aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,754 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'df45fc9e97'
${ noResults }
Commit Graph

728 Commits (df45fc9e97f49398d4dd0994c436bd38254689ee)

Author SHA1 Message Date
Victor Julien e04fcfcf2f doc/userguide: minor rewording and reformatting for runmodes 3 years ago
Juliana Fajardini 28b5f4a555 devguide: add page about app-layer frame support 
This explains the frame support from the perspective of a developer,
with introductory explanation on how to add frame support to an
applayer proto.

Doc #4697
 3 years ago
Philippe Antoine 8adf172ab8 nfs: limits the number of active transactions per flow 
Ticket: 4530
 3 years ago
Jason Ish b9a429e6ce devguide: move image generation into sphinx setup 
While ReadTheDocs can't execute arbitrary scripts, we can install
mscgen in the container that builds the docs (see .readthedocs.yaml).

Then instead of calling generate-images.sh from the Makefile, move this
into the setup function defined on conf.yaml, which will generate the
scripts as part of a normal Sphinx workflow.

This should give us an image generation solution that works on
ReadTheDocs, and locally within anyones build system provided they have
mscgen installed.
 3 years ago
Philippe Antoine 11d3af551b doc: suricata.yaml fields about maximum transactions 
For HTTP2, MQTT and FTP.
 3 years ago
Juliana Fajardini 579d7dcc01 pgsql: add initial support 
- add nom parsers for decoding most messages from StartupPhase and
SimpleQuery subprotocols
- add unittests
- tests/fuzz: add pgsql to confyaml

Feature: #4241
 3 years ago
Victor Julien cf4ddab6f4 doc/quic: update for new quic.version logic 3 years ago
Emmanuel Thompson 6641efb74f doc/quic: Add documentation for QUIC keywords 3 years ago
Emmanuel Thompson 9ad60e7661 doc/quic: Add quic to eve json format 3 years ago
Andreas Dolp f714484591 Doc: Fix typos in documentation of suricata.yaml. 3 years ago
Philippe Antoine 0cfdec1266 detect: xor transform 
Ticket: 3285

The xor transform applies xor decoding to a buffer, with a key
specified as an option in hexadecimal. Arbitrary key sizes are
accepted.
 3 years ago
Jason Ish cda11b8d97 doc/update: mention change of default rule path 3 years ago
Jason Ish 8071d8239e doc: update rule section to current default 
Update the rule section to better describe whats seen in a default
install of Suricata including a link to the rule management section.
 3 years ago
Jeff Lucovsky 93842aa14a doc/yaml: Signal-termination option description 3 years ago
Juliana Fajardini 6ae80b2819 doc: replace ohloh with openhub link 3 years ago
Juliana Fajardini de0ce26e3f userguide: update references to Suricata website 
Many places were still referencing the old Suricata page.
Used git grep with replace to update them. Checked that new links work.
Left old references when they were only documentation examples (for
output or unittests).

Task#4915
 3 years ago
Juliana Fajardini 7b20488d4e userguide: fix low-hanging typos Config page 3 years ago
Odin Jenseg 2a5d79e426 doc/eve-json-format/dns: Describing Z-bit 3 years ago
Lukas Sismis dab3274263 dpdk: add documentation for the DPDK runmode 
Briefly present the DPDK runmode through configuration file.
 3 years ago
Lukas Sismis e4b5239202 doc: fix typo in "Stream engine" documentation 3 years ago
Philippe Antoine 27dd0c6b3d eve/ftp-data: log alert metadata in ftp-data object 
Ticket: 4860

instead of directly in root
 3 years ago
Juliana Fajardini 7c636d25c7 userguide: (nit) fix typo in lua-output page 3 years ago
Juliana Fajardini 4256c1ccd5 userguide: rename pg Lua Scripting->Lua Detection 
Since we can have scripts for output _or_ detection, it seems more
clear to rename this page to add more meaning
 3 years ago
Juliana Fajardini 59e5a21fca userguide: update buffers list for lua-scripting 3 years ago
Juliana Fajardini e7f1736f3a userguide/lua: add explanation about `need` diffs 
The differences on how the `need` key works, depending on script
usage (output or detection) confuses users, sometimes (cf doc#4725).
While we don't fix that, just explain this behavior.
 3 years ago
Andreas Dolp b25350ee13 doc: Fix typo in documentation of rule keyword flow 3 years ago
Juliana Fajardini c6e97222b7 devguide: add page about rust unittests 
Part of the task to offer better guidance on how and when to write
unit tests or suricata-verify tests
Also updated linking and index files, as well as testing page to refer
to the unit tests pages

Doc: #4590
 3 years ago
Juliana Fajardini 747d225c84 devguide: repurpose unittests page to unittests-c 
Part of ongoing task to add more guidance on how to create unittests
and suricata-verify tests for suri. There will also be a unittests-rust
page.

Doc: #4590
 3 years ago
Juliana Fajardini 5b4c575f3b devguide: add page about testing 
This page offers guidance about when to use unittests or s-v tests,
and how to create input for those. Also lists other common ways to test
Suri, such as fuzzing and the CI checks.

Doc: #4590
 3 years ago
Juliana Fajardini fc958e9e89 userguide: update wiresharkwiki in public datasets 3 years ago
Juliana Fajardini dbeb8bfa1f doc/devguide: add few more explanations & details 3 years ago
Juliana Fajardini 2cd25e8105 devguide/app-layer: rename /img dir to /diagrams 
Semantically speaking it makes more sense, because it stores `msc`
files for dynamic image generation.
Updated files that refered to `img` accordingly, too.
 3 years ago
Juliana Fajardini f65b3908ed devguide/transactions: add TSL_STATE enum snippet 3 years ago
Juliana Fajardini d6c5dfacc7 devguide/transactions: update & refine diagrams 
- DNS sequence diagram was incorrect (transactions should be
unidirectional). After changing it, it made sense to rename the file.
Adjusted spacing, too. Updated transactions.rst accordingly.
- TLS sequence diagram was refined to illustrate how Suricata actually
implements the protocol.
 3 years ago
Juliana Fajardini 84311ab151 devguide/transactions: fix wordings 3 years ago
Juliana Fajardini 2f3cee2429 devguide/code-style: fix typo in banned functions 3 years ago
Juliana Fajardini a5b344e015 doc/devguide: add Transactions documentation page 
A guide on what is a transaction for Suricata engine, focusing on
developers.
- What's the purpose of a transaction;
- transaction states and API callbacks;
- Examples and sequence diagrams.
- doc/devguide: add transactions.rst
- doc/devguide/extending/app-layer/index.rst: add transactions.rst
 3 years ago
Philippe Antoine bce3c46874 pcre2: remove PCRE1 as dependency 3 years ago
Philippe Antoine fae7389ae2 pcre2: document the behavioral changes 3 years ago
Juliana Fajardini 751906b71d doc/lua-functions: add sha items to SCFileInfo doc 4 years ago
Jason Ish 2cff811609 doc: remove prelude and document as removed 4 years ago
Jason Ish 3e9d1e813a doc/upgrade: move ike logging changes to 7.0 changes 
Was mistakenly put in 6.0 changes.
 4 years ago
Jason Ish f56634ac46 doc/upgrade: mention that nss is no longer required 4 years ago
Lukas Sismis 71196098a1 doc: Update public-data-sets.rst 
Replace dead link

Dataset on ll.mit.edu returns 404. Link updated with a search result of more datasets.
 4 years ago
Joshua Lumb cf9b2b5fd1 detect-dsize: Add ! operator for dsize matching 4 years ago
myr463 755124763d doc: escape dot in pcre 4 years ago
Shivani Bhardwaj 51be8f0238 doc/dcerpc: add proto keywords 4 years ago
showipintbri a39025bf24 doc: Grammar Correction 4 years ago
Juliana Fajardini 6b8b58f98a doc/eve: common fields and alert updates 
- update examples for both
- change app_proto from alert field to common field, as
  per JsonBuilder's changes.
 4 years ago
Juliana Fajardini eacf933edf doc/eve: fix typos 4 years ago
Philippe Antoine 95f225e8fb doc: update sphinx api to use add_css_file 
instead of deprecated add_stylesheet
 4 years ago
Jeff Lucovsky fcd1ae3bf1 doc: Protocol name/case change for upgrade doc 
This commit adds a one-liner to the upgrade document for 7.0 stating
that protocol names/values are now builtin to Suricata and that names
and their casing may change.
 4 years ago
Simon Dugas 0ed62e93ec doc/modbus: add eve logging documentation 4 years ago
frank honza f83d51d0cb ike: set event for multiple server proposals 4 years ago
Andreas Herz a5f36eccf1 doc: add documentation for rawbytes keyword 4 years ago
frank honza ab59ef0d79 ikev1: add documentation for ikev1 4 years ago
frank honza ecdf9f6b0b ikev1: rename ikev2 to common ike 
Renaming was done with shell commands, git mv for moving the files and content like
find -iname '*.c' | xargs sed -i 's/ikev1/ike/g' respecting the different mixes of upper/lower case.
 4 years ago
Shivani Bhardwaj d708744f2b doc: fix ubuntu pkg name for tcmalloc 4 years ago
Jason Ish 560974b2db doc/quickstart: use new test url that works 
Replace http://testmyids.org with http://testmynids.org/uid/index.html,
as testmyids.org now always redirects to https.
 4 years ago
Josh Stroschein 7ece0ac31f doc: update installation documentation for CentOS and Fedora 4 years ago
Philippe Antoine a04b5566a6 http: makes decompression time limit configurable 4 years ago
Jeff Lucovsky 25e9483168 doc/lua: Lua API name consistency 
This commit updates the documentation of the SCFlow* function names
available to Lua scripts.

Formerly, they used the prefix "Sc"; now they use "SC".
 4 years ago
Jason Ish 547afcb983 doc/userguide/transforms: remove not about libnss being required 4 years ago
Jason Ish 41591af48b doc/userguide/install: remove libnss 4 years ago
Jason Ish 4b9af8d2ce doc/userguide: document --disable-hashing 4 years ago
Jason Ish c0ddad8e7e doc/ja3: libnss support no longer required 4 years ago
Kirby Kuehl 5499a6f7cd doc: fix URL for unix-socket python example 4 years ago
Sascha Steinbiss f78f444a5e doc: build all manpages 4 years ago
Carl Smith 9b840104bd lua: Make the rule action available to output scripts 
Useful for those that want to do custom logging from lua
 4 years ago
Justin Ossevoort 320de5f43d eve: Log tenant_id for all eve-json messages 4 years ago
Victor Julien 372fc26739 ci: buildbot is decommissioned, so remove prscript refs 4 years ago
Sascha Steinbiss 15c42e0d83 doc: add documentation for SRV DNS JSON structure 4 years ago
Philippe Antoine 096dce4bba http2: allow filestore to work with HTTP2 4 years ago
Philippe Antoine 4e242645be doc: explicit header normalization further 
And their concatenation as described in RFC 2616
 4 years ago
Philippe Antoine 6b30890de9 doc: http.uri.raw has no spaces 
as they are in the protocol

cf bug #2881
 4 years ago
Victor Julien 7b4ac8dbab doc/userguide: update http keywords 4 years ago
Victor Julien ca47d75c80 doc/userguide: explain --strict-rule-keywords 4 years ago
Jeff Lucovsky a18a9d3046 doc: New sticky buffer icmpv4.hdr 4 years ago
Phil Young 76de981574 napatech: Added comment indicating that hba will be deprecated 
HBA will be deprecated in Suricata 7
 4 years ago
Jason Ish 3030a3da18 doc: provide eve 1 deprecation date 4 years ago
Victor Julien c95850c6ce doc/rules: document config rule option 4 years ago
Jeff Lucovsky 6f9b7e052a doc/eve: Update threaded filename examples 4 years ago
Jason Ish f70e1f571e doc/userguide: add info about --set and lists 4 years ago
Jason Ish 69fffb2dc4 doc/userguide: include man page even when not including pdf 
Fix a mistake in Makefile.am where the man page was only being
added to the distribution if the PDF was also created. It should
be included even if the PDF cannot be included.
 4 years ago
Shivani Bhardwaj 87617b200c doc/datasets: add info about memcap and hashsize 5 years ago
Jason Ish 7d44e80a50 doc: document removal of unified2 
And suggest an alternate tool, Meer if compatibility with
Barnyard2 style databases is required.

Redmine ticket:
https://redmine.openinfosecfoundation.org/issues/3497
 5 years ago
Jason Ish e71f2b22fa doc: add removal of individual json loggers 
Add link to multiple eve instances as a replacement for this
feature.
 5 years ago
Philippe Antoine 9b5c923327 http: disables lzma by default for HTTP 5 years ago
Victor Julien e1ecb7dc41 doc/datasets: explain reloads, general improvements 5 years ago
Simon Dugas 48da18b081 doc: dns - document additional fields in eve event 
Documentation of additional fields for soa and sshfp. Also some minor
doc fixes and updates.
 5 years ago
Jeff Lucovsky 06f41f608c doc: Improve grammar, spelling and clarifications 
This commit improves the overall documentation's grammar, spelling, and
adds clarifications  where needed.
 5 years ago
jason taylor b21160a6e3 doc: http.host keyword note for matching on port 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 5 years ago
Roland Fischer de7c7eeff0 doc: Add dev code-style 5 years ago
Odin Jenseg 4549505418 doc/userguide: fix outdated xdp info 5 years ago
Philippe Antoine 999af4f62a http2: adds documentation 5 years ago
James Dutrisac 8d5e54c046 pcap: recusively reading pcaps / documentation 
Changes to doc/userguide/partials/options.rst for feature 2363
   (reading pcaps recursively)
 5 years ago
Sascha Steinbiss 4e1a41a17d output-json: add MAC address output 
This commit adds MAC address output to the EVE-JSON format. We follow the
remarks made in Redmine ticket #962: for packets, log MAC src/dst as a
scalar field in EVE; for flows, log MAC src/dst as lists in EVE. Field names
are different between flow and packet context to avoid type confusion
(src_mac vs. src_macs). Configuration approach and JSON representation is
taken from previous GitHub PR #2700.
 5 years ago
Sascha Steinbiss c31360070b rust/mqtt: add MQTT parser 5 years ago
Jeff Lucovsky a5d30a3220 doc/output: Document multithreaded eve option 5 years ago
Philippe Antoine 1569f3e349 transform: adds url_decode keyword 
Fixes https://redmine.openinfosecfoundation.org/issues/2689

Adds a new source file to handle this keyword.
And modifies documentation, Makefile, and registration accordingly.

url_decode decodes url-encoded data, ie replacing '+' with space
and '%HH' with its value.
 5 years ago
Victor Julien 00cc3c7374 eve/ssh: change hassh logging format 
Elastic search didn't accept the 'hassh' and 'hassh.string'. It would
see the first 'hassh' as a string and split the second key into a
object 'hassh' with a string member 'string'. So two different types
for 'hassh', so it rejected it.

This patch mimics the ja3(s) logging by creating a 'hassh' object
with 2 members: 'hash', which holds the md5 representation, and
'string' which holds the string representation.
 5 years ago
Tristan Fletcher 6cbb4d4909 doc: fix spelling in flowbits image 5 years ago
Victor Julien e04d48c8c8 doc/userguide: fix outdated mpm info 5 years ago
Victor Julien 04d88e7012 doc/suricata-update: fix typo and do minor cleanups 
Thanks to showipintbri PR 4465.
 5 years ago
Jeff Lucovsky 901fbae7b9 doc: Add byte_math documentation 5 years ago
Jeff Lucovsky 496306e6a9 doc: update stream-depth description 5 years ago
Jeff Lucovsky ec07f58705 doc: update file-store stream depth description 5 years ago
Vadym Malakhatko a80f705d4b userguide: add documentation for Hassh usage 
1. Rules keywords
2. Json keywords
3. Usage in lua
4. Enabling in configuration file
 5 years ago
Jeff Lucovsky b116a56a32 doc: Correct typos 5 years ago
Jeff Lucovsky 59cc3c6281 doc: Update byte_extract doc 5 years ago
Jeff Lucovsky 297f91479e doc: Fix spelling error 5 years ago
Victor Julien 06f414d66d doc/manpage: improve intro, add examples 5 years ago
Victor Julien 75727c05e0 doc/manpage: add --reject-dev option 5 years ago
Victor Julien 82ac72782d doc/userguide: update app-proto list 5 years ago
Victor Julien e6330c354d doc/userguide: list valid rule actions 5 years ago
Jeff Lucovsky 5e4aa5b851 doc: Improve tos description 
This commit improves the description of the `tos` keyword by emphasizing
that the value used should adhere to the guidelines in RFC2474. Instead
of specifying the DSCP value directly, right shift the DSCP value and
use that.
 5 years ago
Jeff Lucovsky 3005dca3fd doc: pcrexform documentation 5 years ago
Jason Ish a77662bdbf userguide: remove old drop-log documentation 
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2381
 5 years ago
Jason Ish 8997a114cb userguide: RDP now enabled by default 
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3255
 5 years ago
Jason Ish 3eb0461abd userguide: SIP now enabled by default 
Redmine issue:
https://redmine.openinfosecfoundation.org/issues/3256
 5 years ago
Victor Julien d0526e71c0 doc/userguide: add IPS with BPF info, minor cleanups 5 years ago
Jason Ish 6b8320d1c0 doc: document file-store v1 to v2 configuration changes 5 years ago
Jason Ish 6850dbc852 suricata.yaml: remove filestore v1 configuration 5 years ago
Victor Julien e5fd47dcfd doc/devguide: create basic layout 
Issue: #3343
 5 years ago
Jason Ish 0dd1b2a616 doc: typo: http.server_body should be http.response_body 
Thanks to Jason Williams for pointing this out.
 5 years ago
Victor Julien a611ae2102 doc/perf: minor improvements 5 years ago
Andreas Herz 1d9db2b5f9 doc: add performance analysis section 5 years ago
Sascha Steinbiss 5598ff5bb3 doc/install: refer to buster as Debian stable 5 years ago
Todd Mortimer 6b4d32c6bb doc: Update documentation for by_rule and by_both thresholds. 5 years ago
Jeff Lucovsky 5f71e7a371 doc/devguide: Submission and style 
This commit adds code submission and coding style guidelines to the
devguide. Most of the material is a straight port from the wiki but
there have been some content modifications and additions.
 5 years ago
Jason Ish 752e4828d7 devguide: include sources in EXTRA_DIST 
Required for distcheck to pass, and required to build docs
from a dist archive.
 5 years ago
Victor Julien e97cdb48f3 decode/teredo: implement port support 
Implement support for limiting Teredo detection and decoding to specific
UDP ports, with 3544 as the default.

If no ports are specified, the old behaviour of detecting/decoding on any
port is still in place. This can also be forced by specifying 'any' as the
port setting.
 5 years ago
Jeff Lucovsky 4ad6c5421a doc: fix documentation typos 5 years ago
Jeff Lucovsky bc01392e93 doc: Update byte_test documentation 5 years ago
Frank Honza 1c8943dedd add RFB parser 
This commit adds support for the Remote Framebuffer Protocol (RFB) as
used, for example, by various VNC implementations. It targets the
official versions 3.3, 3.7 and 3.8 of the protocol and provides logging
for the RFB handshake communication for now. Logged events include
endpoint versions, details of the security (i.e. authentication)
exchange as well as metadata about the image transfer parameters.
Detection is enabled using keywords for:

 - rfb.name: Session name as sticky buffer
 - rfb.sectype: Security type, e.g. VNC-style challenge-response
 - rfb.secresult: Result of the security exchange, e.g. OK, FAIL, ...

The latter could be used, for example, to detect brute-force attempts
on open VNC servers, while the name could be used to map unwanted VNC
sessions to the desktop owners or machines.

We also ship example EVE-JSON output and keyword docs as part of the
Sphinx source for Suricata's RTD documentation.
 5 years ago
Victor Julien ccfdcb55fb devguide: document new app-layer retvals 5 years ago
Philippe Antoine 6251deae21 doc: adds doc for ipv4.hdr signature keyword 5 years ago
Philippe Antoine 1cd314c500 detect: adds icmpv6.mtu keyword 5 years ago
Jeff Lucovsky e14447d594 docs/napatech: Correct typo 5 years ago
Shivani Bhardwaj c5cee05169 doc: Fix typo Generate -> Generator 5 years ago
Shivani Bhardwaj 7b1699c5a8 doc: Add chassis for dev docs 
Closes redmine ticket 3344.
 5 years ago
Philippe Antoine 8396333493 detect: adds icmpv6.hdr keyword 5 years ago
Philippe Antoine af1361a988 doc: add missing documentation for ipv6.hdr keyword 5 years ago
Jason Ish d3f6a95b56 doc: removed unified2 output 5 years ago
Jeff Lucovsky 8c132c0b87 doc: Correct RST quote usage 
Corrects misplaced backticks preventing proper formatting of `mpm-algo`
section.
 5 years ago
Jeff Lucovsky 3385859176 doc/userguide: Update for dump-features 5 years ago
Phil Young 3fbcacf9a8 napatech: documentation hardware based bypass support 
Napatech hardware bypass support enables Suricata to utilize
capabilities of Napatech SmartNICs to selectively bypass flow-based
traffic.
 5 years ago
Shivani Bhardwaj 700eebaecc doc/conf: Update copyright and regex for version 
Make the new regex in compliance with the modern autoconf syntax.
Closes redmine ticket #3423
 5 years ago
jason taylor 1666bc0ad1 doc: minor capitalization fix 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 5 years ago
jason taylor 4f7dc4f136 doc: add bsize documentation and rule example 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 5 years ago