suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	bac37fc9ae	detect state: reorganize flags List the common non-buffer specific flags on top.	9 years ago
Victor Julien	f1e3840516	http_response_body: implement keyword with mpm Implemented as 'stickybuffer'.	9 years ago
Victor Julien	4c98b6cef3	http_request_line: implement keyword and mpm Implemented as 'stickybuffer'. Move all logic into the keyword file and remove bad tests that tested URI instead of request line.	9 years ago
Victor Julien	960461f4db	fast_pattern: register app layer mpms automatically Allow for duplicate registrations for the same list. After the first registration new calls will be ignored.	9 years ago
Victor Julien	6dd4dff7b2	mpm: remove empty app_mpms table	9 years ago
Victor Julien	e68b2214e5	tls: register mpm from keywords	9 years ago
Victor Julien	57ae3c43e5	dns_query: register mpm from keyword	9 years ago
Victor Julien	a1a2187a0c	http_cookie: register mpm from keyword	9 years ago
Victor Julien	74661449e0	http_raw_host: register mpm from keyword	9 years ago
Victor Julien	b5cd4889ae	http_host: register mpm from keyword	9 years ago
Victor Julien	91695c81aa	http_client_body: register mpm from keyword	9 years ago
Victor Julien	644d4dc61b	http_stat_code: register mpm from keyword	9 years ago
Victor Julien	cf96db095a	http_stat_msg: register mpm from keyword	9 years ago
Victor Julien	43b281a510	file_data: register mpm from keyword	9 years ago
Victor Julien	6d0632a9c6	http_method: register mpm from keyword	9 years ago
Victor Julien	e4ea38a8de	http_raw_header: register mpm from keyword	9 years ago
Victor Julien	7813a834d0	http_user_agent: register mpm from keyword	9 years ago
Victor Julien	7b98c0073f	http_header: register mpm from keyword	9 years ago
Victor Julien	38e018e2d3	http_raw_uri: register mpm from keyword	9 years ago
Victor Julien	7289d12f1b	http_uri: register mpm from keyword	9 years ago
Victor Julien	5b2e36a1b0	mpm: add App Layer MPM registery Register keywords globally at start up. Create a map of the registery per detection engine. This we need because the sgh_mpm_context value is set per detect engine. Remove APP_MPMS_MAX.	9 years ago
Victor Julien	ae5846b4de	detect: simplify content inspection types Instead of a type per buffer type, pass just 3 possible types: packet, stream, state. The individual types weren't used. State is just there to be not packet and not stream.	9 years ago
Victor Julien	e1eb481647	prefilter: cleanup and optimization	9 years ago
Victor Julien	dba14b676c	profiling: more prefilter profiling	9 years ago
Victor Julien	125603871b	detect: config opt to enable keyword prefilters	9 years ago
Victor Julien	36f713c8d4	prefilter: in profiling print totals	9 years ago
Victor Julien	2e878c2024	prefilter: alloc CLS aligned memory	9 years ago
Victor Julien	732921922a	detect mpm: consider sgh direction when adding rules	9 years ago
Victor Julien	9bb12ccb27	prefilter: move payload engines into separate list	9 years ago
Victor Julien	e3b98d5bbf	detect-ack: extra match support	9 years ago
Victor Julien	a41bf2ae14	detect-seq: extra match support	9 years ago
Victor Julien	a1accbbaf0	detect-ttl: extra match support	9 years ago
Victor Julien	a270dfa008	detect-id: extra match support	9 years ago
Victor Julien	fbb0490c31	detect-dsize: extra match support	9 years ago
Victor Julien	34e3484dad	detect-flags: prefilter extra match support	9 years ago
Victor Julien	ace8f9f5df	detect-flow: prefilter extra match support	9 years ago
Victor Julien	e2eb9f8ede	prefilter: add 'extra match' logic to packet engines Many of the packet engines are very generic. Rules are generally more limited. A rule like 'alert tcp any any -> any 888 (flags:S; sid:1;)' would still be inspected against every SYN packet in most cases (it depends a bit on rule grouping though). This extra match logic adds an additional check to these packet engines. It can add a check based on alproto, source port and dest port. It uses only one of these 3. Priority order is src port > alproto > dst port. For the ports only 'single' ports are used at this time.	9 years ago
Victor Julien	9187c20782	detect mpm: negated setup fix	9 years ago
Victor Julien	5537e25f38	detect-icmp-id: prefilter	9 years ago
Victor Julien	fbe7e0aaeb	detect-icmp-seq: prefilter	9 years ago
Victor Julien	3a86aeac65	detect-icode: implement as u8 hash prefilter	9 years ago
Victor Julien	6a3917b375	detect-itype: implement as u8 hash prefilter	9 years ago
Victor Julien	f5d2166e23	detect-id: implement prefilter	9 years ago
Victor Julien	d5e5c11bd1	detect-icode: implement prefilter	9 years ago
Victor Julien	10f8e636d6	detect-itype: implement prefilter	9 years ago
Victor Julien	b88c0a56b9	detect-ttl: implement prefilter	9 years ago
Victor Julien	9ce300620e	detect-seq: implement prefilter	9 years ago
Victor Julien	822e034753	detect-flow: implement prefilter	9 years ago
Victor Julien	14b0537f95	prefilter: implement basic prefilter priority order	9 years ago
Victor Julien	4104f8c066	detect-fragoffset: implement prefilter	9 years ago

1 2 3 4 5 ...

7286 Commits (bac37fc9ae5e3469652fda2ef268de617de485dd) All Branches Search

7286 Commits (bac37fc9ae5e3469652fda2ef268de617de485dd)

All Branches