suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	c1dd4534d9	detect/bsize: support transforms in case w/o content	5 years ago
Jason Ish	963abc961c	python: fix parsing Suricata version from configure.ac If parsing the version fails, or no version is found, fail instead of defaulting to a version of 0.0.0.	5 years ago
Victor Julien	82de6e0659	decoder/vxlan: improvements and cleanups Implement port config handling. Also check both src port and dest port for tunnels that only set the destination port to the VXLAN port. At the point of the check we don't know the packet direction yet. Implement as Suricata tunnel similar to Teredo. Cleanups.	5 years ago
Henrik Lund Kramshoej	3519b011b7	decoder/vxlan: initial implementation of decoder	5 years ago
Victor Julien	35b88991c3	mem: fix shadow declaration warning Avoid clash by adding a leading underscore to the declaration in the macro. These temporary vars should never clash with valid variables from the code where they are called from.	5 years ago
Victor Julien	034555644b	doc: add tcp.hdr and udp.hdr	5 years ago
Philippe Antoine	e30a77c5a1	warnings : Fixes integer sizes in format strings	5 years ago
Andreas Herz	0795dc1e14	configure: update configure.ac to reflect modern autoconf syntax	5 years ago
Pierre Chifflier	af7d245a31	rust/snmp: add event when expected/received PDU versions mismatch	5 years ago
Pierre Chifflier	1880f6945c	rust/snmp: use generic parsing function, for all SNMP versions Do no restrict parsing to the version seen in the first packet, but use a generic function, independent of the version.	5 years ago
Jason Ish	577c8cb0c0	dns-log: remove from config dns-log has been removed from the code. Redmine issue: https://redmine.openinfosecfoundation.org/issues/2297	5 years ago
Victor Julien	ba5679de0f	profiling: fix undefined profiling code use	5 years ago
Victor Julien	ac694b089a	detect: add udp.hdr sticky buffer	5 years ago
Victor Julien	bdf53f449c	detect/tcp: rename tcp keyword files	5 years ago
Victor Julien	47919fd0e4	detect/tcp: add tcp.<field> notation variants	5 years ago
Victor Julien	0cecb1c3b2	detect/prefilter: minor error handling cleanup	5 years ago
Victor Julien	35be8385eb	detect: tcp.hdr sticky buffer Sticky buffer to inspect the TCP header.	5 years ago
Victor Julien	47ef8f5822	detect/mpm: add l4-header support Prepare MPM part of the detection engine for a new type of per packet matching, where the L4 header will be inspected. Preparation for TCP header inspection keyword.	5 years ago
Victor Julien	0965afd661	detect: pkt inspect engines Instead of hard coded calls to the inspection logic for payload inspection and 'MATCH'-list inspection use a callback approach. This will register a callback per 'sm_list' much like how app-layer inspect engines are registered. This will allow for adding more types later without adding runtime overhead. Implement the callback for the PMATCH and MATCH logic.	5 years ago
Victor Julien	2a778e439a	detect/build: minor code cleanups	5 years ago
Victor Julien	a01df4b86b	doc: document tcp.mss keyword	5 years ago
Victor Julien	66648df099	detect: add tcp.mss keyword Allows matching on TCP option MSS. Syntax: tcp.mss:<value>; tcp.mss:<value1>-<value2>; tcp.mss:<op><value>; Operator can be: >, <.	5 years ago
Jeff Lucovsky	d2fdbc7d6f	output/json: Avoid use of uninitialized value In JsonPacket, a Base64Decode error could cause an uninitialized variable to be used because its return value is ignored.	5 years ago
Jeff Lucovsky	6911cc01ad	rust/snmp: Support get-info-by-id	5 years ago
Jeff Lucovsky	7560b75591	rust/ntp: Support get-info-by-id	5 years ago
Jeff Lucovsky	12c2d18c8b	rust/krb: Support get-info-by-id	5 years ago
Jeff Lucovsky	fb01641629	rust/ikev2: Support get-info-by-id	5 years ago
Jeff Lucovsky	e3ca6b43fc	rust/dhcp: Support get-info-by-id	5 years ago
Jeff Lucovsky	a5d9d37c34	rust/parser: Extend Rust parser for event-by-id Extend the Rust parsing infrastructure with the "get event info by id" calls. This changeset extends the parser structure, the C-based registration handlers and the template parser.	5 years ago
Jeff Lucovsky	294d0e8cba	snmp: Fix type	5 years ago
Jeff Lucovsky	9ccc28baeb	rust/smb: Implement get event by id	5 years ago
Jeff Lucovsky	643864a8f5	rust/snmp: fix libc deprecation warnings	5 years ago
Victor Julien	3f6624bf16	rust: remove libc crate dependency Use std::os::raw instead.	5 years ago
Victor Julien	28ed0d3a18	nfs: implement get_event_info_by_id callback	5 years ago
Victor Julien	429ca858dc	rust/gen: turn mutconst T into const T **	5 years ago
Jeff Lucovsky	6cd39c5cfb	userguide: Document app-layer anomaly items This changeset expands the anomaly section to include newly added app-layer items.	5 years ago
Jeff Lucovsky	d568e7fadd	eve/logging: 2991 Optimize logging by TX This changeset makes changes to the TX logging path. Since the txn is passed to the TX logger, the TX can be used directly instead of through the TX id.	5 years ago
Jeff Lucovsky	488446cf37	logging/anomaly: Track event log progress This changeset adds a mechanism to track when individual events are logged. Transactions can be provided more than once; track events to prevent event re-logging.	5 years ago
Jeff Lucovsky	4a39d7a1ee	app-layer: Extend event container with progress	5 years ago
Jeff Lucovsky	07c05f7dd8	logging/anomaly: TX based logging addition	5 years ago
Jeff Lucovsky	36644907f5	app-layer/logging Add TX packet logging support Add transactional logging support for packet based loggers, like the anomaly logger.	5 years ago
Jeff Lucovsky	f7b934f83f	app-layer/logging: protocol parser updates	5 years ago
Jeff Lucovsky	49438569a2	logging: anomaly log updates	5 years ago
Jeff Lucovsky	50e23ba93a	app-layer: Initial app layer logging	5 years ago
Victor Julien	4e8d38348f	flow: no bypass manager for Windows	5 years ago
Victor Julien	287b87b81b	bypass: switch to gettimeofday	5 years ago
Victor Julien	d8614a15c6	mingw: fix compile error Declare _POSIX_C_SOURCE before sys/time.h to avoid: util-time.c: In function 'SCUtcTime': util-time.c:222:12: error: implicit declaration of function 'gmtime_r'; did you mean 'gmtime_s'? [-Werror=implicit-function-declaration] 222 \| return gmtime_r(&timep, result); \| ^~~~~~~~ \| gmtime_s util-time.c:222:12: warning: returning 'int' from a function with return type 'struct tm *' makes pointer from integer without a cast [-Wint-conversion] 222 \| return gmtime_r(&timep, result); \| ^~~~~~~~~~~~~~~~~~~~~~~~ util-time.c: In function 'SCLocalTime': util-time.c:305:9: error: implicit declaration of function 'localtime_r'; did you mean 'localtime_s'? [-Werror=implicit-function-declaration] 305 \| localtime_r(&timep, &cached_local_tm[lru]); \| ^~~~~~~~~~~ \| localtime_s util-time.c:321:56: warning: comparison between pointer and integer 321 \| if (localtime_r(&timep, &cached_local_tm[lru]) == NULL) \| ^~ cc1.exe: some warnings being treated as errors Tickets: #2994 #3051	5 years ago
Eric Leblond	1f151dd8a6	doc: address norg comments on eBPF doc	5 years ago
Eloïse Brocas	8692aac97f	doc: specify config file in ebpf doc This patch updates the ebpf-xdp.rst file to specify which configuration file has to be modified.	5 years ago
Eric Leblond	6126f105ea	util-ebpf: fix creation of flow from pinned maps	5 years ago

... 2 3 4 5 6 ...

10196 Commits (a272e433a8f9a1886db22cf77d2f6a3b2eed2a57) All Branches Search

10196 Commits (a272e433a8f9a1886db22cf77d2f6a3b2eed2a57)

All Branches