 0ea9ba66d1 userguide/eve-log: remove mentions of requiring Rust 
Rust is required to build now.
 2 years ago
Jason Ish 06eaec67ac bittorrent: updates for new event handling 
Fixes anomaly events.
 2 years ago
Aaron Bungay d166c48d28 docs: update for bittorrent-dht app-layer 2 years ago
Aaron Bungay 86037885a9 bittorrent-dht: add bittorrent-dht app layer 
Parses and logs the bittorrent-dht protocol.

Note: Includes some compilation fixups after rebase by Jason Ish.

Feature: #3086
 2 years ago
Jason Ish 27672c950c dnp3: fixups to work with unified json tx logger 
Update DNP3 to work with a single TX logger, and just register one
logger instead of 2.

This primarily creates a TX per message instead of correlating replies
to requests, which fits the DNP3 model better, but we didn't really have
this concept nailed down when DNP3 was written.
 2 years ago
Victor Julien 2f9ca8bb34 dpdk: set new running flag at thread startup 2 years ago
Victor Julien 91b7b63ed2 threads: count thread types after all initialized 
To avoid double counting in case a thread took longer than
expected to start up.
 2 years ago
Alice Akaki 6621b0ec93 detect-icmp-seq: convert unittests to FAIL/PASS APIs 
Task: #4043
 2 years ago
Haleema Khan 8d5c5f24a1 dns/eve: add 'HTTPS' type logging 
Add a new DNS record type to represent HTTPS
Ticket: #4751
 2 years ago
Haleema Khan b1972a5c61 detect-itype: remove unittests 
Ticket: #5590
 2 years ago
Gabriel Lima Luz 4b009eb907 detect-replace: Convert unittests to FAIL/PASS API 
Ticket: 4054
 2 years ago
Philippe Antoine a003640ecf security: prevents process creation 
with setrlimit NPROC.

So that, if Suricata wants to execve or such to create a new process
the OS will forbid it so that RCE exploits are more painful to write.

Ticket: #5373
 2 years ago
Jason Ish 2ab3646fad profiling: sort LoggerId's in same order as defined 
Sort the LoggerId's in the order they are define in suricata-common.h.
 2 years ago
Jason Ish 99cb8c666a loggers: all json tx loggers can share the same loggerid 
This is to avoid the tx logging code that doesn't support LoggerId
values over 31 at this time. The simplest fix for now is to just have
all JSON (eve) loggers use the same ID.

DNP3 is left as-is for now as it needs some extra support in the parser.
 2 years ago
Richard McConnell 9c2939fb33 workflow: add systemd integration and check 
Intergration of systemd is a feature that enables notification of
a running service to the service manager. The workflow now ensures
compilation with systemd and checks the binary has been built against
libsystemd.
 2 years ago
Richard McConnell 7f4c1d5e2f doc/systemd: add documentation for sd_notify 2 years ago
Richard McConnell 88b98a54df suricata: add sd_notify support 
Upon all threads reaching a running state the system generates
a notification for systems running and configured for systemd

Implements feature 5384
(https://redmine.openinfosecfoundation.org/issues/5384)
 2 years ago
Richard McConnell 13beba141c source: add THV_RUNNING flag to notify of running state 
Each module (thread) updates its status to indicate running.
Main thread awaits for all threads to be in a running state
before continuing the initialisation process

Implements feature 5384
(https://redmine.openinfosecfoundation.org/issues/5384)
 2 years ago
Eric Leblond 9fb0137d9d doc: add reference to ipaddr in IP matching 2 years ago
Eric Leblond 94664ef565 datasets: don't exit on invalid data 2 years ago
Eric Leblond 3bd48d9336 detect: doc link for ip.src and ip.dst 2 years ago
Eric Leblond da8b16eaeb doc: add ip.dst and ip.src doc 2 years ago
Eric Leblond 3599cbf1c4 doc: document new dataset types 
Feature: #5383
 2 years ago
Eric Leblond 7518204ad4 datasets: introduce new IPv6 type 
This patch also simplifies IPv6 parsing.

Feature: #5383
 2 years ago
Eric Leblond 6fe9d510cf detect: add ip.dst keyword as sticky buffer 
Feature: #5383
 2 years ago
Eric Leblond 7e516aad94 detect: add ip.src keyword 
It is a sticky buffer matching on src_ip.

Feature: #5383
 2 years ago
Eric Leblond b2cdc6c899 datasets: introduce ipv4 type 
This patch introduce the IPv4 type for dataset so Suricata commandmatch
on a set of IPv4 addresses. This is meant to complement iprep feature
for people that needs more flexibility such as settings the IP on
the packet path.

Feature: #5383
 2 years ago
Eric Leblond a9c05c7d96 datasets: factorize serialised operations 
Ticket: #5184
 2 years ago
Eric Leblond a1a22cccd2 doc: document dataset-lookup 
Ticket: #5184
 2 years ago
Eric Leblond 537fd76787 suricatasc: add dataset-lookup command 
Ticket: #5184
 2 years ago
Eric Leblond 843dba0a28 datasets: add dataset-lookup command 
Ticket: #5184
 2 years ago
Eric Leblond 20973e9e6b doc: add dataset-clear command 
Ticket: #5184
 2 years ago
Eric Leblond b63f9e7e93 suricatasc: add dataset-clear command 
Ticket: #5184
 2 years ago
Eric Leblond 2f25e48897 datasets: add dataset-clear command 
Ticket: #5184
 2 years ago
Eric Leblond c5559cb68f doc: document dataset-dump command 
Ticket: #5184
 2 years ago
Eric Leblond a480abcdd0 datasets: add dump via unix socket 
This patch adds a dataset-dump command to the list of unix socket
commands. Implementation is not optimal as we are locking the
datasets when doing the dump. But if we consider that the current
alternative from an implementation point of view is to stop Suricata
then this is far better than current state.

Ticket: #5184
 2 years ago
Shivani Bhardwaj 79a78611ad release: 7.0.0-beta1; update changelog 2 years ago
Victor Julien 1fafb83fed packet: turn tunnel lock into spinlock 
Lock is only held to update/check ints, so spin lock will be more
efficient.

Place the member of Packet in a new "persistent" area to make it
clear this is not touched by the PacketReinit logic.

Ticket: #5592.
 2 years ago
Victor Julien 57e70841c4 stream/tcp: remove obsolete and commented out tests 2 years ago
Victor Julien e72770c1b2 decode/vxlan/tests: don't memset new packet 2 years ago
Victor Julien edf93ae5b6 decode/mpls/tests: improve pkt handling; cleanups 2 years ago
Victor Julien 0f7fe2a4c3 app-layer/tests: don't memset new packet 2 years ago
Victor Julien 2f6c014f70 doc/devguide: update packet (de)alloc in unittests 2 years ago
Victor Julien 6dc53447f1 decode/geneve/tests: don't memset packet 
Packet is already initialized.
 2 years ago
Victor Julien b07c7ad14c threading: improve/add thread queues explanations 2 years ago
Victor Julien 951bcde0b2 eve/alert: remove tunnel locking 
Tunnel lock is only used to sync verdict logic.
 2 years ago
Victor Julien 0e7adc21a6 decode: alloc packets using calloc 2 years ago
Victor Julien 68a9da52ad packetpool: remove PKT_ALLOC flag 
Use Packet::pool instead. If Packet::pool is non-NULL the packet is
owned by a pool. Otherwise it is allocated and should be freed after
use.
 2 years ago
Victor Julien 3ed7b4473e runmodes: remove dead error check 2 years ago
Victor Julien 9d3c60bde3 smtp/mime: no error logging in packet path 2 years ago