suricata

Commit Graph

Author	SHA1	Message	Date
Anoop Saldanha	c9af50ea0c	code cleanup - replace SigMatchAppendAppLayer with SigMatchAppendSMToList	14 years ago
Anoop Saldanha	420befb180	Changed my email address to anoopsaldanha at gmail dot com from my current one	14 years ago
Anoop Saldanha	9a6aef459e	modify all relevant app layer API calls to accomodate passing parser local storage argument	14 years ago
Victor Julien	06904c9024	App Layer cleanup Removal of per flow 'aldata' array. It contained a ptr for each ALPROTO. Instead now we have 2 ptrs in the flow: alparser and alstate. Various cleanups and dead code removal from the app layer API. Should safe 100+ bytes memory per flow on 64 bit. Updated lots of unittests to reflect these changes.	14 years ago
Victor Julien	1d971b53a6	Update all unittests	15 years ago
Anoop Saldanha	a7353be20d	replace all Signature->amatch instances in the engine with Signature->sm_lists[DETECT_SM_LIST_AMATCH]	15 years ago
Anoop Saldanha	067e53403c	add missing sig_app_layer flags for dce sigs	15 years ago
Victor Julien	f1ea68e316	Store the first frag flag in the uuid as the pfc_flags field is overwritten. Part of fixing #206 .	15 years ago
Victor Julien	4208bdf0f9	Fix unittest.	15 years ago
Victor Julien	fc248ca7a1	Many small performance updates.	15 years ago
Anoop Saldanha	fc37e9d6ee	add internal ids to uuids. Use these internal ids to match uuids from bind and bind_ack. Create a new uuid list to hold all accepted uuids. Modifications to dce-iface to accomodate these changes as well + unittests	15 years ago
Victor Julien	f081577fe4	Revert yesterday's dcerpc commits as there were to many corner cases for it to go into 1.0.1.	16 years ago
Anoop Saldanha	8c774a1e2a	fix 206. Keep a count of uuids that don't belong to the first frag. Change dce_iface to match against uuids based on any_frag setting	16 years ago
Victor Julien	1071a53210	Fix unittests after ip_proto keyword change.	16 years ago
Victor Julien	b8fec77f37	Fix tcp connections that are reset (RST packet) not always inspecting the reassembled stream. Update transaction id code to make sure both directions of a transaction are inspected before incrementing the inspect_id.	16 years ago
William Metcalf	0e4235cc94	FLOW_DESTROY added to clean-up UT's that init flow	16 years ago
Victor Julien	2f29b8a724	Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166 .	16 years ago
Pablo Rincon	8cc525c939	UDP support at AppLayer message handling	16 years ago
William Metcalf	cc76aa4bc6	properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks	16 years ago
Victor Julien	70b32f7380	First stab at creating a stateful detection engine. Stateful detection for app layer detection keywords, except uricontent. Stores it's partial results in the flow structure. Other modifications: - Generalize transaction tracking, logging and inspection. - Adapt http and dcerpc to use the new transaction handling. - Stream engine now always notifies app layer of a stream eof. This commit fixes bug #124.	16 years ago
Gerardo Iglesias Galvan	9f4fae5b1a	Fix inconsistent use of dynamic memory allocation	16 years ago
William Metcalf	ce01927515	Import of GPLv2 Header 050410	16 years ago
Victor Julien	91ed463314	Improve dce-iface keyword unittests.	16 years ago
Gurvinder Singh	69a4fee757	fixed the API and logic error reported by clang tool	16 years ago
Anoop Saldanha	e6af69e10e	fix for bug 114	16 years ago
Victor Julien	e6ba571c0b	Rename structures that don't adhere to our naming conventions.	16 years ago
Victor Julien	297001c6d9	Only process a app layer sig if it has the proper state. Make sure a sig can't have conflicting sigmatches, such as ftpbouce and uricontent.	16 years ago
Victor Julien	8b30226914	Detection keyword cleanup	16 years ago
Victor Julien	b259e362cd	Convert uricontent to use new scanning methods as well. Move http_method and http_cookie keywords out of pmatch list for now.	16 years ago
Pablo Rincon	25a3a5c6d8	Adding mem wrapper to debug runtime alloc()/free() functions. Fixing some memory leaks.	16 years ago
Gerardo Iglesias Galvan	ba6d807a6e	Improve information about errors on signature failure	16 years ago
Pablo Rincon	d0404d8447	Renaming errors with naming conventions	16 years ago
Pablo Rincon	ad2c136e8f	Renaming errors (naming conventions)	16 years ago
Victor Julien	6a53ab9c5a	Stream engine memory handling update The stream engine memory handling needed updating as it didn't scale. Changes: - pools can now be initialized to size 0, meaning unlimited - stream engine uses a memcap setting. Sessions, segments and aldata is part of this, app layer state isn't. - memory is accounted using a global int that is spinlocked. - a counter for sessions that have not been picked up because of memcap was added. - all reassembly errors are converted to debug msgs.	16 years ago
Kirby Kuehl	008de4321b	refactor dcerpc in prep for dcerpc over smb	16 years ago
Kirby Kuehl	f15ca04889	fix padding calculation and stubdata parser for dcerpc	16 years ago
root	5113636744	bind and bind_ack tracking	16 years ago
Victor Julien	18aa59b391	Fix compilation and a small memory error.	16 years ago
Anoop Saldanha	f684989f98	dce_iface, dce_opnum, dce_stub_data keyword support	16 years ago

39 Commits (c4cb37b8da441b2230a83d52955e8f0a2e6385b1)