aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,190 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd461c7888a'
${ noResults }
Commit Graph

7190 Commits (d461c7888ad3c08e8ea0c5abca418ecdd46640cd)
 

Author SHA1 Message Date
Victor Julien 499e27de14 offloading: restore settings on exit 9 years ago
Victor Julien 9d48720f9a af-packet: optionally disable offloading 9 years ago
Victor Julien 98092f63b5 offloading: Linux ethtool offloading support 9 years ago
Victor Julien bc370606fc pcap: optionally disable offloading 9 years ago
Victor Julien 723a14c0fe netmap: optionally disable offloading 9 years ago
Victor Julien 2780fba1d1 device: add global flag for disabling offloading 
Add global flag to disable offloading or just warn on it.
 9 years ago
Victor Julien 7004987670 offloading: preparation for disabling offload on BSD 
Add functions for setting IFCAP flags.
 9 years ago
Jason Ish 30c853a304 detect-ssl-state: use new unit test macros 9 years ago
Jason Ish 487cdda93d ssl: issue 1231 - support ssl state negation 
Snort compatible SSL state negation. Adds "," as a state
separator, but keeps "|" for compatibility with existing
Suricata rules.
 9 years ago
Jason Ish afc796a099 ssl: store current state separately from cumulative state 
The ssl_state keyword needs the current state, not the cumulative state
in order be compatible with Snort's implementation.
 9 years ago
Jason Ish 7ce196e3bf detect-pcre: use new unit test macros 9 years ago
Jason Ish 4cdcada397 pcre: fix missing quote in pcre unit test 9 years ago
Victor Julien f7481c4078 file-hashing: restore 'force-md5' 
We don't want to break existing setups.

Do issue a warning that a new option is available.
 9 years ago
Victor Julien 4426f3ff55 file: introduce common flags handling function 9 years ago
Victor Julien 2f5663dfe9 common: introduce BIT_U16 9 years ago
Duarte Silva 53ebe4c538 file-hashing: added configuration options and common parsing code 9 years ago
Duarte Silva 89eb935f73 file-hashing: added support for SHA-256 file hashing 9 years ago
Duarte Silva a6d928e269 file-hashing: added support for SHA-1 file hashing 9 years ago
Duarte Silva 188b382c46 file-hashing: common code added 
Moved and adapted code from detect-filemd5 to util-detect-file-hash,
generalised code to work with SHA-1 and SHA-256 and added necessary
flags and other constants.
 9 years ago
Mats Klepsland f1b550d973 tls: add unit tests for tls_cert_issuer 9 years ago
Mats Klepsland 20b41567d9 tls: add unit tests for tls_cert_subject 9 years ago
Mats Klepsland 4172c4c8ac tls: add (mpm) keyword tls_cert_subject 
This keyword is a replacement for tls.subject.
 9 years ago
Mats Klepsland 9b2717799c tls: add (mpm) keyword tls_cert_issuer 
This keyword is a replacement for tls.issuerdn.
 9 years ago
Victor Julien f1117ba2dc iponly: fix unittests 9 years ago
Victor Julien 215d0d54c7 detect: optimize rule address parsing 
Many rules have the same address vars, so instead of parsing them
each time use a hash to store the string and the parsed result.

Rules now reference the stored result in the hash table.
 9 years ago
Tom DeCanio 04faf1a93a util-decode-mime: remove quote from boundary= string. 
remove quote from the end of the boundary= string.  This was throwing off
the mime parser so that it wouldn't always catch mime boundaries causing
things like missed attachments.
 9 years ago
Eric Leblond f2d1e93e65 unix-socket: add auto mode 
When running in live mode, the new default 'auto' value of
unix-command.enabled causes unix-command to be activated. This
will allow users of live capture to benefit from the feature and
result in no side effect for user running in offline capture.
 9 years ago
Eric Leblond f6c3845397 util-time: new function to know if live or offline 9 years ago
Andreas Herz 15766ce2c4 configure: set correct cppflags for enabled nfqueue 
This change sets the correct CPPFLAGS received by PKG_CHECK to resolve
building issues with some systems like OpenSuse.
 9 years ago
Andreas Herz 7d54d8c590 rule-reload: remember pending USR2 signals 
We did ignore additional USR2 signals while a rule-reload was running.
This changes the counter to be incremented with every additional USR2
signal so we don't ignore them anymore but it's still limited to prevent
huge overload or even overflow.
 9 years ago
Jason Ish b454aa46c6 defrag: use frag_pkt_too_large instead of frag_too_large 
The rules were using the wrong decoder event type, which was
only set in the unlikely event of a complete overlap, which
really had nothing to do with being too large.

Remove FRAG_TOO_LARGE as its no longer being used, an overlap
event is already set in the case where this event would be set.
 9 years ago
Victor Julien 00313b2140 decoder-event: BUG_ON on table mismatches 
Abort when the event enum and the name<>event table are not matching.
 9 years ago
Jason Ish bbbc5ab1fc setup-app-layer-logger.sh: update for logging changes 9 years ago
Jason Ish 108d37a52d logging: proper failure on memory allocation error 
unwinds all previous logger allocations
 9 years ago
Jason Ish a1de7e6dae flow-vars: remove flow locks 
Code is now entered under flow lock.
 9 years ago
Jason Ish 5a783e6854 flow-bits: remove flow locks 
Code is now entered under flow lock.
 9 years ago
Jason Ish 8865009fca lua: remove flow locking from the lua layer 9 years ago
Jason Ish 688e8dbe7f stream: remove lock from StreamTcpSegmentForEach 
This is only entered from logging functions which are already
called with a locked flow.
 9 years ago
Jason Ish 55f2704a25 logging: remove the packetqueue's from the logging path 
They are not referenced by any loggers, and they probably
shouldn't be either.
 9 years ago
Jason Ish 00b6e628d1 logging: hook into flow worker thread 9 years ago
Jason Ish f8c2c3653b output-streaming: free thread store on deinit 9 years ago
Jason Ish 1b4ba4496c logging: rename registration functions to not have tmm 
As the logging modules are no longer threading modules, rename
them so they don't look like they are being registered as
threading modules.

Also, move the registration to the output.c which will handle
registration of the loggers.
 9 years ago
Jason Ish 04a44a077d logging: convert pcap log to non-thread module 9 years ago
Jason Ish a093580527 logging: just return if no tx loggers 9 years ago
Jason Ish fc35a78ba1 logging: use a single entry point for all loggers 
Introduces a new thread module, TMM_LOGGER, which is the
root most logger.

Only handles loggers in the packet path, stats and flow
logging are not included.

The loggers are made up of a hierarchy of loggers. At the top we
have the root logger which is the main entry point to
logging. Under the root there exists parent loggers that are the
entry point for specific types of loggers such as packet logger,
transaction loggers, etc. Each parent logger may have 0 or more
loggers that actual handle the job of producing output to something
like a file.
 9 years ago
Jason Ish d2c17ce9a0 logging: remove output priorities: not used 9 years ago
Jason Ish 9489d5b9e3 logging: remove dead code from output-json 
The "parent" json logger was setup like a real logger, but
some of that code was never being called.
 9 years ago
Jason Ish 8b38b9d728 output.[ch]: consistent style 
- Clean up function declaration.
- Consistenly use typedefs for function points.

No functional changes.
 9 years ago
Jason Ish fa27a76462 logging: add profiling back for non-tmm loggers 
The loggers moved away from a TMM required a new
profiling support.
 9 years ago
Jason Ish 42b8f30272 logging: convert lua output to non-thread module 9 years ago