0d6f33a15b 
								
							
								 
							
						 
						
							
							
								
								Move PACKET_RECYCLE outside of flow lock in FlowForceReassemblyForQ as it confuses static code checkers.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								e21d8cdf01 
								
							
								 
							
						 
						
							
							
								
								file extract: improve multipart parsing and set events on some error conditions.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								bfb3f1b7cf 
								
							
								 
							
						 
						
							
							
								
								flow: Refactor how FlowPrune deals with forced timeouts, improving locking logic.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								372ab9c433 
								
							
								 
							
						 
						
							
							
								
								Another batch of minor fixed for issues found by Coverity.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								11bdf4838f 
								
							
								 
							
						 
						
							
							
								
								Various improvements to error handling found by Coverity.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								d6af843860 
								
							
								 
							
						 
						
							
							
								
								code cleanup  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								cdba2f50d1 
								
							
								 
							
						 
						
							
							
								
								Various fixes and improvements based on feedback by Coverity analyzer.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								4b2d94a841 
								
							
								 
							
						 
						
							
							
								
								Add line number to warning about mangled yaml parameters. Limit number of warnings to 10.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								0fc878b391 
								
							
								 
							
						 
						
							
							
								
								Consistently use dashes instead of underscores in the sample config file.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								a67d78eda6 
								
							
								 
							
						 
						
							
							
								
								Consistently use dashes instead of underscores in the sample config file.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								fb05edeeee 
								
							
								 
							
						 
						
							
							
								
								Convert underscores to dashes in thread affinity type names.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								7fce226bb8 
								
							
								 
							
						 
						
							
							
								
								Fix some warning message still using underscored config vars.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								139768dd58 
								
							
								 
							
						 
						
							
							
								
								Do not use underscored config vars internally.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								6819ec8b54 
								
							
								 
							
						 
						
							
							
								
								Remove the underscored "sguil_base_dir" compatibility option.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								32e898f2e3 
								
							
								 
							
						 
						
							
							
								
								Convert config entries using underscores to dashes and emit deprecation warnings.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								33d8453581 
								
							
								 
							
						 
						
							
							
								
								Added Shadowserver plugin.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								2197f1a625 
								
							
								 
							
						 
						
							
							
								
								file-inspection: split 'file' output module into file-store and file-log. Store stores files. Log logs json records.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								8b1333a277 
								
							
								 
							
						 
						
							
							
								
								Add more flow lock assertions to the debug validation code.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								5ba41c7890 
								
							
								 
							
						 
						
							
							
								
								Fix locking error in filestore handling. Add debug validate check for asserting a flow is locked.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								25123b2044 
								
							
								 
							
						 
						
							
							
								
								Added license.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								c63017b2cc 
								
							
								 
							
						 
						
							
							
								
								Added some installation instructions to file_processor REAMDE.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								4030840212 
								
							
								 
							
						 
						
							
							
								
								Added contrib folder with file_processor utility which is a plugin framework for reading the files-json.log and processing and taking action based on the files observed.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								28d88746e4 
								
							
								 
							
						 
						
							
							
								
								Fix compiler warning and silence complaining unittests.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								860971eca0 
								
							
								 
							
						 
						
							
							
								
								Misc afpacket changes.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								8e48a2edfd 
								
							
								 
							
						 
						
							
							
								
								Fix NULL dereference in PacketPatternSearchWithStreamCtx code.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								34b3f19465 
								
							
								 
							
						 
						
							
							
								
								af-packet: Implement zero copy  
							
							... 
							
							
							
							This patch adds support for zero copy to AF_PACKET running mode.
This requires to use the 'worker' mode which is the only one where
the threading architecture is simple enough to permit this without
heavy modification. 
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								3593cb051e 
								
							
								 
							
						 
						
							
							
								
								decode: add PacketSetData funtion  
							
							... 
							
							
							
							This patch adds a function which can be used to set the payload
of a packet when a zero copy mode is used. 
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								49b7b00fcf 
								
							
								 
							
						 
						
							
							
								
								af-packet: mmap support  
							
							... 
							
							
							
							This patch adds mmap support for af-packet. Suricata now makes
use of the ring buffer feature of AF_PACKET if 'use-mmap' variable
is set to yes on an interface. 
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								697e9e660f 
								
							
								 
							
						 
						
							
							
								
								Config should be set up in sysconfdir/suricata. Add reference to oinkmaster guide.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								73a1b97267 
								
							
								 
							
						 
						
							
							
								
								Improve config details overview at the end of configure.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								b2ebd4a138 
								
							
								 
							
						 
						
							
							
								
								build: enable af-packet by default  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								ef46345792 
								
							
								 
							
						 
						
							
							
								
								Add sexy information messages to configure output.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								5ea1b1d15e 
								
							
								 
							
						 
						
							
							
								
								Fix PCRE-JIT message  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								65b26e6ae5 
								
							
								 
							
						 
						
							
							
								
								Remove autogen.sh generated files.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								338608842e 
								
							
								 
							
						 
						
							
							
								
								Improve output  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								4c3f0b258e 
								
							
								 
							
						 
						
							
							
								
								del rules file deleted  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								25804f5aa8 
								
							
								 
							
						 
						
							
							
								
								Add install-conf command to build system.  
							
							... 
							
							
							
							This patch adds support for customisation of suricata.yaml and
automatic download of emerging threat GPL rules. By running
'make install-full' after 'make install', files necessary to run
suricata are copied in the configuration directory and the latest
ruleset is downloaded and installed. Suricata can then be run
without files edition.
This patch has a special treatment for the windows build which
requires some different paths.
suricata.yaml is also updated to load all rules files provided by
emergingthreat ruleset. 
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								3702a33ae9 
								
							
								 
							
						 
						
							
							
								
								file-inspection: support POST requests that do not use multipart.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								64827e3864 
								
							
								 
							
						 
						
							
							
								
								file-inspection: use filename= value from Content-Disposition where available to determine the filename in GET requests.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								6585cb89d3 
								
							
								 
							
						 
						
							
							
								
								Fix UtilMiscParseSizeStringTest01 unittest on 32 bit.  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								35435f3284 
								
							
								 
							
						 
						
							
							
								
								All http_http_stat_code modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_STAT_CODE. Also remove dummy match/free functions for stat code and stat msg  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								507e1b66e0 
								
							
								 
							
						 
						
							
							
								
								All http_http_stat_msg modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_STAT_MSG  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								059ee217ff 
								
							
								 
							
						 
						
							
							
								
								All http_http_raw_uri modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_RAW_URI  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								b1a0d35106 
								
							
								 
							
						 
						
							
							
								
								All http_http_cookie modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_COOKIE  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								49bdad9345 
								
							
								 
							
						 
						
							
							
								
								All http_http_method modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_METHOD  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								97d8fc9cba 
								
							
								 
							
						 
						
							
							
								
								All http_http_raw_header modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_RAW_HEADER  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								97308674ee 
								
							
								 
							
						 
						
							
							
								
								All http_http_header modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_HEADER  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								1acb7cdc7d 
								
							
								 
							
						 
						
							
							
								
								All http_server_body modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_SERVER_BODY  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								a5b46e727c 
								
							
								 
							
						 
						
							
							
								
								All http_client_body modified patterns now are DETECT_CONTENT and not DETECT_AL_HTTP_CLIENT_BODY  
							
							
							
						 
						
							14 years ago  
				
					
						
							
							
								 
						
							
							
								4810ee9c5f 
								
							
								 
							
						 
						
							
							
								
								All uricontent modified patterns now are DETECT_CONTENT and not DETECT_URICONTENT. Step towards unifying all content based patterns. Makes way for easier management of patterns  
							
							
							
						 
						
							14 years ago