aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,186 Commits
7 Branches
155 Tags
197 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4427e81ec'
${ noResults }
Commit Graph

2186 Commits (b4427e81ec962533384114786731138e2ec53dd5)
 

Author SHA1 Message Date
Eric Leblond 482991ad6d decode: add support for SCTP protocol 
This patch adds a new counter for SCTP and defines some
macros needed for SCTP support.
 14 years ago
Eric Leblond 8be92fdd99 SCTP support: add parsing of sctp 
This patch adds support of SCTP in all part of the code in charge
of decoding packets.
 14 years ago
Eric Leblond e1d966eaf6 Makefile: add sctp files to build 
This patch simply adds decode-sctp files to the compilation.
 14 years ago
Eric Leblond b69fd02284 decode sctp: basic SCTP decoding. 
This files are basically a dummy conversion of UDP one. It
provides basic decoding (source port and destination port).
There is no chunk hanldling which means that suricata regexp
will match on all packet content except initial header and not
only on userspace data.
 14 years ago
Eric Leblond 17af1ca123 decode-event: Add SCTP event 
Almost empty now, because the only definition is packet
too small.
 14 years ago
Victor Julien 987ce57a02 Wrap a number of BUG_ON's in the detection engine in DEBUG ifdefs as the conditions they check for are not serious enough to abort the engine. 14 years ago
Victor Julien a3303fcf9d Rename request-body-limit to request_body_limit to remain consistant with other options. Keep old notation around for compatibility. 14 years ago
Victor Julien 0d6d0ae371 Increase logline max length. 14 years ago
Victor Julien c617d7cbfd Update pfring doc. 14 years ago
Victor Julien 6047a9b562 Improve byte to numeric value error reporting and testing. 14 years ago
Victor Julien b233105cc2 Fix a issue in stream reassembly causing the segment list getting into a inconsistent state. 14 years ago
Eric Leblond 4e9231266a Compilation fix for OpenBSD and win32. 
This patch fixes compilation on OpenBSD platform. It is running
fine on a pcap file. The patch should also fix compilation on
WIN32 platform but this is not tested.
 14 years ago
Victor Julien a8db8b334b Remove debug stream testing code from non-debug builds. 14 years ago
Victor Julien 477bc1d050 Set DROP flag on a packet in addition to the REJECT flags. This makes sure we not only send a reject, but also drop the offending packet. Closes #248. 14 years ago
Pablo Rincon fb5fb3ab3f IPOnly module fix for building stage. Radix Tree fix inserting diferent netmask user datas 14 years ago
Pablo Rincon 35c168ab03 Fix CPU_* macros for Mac OS X 14 years ago
Eric Leblond 91213d5ec8 Add option to run_check script 
If given an argument run_check.sh will test this file against
the cocci patches.
 14 years ago
Eric Leblond 0cf05856d0 Fix Packet usage. 
This patch suppresses remaining direct access to pkt and pktlen in the
Packet structure.
 14 years ago
Eric Leblond 12369b4393 Coccinelle: test invalid Packet usage 
This coccinelle patches is checking that there is no direct
use of p->pkt or p->pktlen in the code. This variable must be
acceded via GET_PKT_* macros.
 14 years ago
Victor Julien cec7ece697 Don't print drop log on pseudo packet. 14 years ago
Victor Julien 1ace091bd4 Minor drop log cleanups. 14 years ago
Gurvinder Singh 7d0781b349 added support to log dropped packet as netfilter logs while in inline mode 14 years ago
Victor Julien 1681705e62 Don't print errors/warnings based on malformed traffic. 14 years ago
Anoop Saldanha 9845718138 fix detect-ssl-version.c unittests to accomodate new changes 14 years ago
Anoop Saldanha 95f9f2c28d minor indentation changes 14 years ago
Gurvinder Singh 8f8b1212af support for ssl_version keyword 14 years ago
Eric Leblond a8417377e7 Don't use direct pkt access 
pkt field in Packet needs to be accessed via macro. This
patch supress some direct access.
 14 years ago
Victor Julien addab7b5ee Don't test the several packet detection checks against pseudo packets as the matches would not be meaningful anyway. Prevents a segv in the csum detection. 14 years ago
Victor Julien a2465ffc1c Fix FreeBSD's compilation of the new affinity code. 14 years ago
Victor Julien b963890de1 Reenable SSE3 memcmp and switch AC memcmp to use the SCMemcmp wrapper. 14 years ago
Victor Julien 6f58ef13c4 Improve error cleanup in output function. Thanks to iswalker. 14 years ago
Eric Leblond 183af9ada5 Replace malloc by SCMalloc in util-mpm-ac 14 years ago
Eric Leblond c732351077 Replace free and malloc by SC functions. 14 years ago
Victor Julien 35b938a8db Don't pass config to unittests run in make check. 14 years ago
Eric Leblond 0044bb221b Add suricata unittests to 'make check' 
This patch adds a run of suricata's unittests to 'make check'
 14 years ago
Eric Leblond 7c841e1d7c Add coccinelle check to 'make check' 
This patch adds coccinelle checking to the autotools
'make check'.
 14 years ago
Eric Leblond d151314b4d Import coccinelle test 
This is a import of two coccinelle patches that detect problem
on Packet handling. They are run on all commited C files in src
by the script run_check.sh.
 14 years ago
Eric Leblond 66a15e2d6d Fix some Packet initialisation. 
This patch fixes Packet initialisation. In some place the pkt field
was not set after a memset used to zero the structure and this could
lead to some problems.
 14 years ago
Anoop Saldanha 8e95884333 Use normal memcmp in ac. Improves perf 14 years ago
Martin Beyer 66d496c255 Added case sensitive unit test to util-mpm-ac 14 years ago
Anoop Saldanha 79b9eba0f0 fix case sensitive bug in ac 14 years ago
Victor Julien 1c7b7a01a6 Add option to set the syslog level for the alerts. Minor cleanups. 14 years ago
Gurvinder Singh e5edc6e8e3 add the support to log the fast.log alerts type to syslog 14 years ago
Victor Julien d424ac7c61 Fix nfq lockup due to improper handling of PKT_PSEUDO_STREAM_END packets. 14 years ago
Victor Julien c9f9e3f9a4 Add configure check for signed or unsigned nfq_get_payload, adapt code. 14 years ago
Eric Leblond aedb61b7d2 affinity: lock get next cpu function 
The function getting next CPU to use need to be locked as init of
the threads are done concurrently.
 14 years ago
Eric Leblond 0b5e5b8772 affinity: change config format and misc fixes 
This patch fixes some problem with affinity work and modify the
configuration file format.

For example, the detect cup set can be formatted as follow:
     - detect_cpu_set:
        cpu: [ "all" ]
        mode: "exclusive" # run detect threads in these cpus
        prio:
          low: [ 0 ] # threads on CPU 0 have low prio
          medium: [ "1-2" ] # threads on CPU 1 and 2 have medium prio
          high: [ 3 ] # threads on CPU 3 have high prio
          default: "medium" #default priority is "medium"
 14 years ago
Eric Leblond 2600d203cc Fix typo in configure.in 
Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond c74116949c source-nfq: improve nfq option system 
This patch modifies the NFQ option system to avoid implicit
choice. 'nfq.mode' is now a string which can take a value
in the 'accept', 'repeat' and 'route' set.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago
Eric Leblond 94596ff282 source-nfq: add queue redirect support 
This patch adds the support of queue redirect. If 'next_queue'
variable is set, the verdict sent to kernel is modified to contain
the indication of a queue number (equal to 'next_queue') which will
receive the packet after the verdict. This feature can be used to
chain easily tools using NFQUEUE.

Signed-off-by: Eric Leblond <eric@regit.org>
 14 years ago