aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,473 Commits
8 Branches
154 Tags
167 MiB
dependabot/github_actions/github/codeql-action-3.26.13
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a7a77e32ca'
${ noResults }
Commit Graph

4473 Commits (a7a77e32cac298a64c6c2ea5d30d4dc37ef3f5bc)
 

Author SHA1 Message Date
Eric Leblond 4f789dbe84 Add function for internal running mode 11 years ago
Eric Leblond d3cb043001 suricata: windows specific in one function 11 years ago
Eric Leblond 4401c048ba Running mode is set earlier so out earlier 11 years ago
Eric Leblond 40a25112a0 kill remaining run_mode usage 11 years ago
Eric Leblond 75fa1e20d7 engine analysis is a running mode 11 years ago
Eric Leblond c0d5ee77f9 get (almost) rid of run_mode variable. 11 years ago
Eric Leblond 80542816cd add internal running mode 11 years ago
Eric Leblond e07fdb20a8 Add SuriInstance structure 
To be able to split code in functions in main, we need to pass
information about the current running Suricata to functions.
For that we create a structure to store suricata run parameters.

In this patch it allows to separate command line parsing and to
treat internal running mode in a switch just after command line
parsing.
 11 years ago
Eric Leblond 325462d396 Export IsRuleReloadSet and use it. 11 years ago
Eric Leblond 6d9a66d522 unittest: make check use a qa/log dir for logging 
This patch is using the qa/log directory to store the output
of the check. In case of success, the directory is deleted.
In case of failure, the directory remains in place.

This should fixes #910.
 11 years ago
Eric Leblond 4424f5a231 af-packet: add sanity check in free function 11 years ago
Eric Leblond 8e68b357c7 Suppress Suri prefix. 11 years ago
Eric Leblond 42011e2d32 suricata: function for lowercase table creation 11 years ago
Eric Leblond 132bebb2b2 Simplify code by removing comment 11 years ago
Eric Leblond 07ef1f9837 suricata: add wrapper for interface listing 11 years ago
Eric Leblond 54006de40c Use new function GetLogDirectory() 11 years ago
Eric Leblond 2be7c8aea8 Add util-conf for config util 11 years ago
Eric Leblond 27752818c2 suricata: add some wrapper for config file handling 11 years ago
Eric Leblond b2fa4edd36 move unittest out of suricata.c 11 years ago
Eric Leblond 9a0bf0956b suricata: list cuda cards in separate function 11 years ago
Eric Leblond bed48e3a54 suricata: separate keyword and app layer listing code 
The list-keyword and app-layer listing code was spread over all the
init code. This patch introduces a separate file to store non standard
running mode like these ones.
 11 years ago
Eric Leblond 135ef0186b runmodes: fix comment 11 years ago
Victor Julien 5a7bf53a6b Storage: rename Init to Alloc to reflect actual functioning. Comment updates. 11 years ago
Victor Julien f06694d0c1 Storage API: add safety check for cases when there is no storage used. 11 years ago
Eric Leblond caf730d988 engine-tag: rename var and add sanity check 11 years ago
Eric Leblond fb55931c30 flow tag: conversion to flow storage API 
This patch is updating the flow tag system to use the flow
storage API. The tag_list member of Flow structure is suppressed
and its cleaning operation are suppressed too as this is handled
transparently by the flow storage API.
 11 years ago
Eric Leblond 4db2fc2cbb Add per-flow generic storage 
This patch adds a per-flow storage that can be created via the functions
available in flow-storage.c.
 11 years ago
Eric Leblond 6d08807b2d Host: use global free storage function 
This patch is here to avoid that all modules using a local storage
have to update host code to add their free function. It modifies
previous behavior by calling HostFreeStorage in any case.
 11 years ago
Victor Julien 27023872de Use Host Storage API for per host thresholding 11 years ago
Victor Julien c08b395c2c Init storage api at start up 11 years ago
Victor Julien 5919901675 Storage API: add registration check closed test in debug mode. 11 years ago
Victor Julien 3447324c36 Move Host Tag storage to Host Storage API. 11 years ago
Victor Julien 0d2a6e515e Add Host specific wrapper to StorageRegister() 11 years ago
Victor Julien b5ccf0b9c7 storage: allow preallocated storage 11 years ago
Victor Julien e2b006f523 host: use storage api 11 years ago
Victor Julien 022c0e466e Initial storage api work 11 years ago
Victor Julien 1c06d52208 Misc fixes after make check feedback 11 years ago
Ken Steele 316190c6b9 Add TILE-Gx mPIPE packet processing support. 
The TILE-Gx processor includes a packet processing engine, called
mPIPE, that can deliver packets directly into user space memory. It
handles buffer allocation and load balancing (either static 5-tuple
hashing, or dynamic flow affinity hashing are used here). The new
packet source code is in source-mpipe.c and source-mpipe.h

A new Tile runmode is added that configures the Suricata pipelines in
worker mode, where each thread does the entire packet processing
pipeline.  It scales across all the Gx chips sizes of 9, 16, 36 or 72
cores. The new runmode is in runmode-tile.c and runmode-tile.h

The configure script detects the TILE-Gx architecture and defines
HAVE_MPIPE, which is then used to conditionally enable the code to
support mPIPE packet processing. Suricata runs on TILE-Gx even without
mPIPE support enabled.

The Suricata Packet structures are allocated by the mPIPE hardware by
allocating the Suricata Packet structure immediatley before the mPIPE
packet buffer and then pushing the mPIPE packet buffer pointer onto
the mPIPE buffer stack.  This way, mPIPE writes the packet data into
the buffer, returns the mPIPE packet buffer pointer, which is then
converted into a Suricata Packet pointer for processing inside
Suricata. When the Packet is freed, the buffer is returned to mPIPE's
buffer stack, by setting ReleasePacket to an mPIPE release specific
function.

The code checks for the largest Huge page available in Linux when
Suricata is started. TILE-Gx supports Huge pages sizes of 16MB, 64MB,
256MB, 1GB and 4GB. Suricata then divides one of those page into
packet buffers for mPIPE.

The code is not yet optimized for high performance. Performance
improvements will follow shortly.

The code was originally written by Tom Decanio and then further
modified by Tilera.

This code has been tested with Tilera's Multicore Developement
Environment (MDE) version 4.1.5. The TILEncore-Gx36 (PCIe card) and
TILEmpower-Gx (1U Rack mount).
 11 years ago
Victor Julien 04f3f14541 ipv6: fix parsing of malformed ext hdr. Bug #908. 11 years ago
Victor Julien 4b4111e9e2 icmpv6: fix icmp_id and icmp_seq keywords 
Bug #907
 11 years ago
Victor Julien d82ce3f50c Fix compiler warning due to missing include 
decode.c: In function 'DecodeThreadVarsAlloc':
decode.c:437: error: implicit declaration of function 'ConfGetBool'
 11 years ago
Victor Julien fb16cf1a5a vlan: add rule for new 'too many layers' event 11 years ago
Victor Julien 16c3487444 Add yaml option to disable vlan ids hashing 
In some cases using the vlan id(s) in flow hashing is problematic. Cases
of broken routers have been reported. So this option allows for disabling
the use of vlan id(s) while calculating the flow hash, and in the future
other hashes.

Vlan tracking for flow is enabled by default.
 11 years ago
Victor Julien 58ed1f2411 flow: take vlan_id's into account in the flow hash 
In VLAN we can have 2 layers of encapsulation. In this patch both
layers are used in the flow hash to distinguish between encapsulated
traffic.
 11 years ago
Victor Julien 055b422c28 Remove obsolete code: flow alert sid storage 11 years ago
Victor Julien 9faa4b740d Add --unittests-coverage option to list how many code modules have tests 11 years ago
Victor Julien fc7879322e Rename GetIfaceMaxPayloadSize to GetIfaceMaxPacketSize to reflect the actual function. 11 years ago
Victor Julien bd21b5ed9c Pcap: fix snaplen autodetection, GetIfaceMTU doesn't include link layer length 11 years ago
Ken Steele 149d2a0793 Fix typo in configure.ac echo message 11 years ago
Anoop Saldanha ee0b21652b fix bug where we were not printing http hostname(printing <unknown> 
previously) in httplog, filestore meta and file log.
 11 years ago