aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,178 Commits
8 Branches
163 Tags
196 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b90a56b626'
${ noResults }
Commit Graph

4178 Commits (b90a56b626d5bd6f6abc77bbc9ebb54d2ce49ae2)
 

Author SHA1 Message Date
Victor Julien 40a5ce8f5f Change logic of SCErrorToString causing any missing entries to result in a compiler warning. 13 years ago
Anoop Saldanha 71ffed5128 Handle the case of pcre combined with a relative content, where pcre has the 
set to match from start of line and we discontinue matching on not finding
match.
 13 years ago
Anoop Saldanha aa363a8144 unittest to display #784. 13 years ago
Eric Leblond 26b7af1483 Don't try to sniff 'default' interface 
Whan running suricata via 'suricata --af-packet', the list of interfaces
was containing the 'default' interface and sniffing it was attempted.
This was not wanted.
 13 years ago
Eric Leblond 539de3f5ea bpf filter: use SCLogError instead of fprintf 13 years ago
Eric Leblond b7e78d33b1 af-packet: warn about BPF filter consequence in IPS mode 
This patch add a message to warn user about the impact of using a
BPF filter in IPS mode.
 13 years ago
Eric Leblond dfbb31df8a Exit if bpf is used in IPS mode 13 years ago
Eric Leblond 6913109bf3 configure: use correct syntax for help string 13 years ago
Eric Leblond 7d706563ef configure: add --enable-unix-socket flag 
This new flag allows the user to force unix socket build or to
disallow it completely. Default which is test is maintained.
 13 years ago
Eric Leblond 0470c0f678 jansson: change function test to be sure of version 13 years ago
Victor Julien 106e38d20b Update version number of bundled htp to 0.2.12, so it matches the non-bundled version. 13 years ago
Victor Julien ce99a07582 After some discussion we decided that var declarations inside a for statement are not in line with our coding style. So removing a bunch. Decision was not unanimous ^^. 13 years ago
Anoop Saldanha 8bf034e8c4 Live rule swap logs added to report SigLoadSignatures() failure. Also set 
thread_closed flag on exit for live swap thread.
 13 years ago
Anoop Saldanha a3212f6a0f Minor fixes against the last set of patches for #564, 565, 581 + fp automation. 
Rename struct DetectFigureFPAndId_t_ to DetectFPAndItsId_ and move it's
definition from inside the function where it's used to the global namespace,
as requested on #suricata.

Rename DetectEngineContentModifiedBufferSetup to DetectEngineContentModifierBufferSetup.

Also rename DetectFigureFPAndId() to DetectSetFastPatternAndItsId().

Updated DetectSetFastPatternAndItsId() to not exit on failure and return error.
 13 years ago
Anoop Saldanha 6de8b1ed53 fix for #564. 
Get rid of the hash table, and use a single-one_time_alloc'ed array for
pattern id assignment.
 13 years ago
Anoop Saldanha f58c6589b4 We now print content flags in engine fp analyzer. 13 years ago
Anoop Saldanha e77fd1c883 We now assign ids to fp patterns only. Rest of them don't need one. 13 years ago
Anoop Saldanha 4c6efa2d40 Update content id assignment. 
All fp id assignment now happens in one go.
Also noticing a slight perf increase, probably emanating from improved cache
perf.
Removed irrelevant unittests as well.
 13 years ago
Anoop Saldanha 60be1751d5 Figure out sig fp during validation stage, instead of staging stage. 13 years ago
Anoop Saldanha 45ff67a2e0 Enable a conf option to enable/disable legacy keywords. 
Currently, uricontent is declared a legacy keyword, and is enabled by default.
 13 years ago
Anoop Saldanha 601836d831 Fast pattern setup now configurable in our code. 
You can either enable/disable fp for a particular type + set priority.
 13 years ago
Anoop Saldanha c63317d02e Detect sm_list rearranged for performance reasons. 13 years ago
Anoop Saldanha f8ae53ac02 Further customize content modifier buffer registration. 
Allow modifier setups functions to have CustomCallbacks to enable their
internal conditions.
 13 years ago
Anoop Saldanha a304a98d1d http_* setup unified. 13 years ago
Anoop Saldanha 434bdca9e2 uricontent simplified to use the existing content + http_uri infrastructure. 13 years ago
Anoop Saldanha 0b5d277254 code cleanup for all content based keywords. 13 years ago
Anoop Saldanha 51dcf19817 turn dce_stub_data into a sticky buffer. 13 years ago
Anoop Saldanha a308d718ae Allow the use of relative without the presence of a related previous keyword. 13 years ago
Victor Julien 4845631335 tcp stream: don't move to LAST_ACK on toserver resent of FIN 13 years ago
Victor Julien 3163243a55 Coverity 989710 and 989711: small recourse leaks in filemd5 parsing code. 13 years ago
Anoop Saldanha 12e4105dc3 fix for #770. 
Invalidate sigs with negative depth.
 13 years ago
Anoop Saldanha d041b98d95 fix for #771. 
Fix /etc/protocols parsing.  Remove trailing newspace stored under some cases.
 13 years ago
Victor Julien 37c80ea508 If an IP-only pass rule matches, set the no inspect flag for that flow. Bug #718. 13 years ago
Anoop Saldanha 75130f9702 fix for #769. 
Packet inserted by live swap flagged as pseudo packet.
 13 years ago
Victor Julien 274641abc2 Fix valgrind error/warning in ip reputation parsing code 13 years ago
Anoop Saldanha c6ec23ca87 fix for #758. Add redmine wiki link and desc for icmp-id keyword. 13 years ago
Victor Julien 04d7d00df6 Try to use pkg-config to resolve libnspr and related dependencies. 13 years ago
Christian Kreibich cb8e5bc533 Try to use pkg-config to resolve libnss and related dependencies. 13 years ago
Victor Julien eeb439c1a3 Open 2.0 dev branch 13 years ago
Victor Julien b66af2c2ed nfq: add missing error string 13 years ago
Eric Leblond 7ec820d3ab Fix potential Null deref. 13 years ago
Victor Julien 8924d7598d Fix potential iprep file parsing issue (2). 13 years ago
Victor Julien 754ae8a1be Fix potential iprep file parsing issue. 13 years ago
Victor Julien 1b363ecb1d Fix test AddressTestParse36 on Big Endian systems 13 years ago
Anoop Saldanha 0febe5a410 fix for #760. 
If udpv4 csum isn't calculated, udpv4-csum detection shouldn't run on the
csum.
 13 years ago
Anoop Saldanha ce7d78dd69 fix for #725. 
Update trec_len, trec_pos to 32 bits from 16 bits.
Handle handshakes that are fragmented across records.
 13 years ago
Anoop Saldanha c6d50764e5 temporarily patched smb + dcerpc parsers for direction demaraction. 13 years ago
Eric Leblond 5b067e1abb pcap-file: treat the case of unsupported pcap link 
In unix socket mode, Suricata was stopping processing pcap files
when a pcap file with an unsupported datalink was treated. This
patch updates error handling to allow Suricata to treat other
pcap files.
 13 years ago
Eric Leblond 350d761961 af-packet: leave reading loop at each turn 
The idea of this patch is to be sure to leave the ring reading loop
enough to be able to sync counters. This should fix #706.
 13 years ago
Jason Ish eae4de9850 Replace the deprecated AM_CONFIG_HEADER with AC_CONFIG_HEADERS. 
Addresses bug #704 for building on a Mac.  More generically
it addresses the issue building using newers versions of automake.
 13 years ago