aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,369 Commits
8 Branches
165 Tags
229 MiB
main
main-7.0.x
main-8.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a53aef9c57'
${ noResults }
Commit Graph

6369 Commits (a53aef9c57a4f7855805bc41e8dd32d1b50ad32a)
 

Author SHA1 Message Date
Victor Julien 8cdd96d7a4 tls: suppress warnings on alloc failure 10 years ago
Victor Julien b4dad91e26 unified2: disable by default 10 years ago
Victor Julien 36fde7df42 stats log: suppress 0 counters by default 10 years ago
Victor Julien 86a3f06410 afpacket: suppress output 10 years ago
Victor Julien bed1867830 afpacket: move zero copy setup to config parsing 
This way it's run and logged per device, instead of per thread.
 10 years ago
Victor Julien 9d882116e2 afpacket: indent fixup 10 years ago
Victor Julien cf2588acc4 offloading: compress printing of iface offloading 10 years ago
Victor Julien f89a421990 afpacket: on missing cluster settings, set defaults 10 years ago
Victor Julien 49dbb455b5 afpacket: add null decoder, put ethernet first 10 years ago
Victor Julien 7b45a8a2a9 device: constify string args 10 years ago
Jason Ish d87a60f3cc modbus: disable by default 10 years ago
Eric Leblond 538f37bd38 output-json: add app_proto key in root 
By adding the key in the root of *flow and fileinfo  events it
will be possible to get all events for one application layer by
using a 'event_type:proto OR app_proto:proto' filter. This will
permit to the analyst to get a good view of events related to
one protocol.

This patch also fixes a regression in file logging where app_proto
was available before 94dbd303e4 create
the regression.
 10 years ago
Alexander Gozman 8ac48872a5 Feature 1605: more descriptive error messages when checking MTU, etc 10 years ago
Victor Julien 019f856442 profiling: fix lock profile compilation 10 years ago
Victor Julien ac476de5ed json: small improvement to log message wording 10 years ago
Eric Leblond 9930f447d2 output-json: fix regression on log prefix handling 
The log prefix option was not anymore honored due to a regression
caused by some recent code.
 10 years ago
Maurizio Abba 1291250c0f app-layer-smtp: support for multiline response 
Multiline response support is provided but not enforced. This patch
allow parsing multiline response when a reply is processed
 10 years ago
Victor Julien 737c99dd30 Update changelog for 3.0RC1 10 years ago
Victor Julien 84c4566a14 Update dev version to reflect we're doing 3.0 now 10 years ago
Victor Julien d77e403024 rule vars: fix compiler warning 10 years ago
Victor Julien a7f54d63b7 tls: fix compiler warnings 10 years ago
Victor Julien a1075ee2f2 http: add test for plain http over connect 10 years ago
Victor Julien cd81af0bc9 http: don't run unittests twice 10 years ago
Victor Julien e86e27bab7 http: test cleanups 10 years ago
Aaron Campbell 50f4fb2a72 Fix out-of-bounds memory access in DNS TXT record parser. 
The datalen variable is declared unsigned.  If txtlen and datalen are equal,
datalen will first be reduced to 0, and then the datalen-- line will cause its
value to wrap to 65535.  This will cause the loop to continue much longer than
intended, and eventually may crash on an out-of-bounds *tdata dereference.

Signed-off-by: Aaron Campbell <aaron@monkey.org>
 10 years ago
Victor Julien 4dfbc0effa multi-detect: fix and simplify config 
instead

mappings:
  - vlan:
    vlan-id: 1
    tenant-id: 2

we'll now use:

mappings:
  - vlan-id: 1
    tenant-id: 2

For YAML it pretty much means the same thing.

Ticket: 1517
 10 years ago
Victor Julien 07d8617b3e multi-detect: improve error handling 10 years ago
Victor Julien 906b95eed3 multi-detect: handle missing mappings 
Notify/warn user about missing mappings depending on other settings
like unix socket and init errors fatal.
 10 years ago
Victor Julien 27783f4c66 multi-detect: consider vlan tracking 
Refuse to use vlan selector if vlan tracking is disabled.
 10 years ago
Victor Julien 04889f154d multi-detect: validate vlan_id 10 years ago
Victor Julien d7d76e7b27 multi-detect: use default tenant 
The default detect engine can be used as 'default tenant'.
 10 years ago
Victor Julien dc3c1ef01e multi-detect: clean up output 10 years ago
Victor Julien adecf41720 base64: code style fixups 10 years ago
Jason Ish 6b15686fd1 base64_decode, base64_data: decode and match base64 10 years ago
Jason Ish 9375e8fb3c util-base64: strict mode - all characters must be valid 
Introduce a strict mode to base64 decode. If strict,
the function will fail when invalid input data is seen.
If not strict, what has been decoded will be returned.

This is in support of adding a Snort compatible base64_decode
rule option that uses whatever data can be decoded as a length
of data to decode is optional.
 10 years ago
Mats Klepsland 7281f6aaf3 lua: added function TlsGetSNI() 
Added function to get server name from TLS SNI extension.
 10 years ago
Mats Klepsland f363d11afe log-tls: added SNI field to extended output 
Added SNI field to extended tls log output.
 10 years ago
Mats Klepsland 285022fde9 output-json-tls: added SNI field to extended output 
Added SNI field to extended JSON output.
 10 years ago
Mats Klepsland 3ac1a3d9fe app-layer-ssl: get server name from SNI extension 
Decode client hello handshake to get server name from SNI extension.
 10 years ago
Victor Julien bec913b40c json: fix malformed output 
Even though the json output callback is called with a null terminated
string, it's not useable directly. The size parameter to the callback
might be a lot smaller than the string size. Libjansson gives the size
up to the first point that needs escaping.
 10 years ago
Victor Julien c80990fe10 output: cleanup JSON logging 10 years ago
Victor Julien ad5a753dde output-json: don't alloc for JSON to string 10 years ago
Victor Julien c1bf0e1b07 rule profiling: json output 10 years ago
Victor Julien b03c288d9a profiling: cleanup, remove MIN declaration 10 years ago
Eric Leblond a4089873c7 rules-reload: fix reload with -s or -S 
When using the -S or -s option, the reload was causing the specified
rules file to be forgotten and the default rules to be loaded at
reload time.
 10 years ago
Eric Leblond b85901a6b4 prscript: add rm command 
This command removes the container and the image allowing to
free the disk space allocated during the creation.
 10 years ago
Eric Leblond 35c1b681ee prscript: docker do not need sudo 
Usage is not to run docker command as root but to have the user
in the docker group to be able to run docker commands.
 10 years ago
Eric Leblond c199fdcbb9 handle MTU discovery in multi iface case 
This patch adds handling of multiple interface by using as
default-packet-size the maximum MTU + header length among the
live iface.
 10 years ago
Eric Leblond affb399cd9 config: don't use hardcoded path 
It is better to use a transformation to define the default
directory of output message instead of using an hardcoded value.
Same apply to the directory for the pid file.
 10 years ago
Eric Leblond 9672e16323 suricata: clean dump-config output 
When user asks for a configuration dump, it is useless to display
the version and CPU info. Also initializing the log system conduct
to overwrite the some log files and in particular suricata.log and
this is annoying as a command should not interfere with a running
daemon.
 10 years ago