suricata

Commit Graph

Author	SHA1	Message	Date
Anoop Saldanha	a7353be20d	replace all Signature->amatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_AMATCH]	15 years ago
Anoop Saldanha	3656879aa0	fix some dce opnum/stub tests that would have shown success always irrespective of test results	15 years ago
Anoop Saldanha	067e53403c	add missing sig_app_layer flags for dce sigs	15 years ago
Victor Julien	f1ea68e316	Store the first frag flag in the uuid as the pfc_flags field is overwritten. Part of fixing #206 .	15 years ago
Victor Julien	fc248ca7a1	Many small performance updates.	15 years ago
Victor Julien	1071a53210	Fix unittests after ip_proto keyword change.	15 years ago
Victor Julien	b8fec77f37	Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id.	16 years ago
William Metcalf	0e4235cc94	FLOW_DESTROY added to clean-up UT's that init flow	16 years ago
Victor Julien	2f29b8a724	Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166 .	16 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	16 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	16 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	16 years ago
Gerardo Iglesias Galvan	9f4fae5b1a	Fix inconsistent use of dynamic memory allocation	16 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	16 years ago
Anoop Saldanha	e6af69e10e	fix for bug 114	16 years ago
Victor Julien	297001c6d9	Only process a app layer sig if it has the proper state. Make sure a sig can't have conflicting sigmatches, such as ftpbouce and uricontent.	16 years ago
Victor Julien	8b30226914	Detection keyword cleanup	16 years ago
Victor Julien	b259e362cd	Convert uricontent to use new scanning methods as well. Move http_method and http_cookie keywords out of pmatch list for now.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gerardo Iglesias Galvan	ba6d807a6e	Improve information about errors on signature failure	16 years ago
Pablo Rincon	d0404d8447	Renaming errors with naming conventions	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Kirby Kuehl	58c8103a4b	fix unittest	16 years ago
Victor Julien	6a53ab9c5a	Stream engine memory handling update The stream engine memory handling needed updating as it didn't scale. Changes: - pools can now be initialized to size 0, meaning unlimited - stream engine uses a memcap setting. Sessions, segments and aldata is part of this, app layer state isn't. - memory is accounted using a global int that is spinlocked. - a counter for sessions that have not been picked up because of memcap was added. - all reassembly errors are converted to debug msgs.	16 years ago
Kirby Kuehl	008de4321b	refactor dcerpc in prep for dcerpc over smb	16 years ago
Kirby Kuehl	f15ca04889	fix padding calculation and stubdata parser for dcerpc	16 years ago
Victor Julien	d7958f7983	fix wrong keyword name	16 years ago
Victor Julien	b7bac14040	Fixup code to compile with -Wall -Werror -Wextra -Wno-unused-parameter compiler options.	16 years ago
Victor Julien	18aa59b391	Fix compilation and a small memory error.	16 years ago
Anoop Saldanha	f684989f98	dce_iface, dce_opnum, dce_stub_data keyword support	16 years ago

1 2

80 Commits (9fa0033966be34b73a86e178c9f0d95ddb795e51)