aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,570 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e117461d4b'
${ noResults }
Commit Graph

6570 Commits (e117461d4bc02bc7e0e84850e9309629c1f3c07c)
 

Author SHA1 Message Date
Victor Julien b93a302a5b stream: improve StreamTcpSegmentForEach for IPS 
StreamTcpSegmentForEach would only return ACK'd segments. This lead
to missing stream data in alerts when running in IPS mode.

This patch changes the behavior for IPS. All segments are iterated
now, also the non-ACK'd ones. For IDS mode the behavior is unchanged.
 9 years ago
Victor Julien 3a9bcd6a53 qa: add --simulate-ips option 
This option forces the engine in 'IPS' mode. This is useful for testing
some IPS code paths based on pcaps.
 9 years ago
Victor Julien 6152d1abca eve: fix stream payload logging wrong direction 
In the EVE stream payload logging the IPS path logged the wrong dir.
Both IDS and IPS can take the same path as the detection engine
inspects in the same direction in both cases, so the alert is also
generated in the same direction.

Bug #1684
 9 years ago
Maxtors 4b8bd9dfc9 Added checking of negated "totals" and "threads" config values for stats. 9 years ago
Mats Klepsland 6f79137971 lua: expose TLS certificate chain to lua 
Expose TLS certificate chain to lua through TlsGetCertChain().
 9 years ago
Tom DeCanio 559747e325 file-store: add force-filestore configuration option to enable writing all 
extracted files to filesystem.
 9 years ago
Nicolas Thill 3c9538b783 lua: set thread vars in DetectLuaMatch 
Fix internal error when calling SCThreadInfo from Lua detection modules.

Signed-off-by: Nicolas Thill <ntl@p1sec.com>
 9 years ago
Maurizio Abba c4fb6217ee filestore-call: forcing a call to FileStore instead of manually updating 
the relative flag in order to have a single point where we actually
touch the File structure
 9 years ago
notnyt 2b263d55a2 fix nfq_get_timestamp 
Handle case when nfq_get_timestamp returns 0 for success, but timestamp is empty.
 9 years ago
bladeswords 2a17e3e827 Fix typo of trailing ] in configure --help 
It is the small things that count.  This is an example of the fix

Before
--disable-threading-tls Disable TLS (thread local storage)]

After
--disable-threading-tls Disable TLS (thread local storage)
 9 years ago
Andreas Herz 5cee70f9ae Fix the comment and explanation for random-chunk-size 9 years ago
Andreas Herz 8bd9f3d072 json: fix missing includes in disable unix socket case 9 years ago
Victor Julien adbf8bec74 drmemory: suppress magic leak 9 years ago
Andreas Herz 15c98c6085 file-magic: improve libmagic handling on *nix systems 9 years ago
Alexander Gozman 368d7e913a In configuration test mode, check signatures if 'delayed-detect' is enabled 
When 'detection-engine.delayed-detect' option was set to 'yes',
suricata didn't check signatures validity in configuration test mode.
 9 years ago
Andreas Herz 20dd593981 remove unnecessary braces 9 years ago
Andreas Herz dc1bd5b6bd configure: add --disable-python option 9 years ago
Jason Ish 18760e222a asn1: fix memory leak 
As reported in issue #1395, fix 2 memory leaks when destroying
asn.1 decode contexts.
 9 years ago
Victor Julien 96ed8d90ee Fix two more potential issues like bug 1550 9 years ago
Alessandro Guido 05fdfcb71e Segfault fix 9 years ago
Andreas Herz b6de1b6567 coccinelle: fix typo for strchrnul 9 years ago
Jason Ish 4352dd179c conf: null guard in ConfNodeLookupChild 
Add NULL guarding to the lookup so callers can process nodes
in a loop with less error checking.

Addresses issue #1660.
 9 years ago
Alexander Gozman 2aa971240b unix manager: log client's version with debug level 
As (dis)connects are already logged as a debug events, this one
should do the same.
 9 years ago
Eric Leblond 384db27800 unix-manager: fix ressource leak when init fail 9 years ago
Victor Julien f9faf990fb Update Changelog for 3.0 9 years ago
Victor Julien 202b11c0f6 smtp: harden mime parsing 9 years ago
Victor Julien 44a444ba78 Update changelog for 3.0RC3 9 years ago
Victor Julien 37a64bdd45 redis: fix compiler warning 9 years ago
Victor Julien 5457c8d5b3 prelude: clean up memory on setup failure 9 years ago
Victor Julien 33ce781759 pcap: fix setup failure memleak on libpcap < 1.0 9 years ago
Victor Julien 8719d90314 prelude: style fixup 9 years ago
Eric Leblond 1d9087f79f prelude: fix thread safeness 
Prelude analyzer is not thread safe so we need to have one
analyzer per thread.
 9 years ago
Eric Leblond 93642a0d1d suricata: can't use -l and unix socket runmode 
It is not possible to use simultaneously -l and unix socket
runmode because setting the log directory make it final so
not modifable by other call.

It is a implementation limitation but it does not make sense
to set logging directory to have it overwritten by the first
directory specified 'by pcap-file'. So it seems correct to
only trigger an error if this both options are used at the same
time.
 9 years ago
Eric Leblond 2002b37e30 unix-manager: display errors like errors 
Not being able to setup the output directory or file is an error so
it should be printed as such.
 9 years ago
Eric Leblond 6b37985c66 unix-manager: fix race condition 
Under high load it is possible that the thread is not yet started
and that we register a command at the same time. As a consequence,
the commands list is not yet initialized and we have a segfault.

This patch moves the initialization in the ThreadInit function to
be sure the commands list is available when needed.
 9 years ago
Victor Julien 083f22f6d6 icmpv4: remove unused header fields 9 years ago
Victor Julien 375092da85 icmpv4: remove unused declarations 9 years ago
Victor Julien ed1cc1ee2a icmpv4: harden embedded packet handling 9 years ago
Victor Julien fe445367bd icmpv4: improve dest unreachable logic 
When a ICMPv4 destination unreachable packet contains an embedded packet
this packet is parsed. When it's found to be invalid, the whole ICMP
packet is tagged as invalid.

In some cases the unreachable packet would still be used.

This patch fixes this by checking the packet is invalid flag as well
in the ICMPV4_DEST_UNREACH_IS_VALID macro.
 9 years ago
Victor Julien 2fbfd6efcc DER decoder: don't use strlcpy on non-strings 9 years ago
Victor Julien fae2836039 http: more sane body inspection/tracking defaults 9 years ago
Victor Julien efdd9e08f2 http: improve body pruning 
In case the body wasn't inspected the body_inspected variable wouldn't
get updated leading to the body not getting pruned at all.

This patch adds support for this case.
 9 years ago
Victor Julien 64017cd29b ips/drop-log: fix crash on logging drops 
When logging drops for fragmented UDP packets, triggered by detection
in the reassembled packet, a missing check could lead to access of the
packets UDP header pointer when it was NULL.
 9 years ago
Victor Julien 136c6440c8 http file: fix txid type 9 years ago
Victor Julien 006cd5ae36 file: sync file and tx id types 9 years ago
Victor Julien a74a8c874f smtp: reset inspection buffers 9 years ago
Victor Julien 2582e61af7 http: fix body prune check 9 years ago
Victor Julien e94bf9726d Update Changelog for 3.0RC2 9 years ago
Victor Julien b333e5feae dns: reject bad response data 9 years ago
Victor Julien 260841827f smtp: improve handling of bad traffic 
No longer fail tracking the SMTP stream when a unexpected reply is
encountered.

Do not store the unexpected reply.
 9 years ago