db28d85d01
stream: consider any uninspected data
2 years ago
1a35801f96
stream: minor constification
2 years ago
989e5c7ba2
streaming/sbb: fix debug message
2 years ago
a00db15bd4
stream: remove bug on from packet path
2 years ago
ee6c39b985
output: improve debug format by adding function name
2 years ago
41ca206fdf
src: fix deprecated-non-prototype compile warnings
...
Tested on Fedora 37 with clang 15.
util-strlcatu.c:45:8: error: a function definition without a prototype is deprecated in all versions of C and is not supported in C2x [-Werror,-Wdeprecated-non-prototype]
size_t strlcat(dst, src, siz)
^
1 error generated.
2 years ago
1bc6976a06
src: fix unused-but-set-variable compile warnings
...
Tested on Fedora 37 with clang 15.
datasets.c:852:9: error: variable 'n' set but not used [-Werror,-Wunused-but-set-variable]
int n = 0;
^
1 error generated.
2 years ago
ebd8728219
src: fix strict-prototype warnings
...
Tested on Fedora 37 with clang 15.
app-layer.c:1055:27: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
void AppLayerSetupCounters()
^
void
app-layer.c:1176:29: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
void AppLayerDeSetupCounters()
^
void
2 errors generated.
2 years ago
55c4834e4e
smb: configurable max number of transactions per flow
...
Ticket: #5753
2 years ago
1d9183638f
smb: convert transaction list to vecdeque
...
Allows for more efficient removal from front of the list.
Ticket: #5753
2 years ago
8c3107472b
detect/frames: fix crash when parsing bad rule
...
Indexing of Signature::init_data::smlists would fail for a rule that
used a frame and fast_pattern w/o content, as the array would only be
expanded when adding a content.
Adding a check to see if there list id is in bounds
is an implicit check for the "no content" case.
Ticket: #5530
2 years ago
8bebc2390d
github-actions: bump ossf/scorecard-action from 2.1.1 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](15c10fcf1c...e38b1902ae
2 years ago
48f0fd3c74
doc/userguide: update logging section for time formats
...
- Update fragment of configuration file to match suricata.yaml with
new default-log-format.
- Document new %z format specifier.
2 years ago
531c4336c9
logging: use ISO-like timestamp in file log
...
Also update suricata.yaml to show this default, as updating the
"default-log-format" does not affect the file output.
2 years ago
761e7c2a63
suricata.yaml: update default-log-format current state
...
The default-log-format has changed, reflect this in the suricata.yaml.
2 years ago
bac8b8d26d
logging: add new date format: YYYY-MM-DD HH:MM:SS
...
Adds a new logging format character, %z that uses a more standard time
format of "YYYY-MM-DD HH:MM:SS".
Ticket #5764
2 years ago
9f21e2bcde
src: remove unneeded double colon
...
git grep ';;' src/ | grep -v for | cut -d: -f1 | uniq
| while read f; do sed -i -e 's/;;/;/' $f; done
2 years ago
cb89192ec3
smb: fix typo in comment
2 years ago
0dfaf2802f
test: remove one duplicate line
2 years ago
27d2bce1a1
flow: complete stats for app_layer protocol counters
...
In the case of a gap, or in the case of a flow where one side
is recognized, but the other is not before the end, we still
increase the counters to have consistency between
jq 'select(.event_type=="flow" and .app_proto=="ftp") | .app_proto' log/eve.json | wc -l
jq 'select(.event_type=="stats") | .stats."app_layer".flow.ftp' log/eve.json
Ticket: #5769
2 years ago
cfcb7df9dc
mqtt: rustfmt parser.rs
2 years ago
23acb89653
mqtt: add unittests for nom7 parsers
...
Ticket: #5742
2 years ago
ad7baad4a0
github-actions: bump actions/download-artifact from 3.0.1 to 3.0.2
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](9782bd6a98...9bc31d5ccc
2 years ago
87420c8083
github-actions: bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15
2 years ago
c091e65662
github-actions: bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.2.0...v3.3.0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
fff4475d91
stream: fix memory leak when failing to insert segment
...
As introduced by commit f848e34bcc#5777
2 years ago
e15c9451f2
log/stats: Ensure output exists for the stats thread
...
Issue: 5198
This commit ensures that a log output destination exists for the stats
thread.
2 years ago
018ea2625f
log: Use hash table for slot maintenance
...
Issue: 5198
This commit modifies the threaded logging support to use the hash table
for handling thread/slot mappings. As a result, it's no longer necessary
to provide the thread id when ensuring the log output exists.
2 years ago
f06aabc32a
log: Add hash table for thread/slot mappings
...
Issue: 5198
This commit adds a hash table to manage thread id to slot mappings. This
ensures that each thread will have its own slot (file output device)
2 years ago
4c7ca2c367
devguide/install: add note about ubuntu version
...
We want to make it clear with which system the instructions for
installing from were tested with.
2 years ago
cdc5ccd7f7
rfb: rustfmt parser.rs
2 years ago
b95d7efbd0
rfb: add unittests for nom7 parsers
...
Task: #5741
2 years ago
3979acb5ed
smb: set event for ntlmssp unusual order
2 years ago
e41c01a483
smb: rustfmt ntlmssp_records.rs
2 years ago
1db8685848
smb/ntlmssp: parse fields independently of order
...
Instead of relying on the usual ordering...
Ticket: #5258
2 years ago
fc177754d1
github-actions: bump ossf/scorecard-action from 2.0.6 to 2.1.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...15c10fcf1c
2 years ago
dfcb429524
detect/cert: Use client side certs
...
Issue: 5516
This commit modifies the detect logic to choose the certificate based on
the flow direction -- to server or to client.
2 years ago
ae192ebae7
rust: sync log levels with C
2 years ago
377885f420
exception-policies: fix typos
2 years ago
21edf136a5
scripts: fix app-layer-protos.c setup
...
After the changes in the script in 05e16820de
2 years ago
23eeba3e35
app/protos: reformat string to proto
2 years ago
4f6d388740
app-layer: check name vs proto mapping in registration
2 years ago
0ff88c0315
netmap/runmode: minor code cleanup
2 years ago
0e5af9e8a7
ioctl: output cleanups
2 years ago
07008f0da2
netmap: output cleanups
2 years ago
597601b294
dpdk: don't "fix" broken ips setting
2 years ago
4e945351a5
dpdk: output cleanups
2 years ago
7196257f68
nfq: minor error message improvement
2 years ago
a4eefd16b7
output: add %M format option for the log message body
...
If %M is not specified, it is automatically appended to the format
string, to provide backwards compatibility.
2 years ago
fa7760aa67
commandline: output cleanups
2 years ago
Victor Julien
Philippe Antoine
dependabot[bot]
Jason Ish
Haleema Khan
Jeff Lucovsky
Juliana Fajardini
Jeff Lucovsky
Shivani Bhardwaj