aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,159 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9b05db7db0'
${ noResults }
Commit Graph

10159 Commits (9b05db7db0c3ed4647adbe763f77a5f61b6aefe1)
 

Author SHA1 Message Date
Philippe Antoine 19ab85f17e leak: fixes leak in DetectAddressParse2 6 years ago
Victor Julien 8b87801b80 geoip: fix unittests w/o db present 6 years ago
Victor Julien a7d65668ae mem: avoid potential shadow vars with 'len' name 6 years ago
Bill Meeks d1525c6fb8 mem: add SCStrndup() function to wrap strndup(). 6 years ago
Bill Meeks a291209e47 detect/geoip: migrate to GeoIP2 database format 
Issue #2765
 6 years ago
Victor Julien d6323ae33d detect/mpm: improve stats reporting 6 years ago
Victor Julien 24f0092b72 detect: add ipv6.hdr sticky buffer 
Inspects IPv6 header and extension headers.
 6 years ago
Victor Julien 3c9a557810 decode/ipv6: track length of ext hdrs 6 years ago
Victor Julien 9252400f68 decoder/ipv6: minor cleanups 
Remove unused field and macros.

Minor code style cleanups.
 6 years ago
Victor Julien 4ac327f5b5 detect/ipv4: add ipv4.hdr sticky buffer 6 years ago
Victor Julien 367e3e1895 detect/tcp/udp: minor cleanups 6 years ago
Victor Julien 4dff903b35 detect: introduce pkt mpm engines 
Instead of the hardcode L4 matching in MPM that was recently introduced,
add an API similar to the AppLayer MPM and inspect engines.

Share part of the registration code with the AppLayer.

Implement for the tcp.hdr and udp.hdr keywords.
 6 years ago
Victor Julien 14896365ef detect: remove Threadvars argument from API calls 
Remove it as it's (almost) never used. If it is really needed it can
be accessed through DetectEngineThreadCtx::tv as well.
 6 years ago
Victor Julien c1dd4534d9 detect/bsize: support transforms in case w/o content 6 years ago
Jason Ish 963abc961c python: fix parsing Suricata version from configure.ac 
If parsing the version fails, or no version is found, fail
instead of defaulting to a version of 0.0.0.
 6 years ago
Victor Julien 82de6e0659 decoder/vxlan: improvements and cleanups 
Implement port config handling. Also check both src port and dest
port for tunnels that only set the destination port to the VXLAN
port. At the point of the check we don't know the packet direction
yet.

Implement as Suricata tunnel similar to Teredo.

Cleanups.
 6 years ago
Henrik Lund Kramshoej 3519b011b7 decoder/vxlan: initial implementation of decoder 6 years ago
Victor Julien 35b88991c3 mem: fix shadow declaration warning 
Avoid clash by adding a leading underscore to the declaration in the
macro. These temporary vars should never clash with valid variables
from the code where they are called from.
 6 years ago
Victor Julien 034555644b doc: add tcp.hdr and udp.hdr 6 years ago
Philippe Antoine e30a77c5a1 warnings : Fixes integer sizes in format strings 6 years ago
Andreas Herz 0795dc1e14 configure: update configure.ac to reflect modern autoconf syntax 6 years ago
Pierre Chifflier af7d245a31 rust/snmp: add event when expected/received PDU versions mismatch 6 years ago
Pierre Chifflier 1880f6945c rust/snmp: use generic parsing function, for all SNMP versions 
Do no restrict parsing to the version seen in the first packet, but
use a generic function, independent of the version.
 6 years ago
Jason Ish 577c8cb0c0 dns-log: remove from config 
dns-log has been removed from the code.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2297
 6 years ago
Victor Julien ba5679de0f profiling: fix undefined profiling code use 6 years ago
Victor Julien ac694b089a detect: add udp.hdr sticky buffer 6 years ago
Victor Julien bdf53f449c detect/tcp: rename tcp keyword files 6 years ago
Victor Julien 47919fd0e4 detect/tcp: add tcp.<field> notation variants 6 years ago
Victor Julien 0cecb1c3b2 detect/prefilter: minor error handling cleanup 6 years ago
Victor Julien 35be8385eb detect: tcp.hdr sticky buffer 
Sticky buffer to inspect the TCP header.
 6 years ago
Victor Julien 47ef8f5822 detect/mpm: add l4-header support 
Prepare MPM part of the detection engine for a new type of per
packet matching, where the L4 header will be inspected.

Preparation for TCP header inspection keyword.
 6 years ago
Victor Julien 0965afd661 detect: pkt inspect engines 
Instead of hard coded calls to the inspection logic for
payload inspection and 'MATCH'-list inspection use a callback
approach. This will register a callback per 'sm_list' much like
how app-layer inspect engines are registered.

This will allow for adding more types later without adding
runtime overhead.

Implement the callback for the PMATCH and MATCH logic.
 6 years ago
Victor Julien 2a778e439a detect/build: minor code cleanups 6 years ago
Victor Julien a01df4b86b doc: document tcp.mss keyword 6 years ago
Victor Julien 66648df099 detect: add tcp.mss keyword 
Allows matching on TCP option MSS.

Syntax:

    tcp.mss:<value>;
    tcp.mss:<value1>-<value2>;
    tcp.mss:<op><value>;

Operator can be: >, <.
 6 years ago
Jeff Lucovsky d2fdbc7d6f output/json: Avoid use of uninitialized value 
In JsonPacket, a Base64Decode error could cause an uninitialized
variable to be used because its return value is ignored.
 6 years ago
Jeff Lucovsky 6911cc01ad rust/snmp: Support get-info-by-id 6 years ago
Jeff Lucovsky 7560b75591 rust/ntp: Support get-info-by-id 6 years ago
Jeff Lucovsky 12c2d18c8b rust/krb: Support get-info-by-id 6 years ago
Jeff Lucovsky fb01641629 rust/ikev2: Support get-info-by-id 6 years ago
Jeff Lucovsky e3ca6b43fc rust/dhcp: Support get-info-by-id 6 years ago
Jeff Lucovsky a5d9d37c34 rust/parser: Extend Rust parser for event-by-id 
Extend the Rust parsing infrastructure with the "get event info by id"
calls. This changeset extends the parser structure, the C-based
registration handlers and the template parser.
 6 years ago
Jeff Lucovsky 294d0e8cba snmp: Fix type 6 years ago
Jeff Lucovsky 9ccc28baeb rust/smb: Implement get event by id 6 years ago
Jeff Lucovsky 643864a8f5 rust/snmp: fix libc deprecation warnings 6 years ago
Victor Julien 3f6624bf16 rust: remove libc crate dependency 
Use std::os::raw instead.
 6 years ago
Victor Julien 28ed0d3a18 nfs: implement get_event_info_by_id callback 6 years ago
Victor Julien 429ca858dc rust/gen: turn *mut*const T into const T ** 6 years ago
Jeff Lucovsky 6cd39c5cfb userguide: Document app-layer anomaly items 
This changeset expands the anomaly section to include newly added
app-layer items.
 6 years ago
Jeff Lucovsky d568e7fadd eve/logging: 2991 Optimize logging by TX 
This changeset makes changes to the TX logging path. Since the txn
is passed to the TX logger, the TX can be used directly instead of
through the TX id.
 6 years ago