aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,473 Commits
8 Branches
154 Tags
167 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a7a77e32ca'
${ noResults }
Commit Graph

4473 Commits (a7a77e32cac298a64c6c2ea5d30d4dc37ef3f5bc)
 

Author SHA1 Message Date
Eric Leblond f23556dcdb prscript: exit when no build exists 11 years ago
Eric Leblond c151b218f1 prscript: check if branch is synced with master 
The script now check if the tested branch is in sync with current
inliniac's master.
 11 years ago
Eric Leblond c390006aee script: add script to start personal builder 
This script HAS to be used by developer having an account on Suricata
buildbot. It MUST be run before doing a PR. It will trigger a build on
the branch and this will check the validity of the proposed branch.
The cinematic is simple:
 - Push branch XXX to github
 - Run 'prscript.py -u USER -p PASSWORD XXX'
 - Wait for the result
 - If successful, PR can be done
 11 years ago
Anoop Saldanha 56143131da Fix unittests that use chunked encoding. 11 years ago
Nelson Escobar ef4d11aeb5 Use the Async versions of SCCudaMemcpy* to improve gpu performance. 11 years ago
Eric Leblond 867a44f378 autotools: all target are conditional 11 years ago
Eric Leblond 77f2b9968e autotools: use builddir instead of srcdir 
srcdir is supposed to be read-only when running distcheck so it is better to
create the log directory in builddir.
 11 years ago
Ignacio Sanchez 1b2f251866 Various custom http logging improvements 
Cookie is parsed now using uint8_t pointers (inliniac PR comments)
Changed buffer size to a power of 2 (8192) and cookie value extraction function to static (inliniac PR comments)
Added %b for request size (vinfang patch)
Writing "-" if an unknown % directive is used (vinfang patch)
Fixed bug in cookie parser
Fixed format string issue logging literal values
Improve error handling (Victor Julien comments)

(patchset rebased and reworded by Victor Julien)
 11 years ago
Ignacio Sanchez 8051dc8a6a Added modifications suggested by Charles Smutz (https://redmine.openinfosecfoundation.org/issues/602) 11 years ago
Ignacio Sanchez 796bfab231 Added support for %{cookiename}C 
Added support for the definition of maximun length. ie: %[50]{user-agent}i
Some small bugfixes
 11 years ago
Eric Leblond 3dbf6c6fee solaris: fix compilation failure 
This patch fixes a compilation failure on Solaris. Compiler does
not support when a function returning void is used in return of
an other function returning void.
 11 years ago
Ken Steele 1bbbcf5120 Make the missing libhtp error message more clear. 
Use exact git clone command and then rerun autogen.sh and configure.
 11 years ago
Ken Steele a2b502a30c Formatting change for function call. 
Put open brace { for function on a new line to match coding standard.

Changed:

int foo(int x) {
}

to:

int foo(int x)
{
}
 11 years ago
Ken Steele d4dd18eb85 Clean up SCLocalTime() usage 
Remove cast of return type from SCLocalTime() as it is not needed.
Replace last use of localtime_r() with SCLocalTime().
 11 years ago
Ken Steele 77fae5313d On Open BSD systems don't cache time. 
Open BSD doesn't support __thread, which is used for time caching, so
don't do time chaching for BSD systems.
 11 years ago
Ken Steele 2feb37c155 Cache time conversions for localtime() and CreateTimeString() 
When converting a time in seconds (64-bit seconds since 1970) to
Month/Day/Year hours minutes, Suricata calls localtime_r(), which
always aquires a lock and then does complex comutation based on the
current time zone. The time zone can be specified in the TZ
environment variable, which is only parsed the first time it is used,
or from a file. The default file is /etc/localtime. The file is
checked each time to see if it might have changed and is reparsed if
it has changed.

The GLIBC library has a lock inside localtime_r(), which limits
parallelism, which is a problem when the rate of generating alerts is
high, since Suricata generates a new ascii time string for each alert
into fast.log.

This change caches the value returned by localtime_t() and then sets
the seconds within the minute based on the cached start-of-minute
time. All of the values return, expect for the seconds, is constant
within the same minute. Switching to a new seconds could change all
the other values, year, month, day, hour. The cache stores the current
and previous minute values.

The same trick is used in CreateTimeString() for generated time
string. The string, up to the minutes, is cached and then copied into
the result string, followed by printing the new seconds into the
result string.

The seconds within a minute are calculated as the difference in
seconds from the start of the current minute.
 11 years ago
Ken Steele 68d26dcec7 Merge multiple copies of CreateTimeString() to one copy. 
There were 8 identical copies of CreateTimeString() in 8 files.
Most used SCLocalTime, to replace localtime_r(), but some did not.
Created one copy in util-time.c.
 11 years ago
Ken Steele 5532af4621 Create SCMUTEX_INITIALIZER to abstract out PTHREAD_MUTEX_INITIALIZER 
This allows replacing pthread mutexes with other types of mutex.
 11 years ago
Ken Steele 784843b146 Use Tilera SIMD for Signature matching ala SSE3 
Makes use of 8-wide byte compare instructions in signature matching.

For allocating aligned memory, _mm_malloc() is SSE only, so added
check for __tile__ to use memalign() instead.

Shows a 13% speed up.
 11 years ago
Ken Steele 22225a7e99 Tile SIMD implementation of SCMemcmp and SCMemcmpLowercase 
Based on the SSE3 implementation, it checks 8 bytes at a time.
 11 years ago
Anoop Saldanha e68d44b051 fix for #932. 
ipv6 tunnel decoder wrongly treats the tunneled ipv6 packets as an ipv4
packet.
 11 years ago
Anoop Saldanha e2f4144d99 fix for #920. 
Cull the space before the address specified in address var variables.
 11 years ago
Duarte Silva ab215c72f6 Now using the common functions 11 years ago
Duarte Silva 0a5c798729 Now using the common functions 
- Removed some non printable ANSI characters
- Removed unecessary include
 11 years ago
Duarte Silva 8ce95af09c Added the new files containing the repeated functions 
- Renamed the functions to something more generic
- Added the source and include files to the Makefile
 11 years ago
Anoop Saldanha a44d42b124 Fixes segv inside rule swap under low mem conditions. 
We now gracefully exit rule swap on any allocation or other failures.
 11 years ago
Anoop Saldanha 8516ba24c9 Rearrange ac state. 
Notice a minor speed bump of around 2% on runs.  More updates to follow.
 11 years ago
Ken Steele 4b8bb11454 Enable using Tile cycle counter. 
The Tile processors all have a cycle counter with a simple interface. Use
that for UtilCpuGetTicks.
 11 years ago
Victor Julien 38aaae1fd7 IsRuleReloadSet() shouldn't return an uninitialized value 11 years ago
Eric Leblond 189327981a unittests: fix stream-tcp.c 
Lock and recycle fixes for stream-tcp.c
 11 years ago
Eric Leblond cd3e32ce19 unittests: some functions needs a flow lock. 
In debug validation mode, it is required to call application layer
parsing and other functions with a lock on flow. This patch updates
the code to do so.
 11 years ago
Eric Leblond c5bd04f102 unittest: recycle packet before exit 
To avoid an issue with flow validation, we need to recycle the packet
before cleaning the flow.
 11 years ago
Anoop Saldanha d292f1a529 fix for #915. Fix segv when we send NULL to snprintf. 11 years ago
Eric Leblond c6e8c5bf1f pf_ring: avoid to ask for extended header. 
This patch update pf_ring capture to avoid to ask for extended
header. They are only needed when rxonly checksum checks is used
and this is only possible when interface is not a DNA interface.
 11 years ago
Victor Julien ff668c2030 Fix Tile compile 11 years ago
Eric Leblond 20ca270dc3 fix pf_ring build 11 years ago
Eric Leblond 2a46f0dae4 suricata: rename SuriInstance to SCInstance. 11 years ago
Eric Leblond 9b422f3a8c suricata: suppress Suri prefix 
Suppress Suri prefix in internal function name.
 11 years ago
Eric Leblond 18ced653c3 Use a typedef for SuriInstance. 11 years ago
Eric Leblond 2d77e53f2c Add offline flag to SuriInstance and some refactoring 11 years ago
Eric Leblond 34abd818dd Prefix util-conf function with Config 11 years ago
Eric Leblond 7242cb30e7 Move CreateLowercaseTable to GLobalInits 11 years ago
Eric Leblond 02e9851315 Generic code don't need ifdef 11 years ago
Eric Leblond 8c00a963aa Use function for delayed detect setup. 11 years ago
Eric Leblond 4296e5f29e Add functions for elapsed time computation. 11 years ago
Eric Leblond 9d1d08c7a4 Factorize Signature loading 11 years ago
Eric Leblond 20c5683b60 Use function for daemonification and signal handler 11 years ago
Eric Leblond 90aaf55201 set rule_reload as part of SuriInstance 11 years ago
Eric Leblond bb19ce1847 SetBPfString is part of command line parsing 11 years ago
Eric Leblond 1a6983ee19 suricata: use function to print version 11 years ago