aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,463 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c6ddcda7f8'
${ noResults }
Commit Graph

1463 Commits (c6ddcda7f8a67f40eb56aea72204520443bc3222)
 

Author SHA1 Message Date
Victor Julien cdc9570f0e Have the detect.alerts counter count actual alerts. 15 years ago
Anoop Saldanha bbb5bf5c51 allow counters clubbing for detect TM 15 years ago
Victor Julien cb94748dab Add missing include resulting in a compiler warning. 15 years ago
William Metcalf 0e4235cc94 FLOW_DESTROY added to clean-up UT's that init flow 15 years ago
William Metcalf 9f0bf35cfd Set -std=gnu99 CFLAG always and Use -march=native by default if supported by installed version of gcc 15 years ago
Victor Julien 2f29b8a724 Improve detection of app layer, making sure we only handle app layer on 'established' packets. Should really fix #166. 15 years ago
Victor Julien 37442a8a84 Prefilter signatures before fully scanning them. 15 years ago
Anoop Saldanha 60668fd01d Reset the flags used during stateful detection in ContinueDetection(). Made the tests more descriptive as well 15 years ago
Anoop Saldanha bb8937477d dce tests to check SigMatchSignatures()'s working against new dce transactions 15 years ago
Victor Julien d6709b0961 Fix a segv caused by invalidly accessing the smsg_pmq array. 15 years ago
Victor Julien 8cea3779fa Move dce payload inspection to stateful detection engine. 15 years ago
Anoop Saldanha 015385c6bd changes to the dce parser stub data processed var. changed to stub data fresh var to indicate if the stub is fresh or not 15 years ago
Anoop Saldanha 45ea0d914e dce stub content keywords support using dcepayload.c support for all dce related content keywords 15 years ago
Anoop Saldanha 98433f407c dce rpc stub data held in separate buffers for request and response pdus 15 years ago
Victor Julien 31261e7583 Improve B2g performance by merging pattern array and hash. 15 years ago
Victor Julien 83b2c8abdb Improve stateful uri detection code. 15 years ago
Victor Julien 9dd753b5f3 Scan uricontent mpm on demand. 15 years ago
Victor Julien dd88e46f0c Fix detect engine state unittest, add another. 15 years ago
Victor Julien e8fce5f7fa Convert uricontent scanning to use the detect engine state. 15 years ago
Jason MacLulich 835630efbd Add initial support for reading packets from a DAG card, we only support reading from a single stream at this time. 
Use the --dag <dagname> cmd line option to specify from which DAG card to read pkts
from.

Issue at the moment with pkts being ejected during shutdown -- at the moment we
ignore any packets that are not of link type Ethernet.
 15 years ago
Victor Julien 49d68169ea Allow the user to disable setting cpu affinity and allow configuring the number of detect threads relative to the number of CPU's/CPU cores. 15 years ago
Victor Julien cb0bb668eb Add support for retrieving float and double variables from the configuration. 15 years ago
Victor Julien b60d2c4345 Fix flags mixup issue in the app layer. 15 years ago
Victor Julien ba12f3c109 Applayer to flow fixes and cleanups. 15 years ago
Pablo Rincon 8cc525c939 UDP support at AppLayer message handling 15 years ago
William Metcalf e07e9e16ae Updates to allow for disabling options based on Pierre Chifflier's patch 15 years ago
Pierre Chifflier 4e84ffe2ea Fix autoconf code for Prelude option (Fix: #175) 
Third and forth arguments of AC_ARG_ENABLE are the actions to be done
if option was specified (respect. not given), NOT if option
is true (false).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 15 years ago
Ondrej Slanina 6bf7d76005 added possibility to run suricata as WIN32 service 15 years ago
William Metcalf cc76aa4bc6 properly init flows inside of unit-tests caused lock-up when falling back to using mutex locks 15 years ago
Victor Julien a24f288074 Moving the stream content scanning to have it's own mpm ctx. 15 years ago
Victor Julien 9a08d6c11c Fixes to stream pattern matching. 15 years ago
Victor Julien a0c1209a44 Inspect the reassembled stream together with the packet payload in the same direction. 15 years ago
Victor Julien 9f95ab7441 Make sure a stream that has a failing app layer inspection module no longer stops reassembly, but only app layer inspection. This way we can continue to inspect the reassembled stream. 15 years ago
Victor Julien 81f2499834 Store stream msgs processed by the app layer in the tcp session so they can be inspected by the detection module as well. The detection module returns them to the pool. 15 years ago
Victor Julien 3005297af2 Check for being properly setup before activating a thread. Fixes a potential although unlikely null-dereference. 15 years ago
Victor Julien 6c6e6321fc Fix HTTP HEAD detection code. 15 years ago
Victor Julien fdd0f3939e Reduce size of event bit array in the packet structure. 15 years ago
Victor Julien c26434fef1 Move flow use cnt to atomic and outside of the flow mutex protection. 15 years ago
Victor Julien 87345e5c60 Switch flow memuse counter to the atomic api. 15 years ago
Victor Julien 749fc2613d Add subtracktion wrapper to the atomic api. 15 years ago
Victor Julien 3484e2abde Fix flow engine memory handling. 15 years ago
Victor Julien 4dd0169499 Fix detection_filter issue. 15 years ago
Victor Julien 4c3e17d4ab Fix thresholding issues. 15 years ago
Ondrej Slanina 79443b1991 added INT and TERM signals on WIN32 15 years ago
Pablo Rincon b491ef2be0 Removing FlowAllocDirect since it's not needed anymore 15 years ago
Victor Julien 2fd31a1a11 Remove dsize grouping from detection engine grouping reducing memory usage. Store sgh in flow to reduce lookups. Reduce locking in alert handling. Increase default grouping values as we use less memory. 15 years ago
Victor Julien b657705d8c Fix pcap file mode not shutting down on ctrl-c 15 years ago
Victor Julien dff6795df5 Detect cleanups. 15 years ago
Victor Julien 8e7b147a23 Fix a endless loop condition introduced by the threshold cleanup. 15 years ago
Victor Julien d470e11352 Disable flowbits stats. 15 years ago