aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,717 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b8071a9eb0'
${ noResults }
Commit Graph

14717 Commits (b8071a9eb0b1882178f7280936d6df577945232d)
 

Author SHA1 Message Date
Philippe Antoine 656cddcf65 detect: http_client_body for HTTP2 
By using the file.data logic

Ticket: #4067
 2 years ago
Philippe Antoine 6b32bc459b detect: http.response_body for HTTP2 
Already using the file.data logic

Ticket: #4067
 2 years ago
Philippe Antoine 5391f0a8a0 detect: http_response_line for HTTP2 
Ticket: #4067

Synthetized as HTTP/2 <STAT>\r\n
 2 years ago
Philippe Antoine 0dca8cc796 detect: http_request_line support for HTTP2 
Ticket: #4067

Synthetized as <METHOD> <URI> HTTP/2\r\n
 2 years ago
Philippe Antoine 22fb385e23 detect: http_stat_msg supported for HTTP2 
By providing a constant empty buffer

Ticket: #4067
 2 years ago
Philippe Antoine c00c345123 detect: support http.protocol for HTTP2 
Ticket: #4067

By having a synthetic constant HTTP/2 buffer
 2 years ago
Victor Julien 1c182de468 dpdk: support capture timeout support 
To not inject too many packets, simulate a 100ms timeout based on
af-packet's 100ms poll() timeout.

Bug: #6064.
 2 years ago
Jason Ish 13fe957b7e rust/doc: wrap some code examples in backticks 2 years ago
Victor Julien d4c60924f1 rust/doc: fix doc compile issues 2 years ago
Jason Ish cc3f3a0a72 github-ci: fix rust check by fixing git directory permissions 
Due to the update to AlmaLinux 9.2, a new version of git with stricter
permissions was introduced.  Mark the directory as safe as we have
done in other builds with newer versions of it.
 2 years ago
Jeff Lucovsky e75bacd19e dataset: Address compile-time error 
This commit fixes an issue with using a `in_addr` when an IPv6 structure
should be used.
 2 years ago
Victor Julien 36f6e05155 counters: make tcp stats independent of flow, ssn 
Counters depended on availability of flow and tcp session, meaning
that 2 memcaps could affect the counters.

Bug: #5017.
 2 years ago
Victor Julien 0360cb6542 stream: update no-flow checks 2 years ago
Alex 60902236e4 build: harden rust.yml permissions 
Signed-off-by: Alex <aleksandrosansan@gmail.com>
 2 years ago
Jason Ish b0c329da04 doc/userguide: provide more RPM doc 
- Address the various RPM distributions
- User info
- Systemd info

Related issue: #5884
 2 years ago
Eloy Pérez González b3c7130749 krb5: update krb5_msg_type keyword docs 2 years ago
Eloy Pérez González ed91d689f2 krb5: use req_type instead of msg_type to get request type 2 years ago
Eloy Pérez González a9b7241417 krb5: set msg_type for KRB-ERROR messages to MessageType::KRB_ERROR 2 years ago
Eloy Pérez González 511dbfe171 krb5: add AS-REQ and TGS-REQ transactions 
Fix bug in ticket #4529
 2 years ago
Lukas Sismis f751c93cb8 dpdk: warn about processing segmented DPDK mbufs 
Segmented mbufs should never happen in Suricata.
Mbuf segmentation divides the received packet into multiple
mbufs. This can happen when MTU of the NIC is larger than
the allocated mbufs in the mbuf mempool. As Suricata sets the size
of the mbuf to be slightly higher than the configured MTU, mbuf
segmentation should never happen in Suricata. This is especially
true, if Suricata runs as a primary process and configures the
packet source (NIC).

Processing segmented mbufs can lead to missed/false
(pattern-matching) detections as Suricata only inspects the first
segment of the packet. It can also lead to segfault if Suricata
moves the detection window out of the segment boundaries.
 2 years ago
Lukas Sismis d421d42411 dpdk: query device stats only with one worker 
Function rte_eth_stats_get is not thread-safe and
the result is only used by one thread.
Running with multiple workers led to very high values in rx_missed
counters (buffer-overflow-like behavior).

Ticket: #6006
 2 years ago
Lukas Sismis 1c3cb1e8cc docs: refactor DPDK docs and add performance tuning section 
Ticket: #5857
Ticket: #5858
 2 years ago
Lukas Sismis 03319263db docs: wrap DPDK doc section at 80 chars 2 years ago
Lukas Sismis d0bf3ba638 dpdk: add configure option 
Ticket: #5859
 2 years ago
Lukas Sismis a331726eef dpdk: update version checking to DPDK-intended version checking API 
Ticket: #5937
 2 years ago
Lukas Sismis b6f7693e86 dpdk: release mempool after the device is closed 
Ticket: #5936
 2 years ago
Lukas Sismis 15a61f02a0 dpdk: fix multibit comparison 
Ticket: #5925
 2 years ago
Lukas Sismis 95abe11a92 dpdk: fix DPDK API change on NUMA/socket retrieval 
Ticket: #5923
 2 years ago
Thomas Norheim 5cfbdcab32 threshold: fixed example rules to match description 2 years ago
Victor Julien fa3f16ec75 threading: wait for flow housekeeping at shutdown 
Flow house keeping can accumulate work that wasn't taken into account
during shutdown. This could lead to flows still in the flowworker
thread context when being it was freed, leading to missed work and
memory leaks.

This patch adds a new way of checking if a thread module is still
busy.

Bug: #6062.
 2 years ago
Victor Julien d333dffdcb flowworker: flush local work queue on capture timeout 
Capture timeout means no packets have been received for some
time, so this is a good time to flush out all work.
 2 years ago
Victor Julien 55e32b2544 flowworker: rate limit flow queue processing 
Until this patch the logic the flow worker flow house keeping used was:
- at most 2 flows are handled per packet
- pseudo packets could flush the entire queue

This patch changes that. Pseudo packets are fairly common, and can lead
to packet stalls / latency spikes if the number of flows in the queue
is large.

It does that by adding a new packet type only used at shutdown, which
flushes out the queues completely. All other packets will now stick
to the 2 flow rate limit.
 2 years ago
Scott Jordan 04d3584889 datasets: bugfix to load ip types from yaml 2 years ago
Victor Julien 9a4231d737 src: various comment spelling fixes 
Thanks to Josh Soref.
 2 years ago
Victor Julien 8d016fe3ed dpdk: minor output fixup 
Thanks to Josh Soref.
 2 years ago
Victor Julien 197af37626 detect/parse: fix test spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien 74f5d080e6 stream: fix test code spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien 77862d503a dpdk: fix variable spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien 8e5e9a289b scripts: fix bundle script spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien f9276fdf00 rust: spelling fixes 
Thanks to Josh Soref.
 2 years ago
Victor Julien e3e0ff6edf commandline: fix help output spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien cdd3251982 snmp: fix spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien 9287320330 license: fixup file headers 
Thanks to Josh Soref.
 2 years ago
Victor Julien 0903536fd6 doc: spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien e120bf6aad changelog: spelling 
Thanks to Josh Soref.
 2 years ago
Victor Julien a6ccf63540 detect/csum: test cleanups 2 years ago
Victor Julien 80d873fad0 detect/content: test cleanups 2 years ago
Victor Julien 6487c689fd windivert: compile fixes 2 years ago
Victor Julien 74326a43e7 github-ci: add windivert build 2 years ago
Eric Leblond a73c9b0e40 output: target keys have port 
Update JSON schema to support signature with target keyword
 2 years ago