Commit Graph

3248 Commits (a34f91358dab52ae8093459d3aa9f14cd5fd41f2)
 

Author SHA1 Message Date
Eric Leblond ac2d13d62b Improve check of min requirement for AF_PACKET.
As pointed out by #416, AF_PACKET detection support was not accurate
enough. This patch improves the check by doing a verification of
the availability of the feature level needed to build AF_PACKET.
We need TPACKET_V2 which is available after 2.6.27.
14 years ago
Anoop Saldanha b2455b6afa cuda pb tm should be in a thread of its own + pkt_acq should be as free as possible 14 years ago
Anoop Saldanha 2995867328 b2g cuda up, compiling and running 14 years ago
Anoop Saldanha f1863370a5 clean log pcap 14 years ago
Anoop Saldanha 6392202872 restructure log pcap to use a different setup, which is resilient to thread failure/restarts 14 years ago
Anoop Saldanha fd21b83f3e don't return TM failure on failing to remove log file 14 years ago
Anoop Saldanha 4bc907414b init every new pf instance in log pcap 14 years ago
Victor Julien cfd4d07dd0 host: convert host hash to use lookup3.c 14 years ago
Victor Julien c10370907a flow: make flow use lookup3.c hashing algorithm. Improves hash table distribution. 14 years ago
Victor Julien 20c08ca47b hash: add lookup3.c by Bob Jenkins
Found here:
http://burtleburtle.net/bob/hash/doobs.html
http://burtleburtle.net/bob/c/lookup3.c

From the file header:

lookup3.c, by Bob Jenkins, May 2006, Public Domain.

These are functions for producing 32-bit hashes for hash table lookup.
hashword(), hashlittle(), hashlittle2(), hashbig(), mix(), and final()
are externally useful functions.  Routines to test the hash are included
if SELF_TEST is defined.  You can use this free for any purpose.  It's in
the public domain.  It has no warranty.
14 years ago
Victor Julien 19a7e7f395 flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default. 14 years ago
Xavier Lange fea5e68a7b Include conf_test in special cases for unset RUNMODE 14 years ago
Xavier Lange 1d774dae61 Make conf_test local. Simplify if/else to if. 14 years ago
Xavier Lange 1ae10b9a42 Do not spawn threads for conf test 14 years ago
Xavier Lange eaacc5d0fe Added conf_test flag and behavior 14 years ago
Victor Julien 22349f863b file magic: don't disable inspecting magic for both directions if files in only one direction don't need magic. 14 years ago
Victor Julien ba4613aef1 Add host section to stock yaml. 14 years ago
Victor Julien f4b542d703 Enforce memcap limit before allocating hash table in host and flow engines. 14 years ago
Victor Julien bd66a4bba9 Fix typo in spm prototype declaration. 14 years ago
Anoop Saldanha 4d192a6881 update all spm algos to use 16 bit pattern lengths. Should compress a lot of tables 14 years ago
Victor Julien 8d1fe9f2fa Make 'autofp' the default runmode. Increase default max-pending-packets to 1024. Move some advanced and uncommonly changed settings down in the stock suricata.yaml. Closes #433. 14 years ago
Eileen Donlon da633d490b fix misleading comment 14 years ago
Eileen Donlon 793478a832 reject rules with invalid hex digits in content 14 years ago
Eileen Donlon f2e85ab9ee reject rules with an invalid ttl range 14 years ago
Victor Julien 4157d9408d Various small flow and host table fixes. 14 years ago
Victor Julien aded3c5578 http: 'HTTP Host header ambiguous' after libhtp update. It now fires if hostname is present both in URL and Host header and the 2 are not equal. 14 years ago
Victor Julien ef52ba8f57 libhtp: update to sync with upstream 0.2.x
Patches applied are:

commit 85f5bbc39dda2eaf03ccb6111cbf5daf1c7b75f9
Author: Craig Forbes <cforbes@qualys.com>
Date:   Wed Mar 21 16:45:04 2012 +0000

    Backport of STREAM_STATE_TUNNEL fix to 0.2.x.

    Return STREAM_STATE_TUNNEL after entering a tunnel.

commit cfbe28cd4ddde6d77c5b0d5935c8717834971441
Author: Craig Forbes <cforbes@qualys.com>
Date:   Wed Feb 29 16:52:44 2012 +0000

    Backport of the fix for HTP_AMBIGUOUS_HOST flag.

    The flag is only set when the URI host on the request line is different
    than the value in the Host: request header.

    Resolves https://github.com/ironbee/libhtp/issues/20

commit 196dfb1c8b7a5996389c719e2c912163c5607916
Author: Brian Rectanus <brectanus@qualys.com>
Date:   Wed Feb 8 08:35:46 2012 -0600

    Add missing function declaration in header.

commit 7878fec818167fcdf7c8c4852ac0dafa1ae445f1
Author: Brian Rectanus <brectanus@qualys.com>
Date:   Wed Feb 8 08:35:07 2012 -0600

    Revert part of previous patch, which was invalid.

commit bafef3d4cbfc307960677c6bd682ae195fe986cd
Author: Brian Rectanus <brectanus@qualys.com>
Date:   Wed Feb 8 08:36:06 2012 -0600

    Update version to next dev release.

commit 62cfdb41ba84f2666c7526e2e5d9e10ab8e220f1
Author: William Metcalf <wmetcalf@qualys.com>
Date:   Wed Feb 1 13:19:48 2012 -0600

Many thanks to Will, Brian and Craig.
14 years ago
Victor Julien 18e81b7ba9 Bail out early if we're in http tunnel mode. 14 years ago
Victor Julien 0788656ef7 Silence ac-gfbs debug message. 14 years ago
Victor Julien da3c5bf84d Minor error message cleanups 14 years ago
Victor Julien fa22a26366 profiling: fix lock profiling int print issue. 14 years ago
Victor Julien 3b79dac2b7 flow: fix atomic var not being initialized and destroyed. 14 years ago
Victor Julien 60dbd34f93 Fix bug in app layer event handling causing http event rules to fail loading. 14 years ago
Victor Julien 40ed10ab38 Minor flowq updates. 14 years ago
Anoop Saldanha 7115fa3e72 Introduce the address hash based flow q handler 14 years ago
Anoop Saldanha 5ffb050ada Adapt flow tmqh counters to be atomic vars. Remove support for active flows q handler. Introduce SC_ATOMIC_SET 14 years ago
Anoop Saldanha 3faed5fe79 Support freeing flow q handler out ctx. Adapt unittests to use the same 14 years ago
Anoop Saldanha d01589c9d8 neaten flow q handler code 14 years ago
Anoop Saldanha 0fa14292c0 Enable unittests for flow q handler 14 years ago
Anoop Saldanha 4e417b72b5 support flow q handler schedulers active_flows and active_packets. Support new yaml option autofp_scheduler. Support for printing q handler stats as well 14 years ago
Anoop Saldanha e252048900 support for custom flow qhandlers - round robin support added 14 years ago
Pierre Chifflier d866f38982 TLS: add variable to store the error code in the decoder
Use a variable to store the decoding error code if required, and remove
the calls to SCLogInfo and SCLogDebug.
14 years ago
Pierre Chifflier 218b5d3ba0 TLS app layer: misc fixes, reorder some fields to same memory 14 years ago
Pierre Chifflier 3df341dbeb Add TLS decode events 14 years ago
Pierre Chifflier 71fa4a5285 TLS: replace SigMatchAppendAppLayer with SigMatchAppendSMToList 14 years ago
Eric Leblond a9bb17e097 tls-handshake: add sanity checks. 14 years ago
Eric Leblond 01c7e5bde6 tls-handshake: Add some missing free in error handling.
When DecodeAsn1BuildValue function fails, it may be necessary to
do some clean-up in the calling functions.
14 years ago
Eric Leblond 480db00fd7 tls-handshake: DecodeAsn1BuildValue should return -1 for error
This patch modifies DecodeAsn1BuildValue to have it return -1 when
there is a too big number of bytes announced in the ASN.1 message.
14 years ago
Eric Leblond 8f885ce810 TLS parser: add sanity checks on loop
It was possible in some loop to read data placed after the buffer
resulting in invalid/unpredictable value. This patch fixes two of
this issues.
14 years ago
Eric Leblond d1c56e810b TLS parser: add sanity check 14 years ago