Victor Julien
|
d3244e51eb
|
Fix big endian iponly handling.
|
15 years ago |
Victor Julien
|
59ccef9a11
|
Handle ip only matching correctly on big endian systems. Thanks to Yao-Min Chen for figuring this out.
|
15 years ago |
Pablo Rincon
|
cef12d30b5
|
Unified output fixes: alert count per module (not per thread), fix timestamps on pcap mode, write *all* the alerts of a packet, write the log header once also on unified alert
|
15 years ago |
Breno Silva
|
b02bb6b6b4
|
VLAN Support
|
15 years ago |
Pablo Rincon
|
29d51a6182
|
Using the loggin API in source-pcap and source-pcap-file
|
15 years ago |
Gurvinder Singh
|
5293681860
|
b86
|
15 years ago |
Victor Julien
|
4f3a04a410
|
Disable htp cleanup code as I'm not yet convinced it does what it should.
|
15 years ago |
Gurvinder Singh
|
bf236e4567
|
better htp memory handling & flow valgrind error fixed
|
15 years ago |
Jason Ish
|
763fb4a583
|
Fix threading issues with unified-log. - Only write the header once, on opening, not per thread init. - Track the size in the log file ctx, not per thread.
|
15 years ago |
Victor Julien
|
defc6595c6
|
Make pcre P have it's own sm type.
|
15 years ago |
Pablo Rincon
|
0165b3f0d8
|
pcre P modifier support (pcre match over http body requests)
|
15 years ago |
Gerardo Iglesias Galvan
|
ba6d807a6e
|
Improve information about errors on signature failure
|
15 years ago |
Jason Ish
|
cc28284598
|
Set the ethernet header pointer. Without this, alert-unified-log will add an extra ethernet header to every alert logged.
|
15 years ago |
Kirby Kuehl
|
565eab1f54
|
fix bug88
|
15 years ago |
Kirby Kuehl
|
a334a87109
|
smb safety checks
|
15 years ago |
Kirby Kuehl
|
bea30a6db6
|
bug 88 validate dcerpc header
|
15 years ago |
Jason Ish
|
9e4da4f8e7
|
supply pcre_get_substring with the proper start of the string.
|
15 years ago |
Kirby Kuehl
|
a8c3718b56
|
signed unsigned comparision fix for 64 bit
|
15 years ago |
William Metcalf
|
7099da431b
|
small fix for source-pfring.c after stat err rename
|
15 years ago |
Jason Ish
|
e87d4f8a28
|
Split the defrag counters into ipv4 and ipv6.
|
15 years ago |
Victor Julien
|
2cb2989ad8
|
Apply configurable max pending packets to nfq and ipfw
|
15 years ago |
Jason Ish
|
7142fdb780
|
quick way to make max_pending configurable.
|
15 years ago |
Victor Julien
|
187949b9ad
|
Make urilen inspect the normalized uri, cleanup uri (error) handling.
|
15 years ago |
Jason Ish
|
6b562f7aa6
|
Issue 82 - fragment counters. - number of fragments - number reassembled - number of timeouts
|
15 years ago |
Victor Julien
|
3d0355bae8
|
Compile fix.
|
15 years ago |
William Metcalf
|
c3e70accd2
|
pcap and pfring exit stats
|
15 years ago |
Victor Julien
|
b99e10236c
|
Fix a endless loop condition in the smb parser and make dcerpc parser more quiet.
|
15 years ago |
Victor Julien
|
16aebe5add
|
Fixup smb tests.
|
15 years ago |
Kirby Kuehl
|
957b43b3d6
|
signed unsigned comparision cleanup
|
15 years ago |
Kirby Kuehl
|
40a0fd5e97
|
fix warning
|
15 years ago |
Kirby Kuehl
|
4b05bc281d
|
fix padding bug
|
15 years ago |
Kirby Kuehl
|
6aac8d55a6
|
reset smb bytesprocessed when complete
|
15 years ago |
Kirby Kuehl
|
4dd2f621ac
|
smb writeandx dcerpc over smb
|
15 years ago |
Pablo Rincon
|
583c686170
|
Allowing no case options for flow keyword. Adding unittests for this
|
15 years ago |
Victor Julien
|
194015c6cf
|
Fix reject code to not send resets for all alerts.
|
15 years ago |
William Metcalf
|
f925ac9351
|
printf to logging subsys conversion for src/detect-bytejump.c
|
15 years ago |
Gurvinder Singh
|
999a200bc9
|
pattern matcher options support
|
15 years ago |
Pablo Rincon
|
d0404d8447
|
Renaming errors with naming conventions
|
15 years ago |
Pablo Rincon
|
ad2c136e8f
|
Renaming errors (naming conventions)
|
15 years ago |
Jason Ish
|
8f618b2121
|
- actually re-inject ipv6 re-assembled packets. - set the next header.
|
15 years ago |
Jason Ish
|
8570976ee0
|
Fix for lists that are children of another list. Fix memory leak by only setting the sequence index value to the first item found.
|
15 years ago |
Victor Julien
|
501c8814b6
|
fix crash in urilen
|
15 years ago |
Victor Julien
|
ed7762e843
|
Disable unused jabber proto detection as it made the proto detection code look way more into the stream than without it.
|
15 years ago |
Jason Ish
|
6f73aca1e8
|
I know Snort defaults to syslog in daemon mode, but should we?
Stick to the logging configuration defined in the config file
in daemon mode.
|
15 years ago |
Jason Ish
|
c72d6be58b
|
Making logging configurable. If no logging outputs are defined the default will be used. - Currently per output log formatting is not available.
|
15 years ago |
Breno Silva
|
a857fa7170
|
FragOffset Rule Keyword
|
15 years ago |
Breno Silva
|
7e299834d2
|
FragOffset Rule Keyword
|
15 years ago |
Victor Julien
|
f96511a8b1
|
Check reassembly limits against correct stream direction. Set proper direction flag in stream msgs.
|
15 years ago |
Gurvinder Singh
|
ed99e73622
|
bug 78
|
15 years ago |
Kirby Kuehl
|
58c8103a4b
|
fix unittest
|
15 years ago |