aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,058 Commits
8 Branches
163 Tags
196 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e252048900'
${ noResults }
Commit Graph

123 Commits (e252048900911693fc60b25574181582fce78c75)

Author SHA1 Message Date
Eric Leblond 0044bb221b Add suricata unittests to 'make check' 
This patch adds a run of suricata's unittests to 'make check'
 15 years ago
Eric Leblond 7c841e1d7c Add coccinelle check to 'make check' 
This patch adds coccinelle checking to the autotools
'make check'.
 15 years ago
Victor Julien c9f9e3f9a4 Add configure check for signed or unsigned nfq_get_payload, adapt code. 15 years ago
Eric Leblond 2600d203cc Fix typo in configure.in 
Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 1e600c1054 source-nfq: add simulated non-terminal NFQUEUE verdict 
This patch adds a new mode for NFQ inline mode. The idea is to
simulate a non final NFQUEUE rules.
This permit to do send all needed packets to suricata via a simple
FORWARD rule:
    iptables -I FORWARD -m mark ! --mark $MARK/$MASK -j NFQUEUE
And below, we have a standard filtering ruleset.

To do so, suricata issues a NF_REPEAT instead of a NF_ACCEPT verdict and
put a mark ($MARK) with respect to a mask ($MASK) on the handled packet.

NF_REPEAT verdict has for effect to have the packet reinjected at start
of the hook after the verdict. As it has been marked by suricata during
the verdict it will not rematch the initial rules and make his way to
the following classical ruleset.

Mode, mark and mask can be configured via suricata.yaml file with the
following syntax:
   nfq:
     repeat_mode: (false|true)
     mark: $MARK
     mask: $MASK
Default is false to preserve backward compatibility.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 72ec56ab23 source-nfq: autodetection of queue max length function 
Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Victor Julien 627c02e300 Use a different way of getting a short git rev that is compatible to older git versions. 15 years ago
Victor Julien e3bde3e95d Add a simple revision based on the git rev to the version number, like a build number. 15 years ago
Victor Julien 96ec2a76c6 Update version to 1.1beta1 15 years ago
Victor Julien 99ad338e91 Bump version to 1.0.2 15 years ago
Victor Julien 610b7702ba Bump version to 1.0.1 15 years ago
William Metcalf 9f1d779a28 pkg-config detection added to configure.in added to install doc except for OSX 16 years ago
Victor Julien a4951286e9 Bump version to 1.0.0 16 years ago
Victor Julien 1fb11e939a Improve configure messages. Make sure CUDA doesn't try to process packets that are too big. 16 years ago
Victor Julien e685579231 Add optional structure validation code. 16 years ago
Victor Julien 1dbbdce0be Add a -fno-tree-pre to our CFLAGS as it breaks the ringbuffers on Ubuntu 9.10/64 bit. 16 years ago
Jason Ish 9222386377 On Mac, don't use -march=native by default unless using gcc >= 4.3. 16 years ago
Victor Julien 26f69aa3a6 Bump version to 0.9.2. 16 years ago
William Metcalf 9f0bf35cfd Set -std=gnu99 CFLAG always and Use -march=native by default if supported by installed version of gcc 16 years ago
Jason MacLulich 835630efbd Add initial support for reading packets from a DAG card, we only support reading from a single stream at this time. 
Use the --dag <dagname> cmd line option to specify from which DAG card to read pkts
from.

Issue at the moment with pkts being ejected during shutdown -- at the moment we
ignore any packets that are not of link type Ethernet.
 16 years ago
William Metcalf e07e9e16ae Updates to allow for disabling options based on Pierre Chifflier's patch 16 years ago
Pierre Chifflier 4e84ffe2ea Fix autoconf code for Prelude option (Fix: #175) 
Third and forth arguments of AC_ARG_ENABLE are the actions to be done
if option was specified (respect. not given), NOT if option
is true (false).

Signed-off-by: Pierre Chifflier <chifflier@edenwall.com>
 16 years ago
Jason Ish a098e39bed Display configuration summary at the end of ./configure. 16 years ago
William Metcalf 9ce1399db8 Add option for setting pcap buffer size if it is available 16 years ago
Victor Julien c73e9318b0 Bump version 0.9.1. 16 years ago
William Metcalf d0b23100d7 patch to configure.in for libhtp minimum version detection via PKG_CHECK_MODULES 16 years ago
Jason Ish 18e5ac8cde Basic rule profiling even though the results may be skewed by a bad rule in a grouping of rules. 16 years ago
William Metcalf 7d63fbdaea small CentOS 4 workarounds 16 years ago
Victor Julien bca75f6255 Bump version to 0.9.0. 16 years ago
Victor Julien 070ed778b8 Libcap-ng support by Gurvinder Singh and myself. Basic support for per thread caps is added, but not activated as it doesn't seem to work yet. Work around for incompatibility between libnet 1.1 and libcap-ng added. 16 years ago
Jan Jezek 366671a8ce Added inline mode support on Windows 16 years ago
Victor Julien 27bff56cd7 Bump version to 0.8.2 16 years ago
Jason Ish 12962c5969 ./configure option, --enable-unified-native-timeval to have unified outputs use a native timeval to be compatible with unpatched barnyard 1 on 64 bit systems. 16 years ago
Gerardo Iglesias Galvan 9f35a24a1f Set threads name. Fix bug #83 16 years ago
William Metcalf 3678dda185 libnet now optional 16 years ago
root ddf995da3b pfring support lb type, and now uses logging subsys 16 years ago
William Metcalf 260d0d7673 Steve Grub fixes... Thanx Steve! 16 years ago
William Metcalf 0fe4373b67 Rolled back to 0.2.x branch renamed htp to libhtp 16 years ago
William Metcalf f7111f3847 import of integrated htp lib and small libnet fixes 16 years ago
Jan Jezek fe6a72befc Code is now compilable on the Win32 platform 16 years ago
Victor Julien d281a6b8ac CUDA build system support & compile fixes 
- add configure support for CUDA
- make sure all code compiles if CUDA is disabled
- fix compiler warnings
 16 years ago
Pierre Chifflier eb33dc163f Prelude plugin: add detection in configure script 
Add the --enable-plugin option to configure script (disabled by default).

Signed-off-by: Pierre Chifflier <chifflier@inl.fr>
 16 years ago
Nick Rogness 2b7b78f1bf Intial IPFW support FreeBSD and OSX 16 years ago
William Metcalf 22f3e3d818 added configure option for enabling march=native gcc 4.2 and later 16 years ago
Steve Grubb f853da7940 Get make distcheck working 
Hello,

Below is a patch that gets "make distcheck" working. Its against the
current code in git. The project version was set to 0.1 in configure,
I changed that to 0.8.1 just so its actually relevant. You might want
to set that to something else.

After checking this patch, I find that there are several source code
files in src/ that are not getting compiled:

-app-layer-detect.c
-app-layer-detect.h
-app-layer-http.c
-reputation.h

Are these new or abandoned? Anyways...here's the patch.

-Steve
 16 years ago
Victor Julien 42e8a01221 Make sure pcre PCRE_EXTRA_MATCH_LIMIT_RECURSION check works with strict compiler settings. 16 years ago
William Metcalf 5bde121754 --enable-gccprofile sets -pg flag detect presence of pcre recursion 16 years ago
Eric Leblond bda8702474 configure: compile with -Wextra 
This patch modify CFLAGS to use -Wextra flag. To avoid problem
with "unused param" it disable this warning.
 16 years ago
Will Metcalf c49785fbd0 configure.in update 16 years ago
Victor Julien ecf86f9c23 Rename to Suricata. 16 years ago
William Metcalf ed856de9ef small fixes to htp detection in configure.in 16 years ago
Pablo Rincon 769022f4be Adding support for Mac OS X, FreeBSD, centrailizing mutex/spins/conditions in a macro API, and some unittests 16 years ago
Gurvinder Singh 08328f9dfb changed to LDFLAGS 16 years ago
Gurvinder Singh 07f7ba55b8 initial support for HTP module init 16 years ago
William Metcalf 98b9009b24 added --enable-gccprotect to optionally detect and enable compile time protections 16 years ago
William Metcalf 8069fc759b added --enable-debug config option to set -DDEBUG 16 years ago
William Metcalf 04b0f177fc native PF_RING support with fixes 16 years ago
William Metcalf 6e8c75ff79 fix for duplicate lib linking, remove call to libnet-config 16 years ago
Jason Ish c91a4baad5 - Autoconf goo for libyaml. 
- Mock YAML configuration file.

- YAML loader for basic YAML files - not all YAML elements support yet..
  todo.

- Add --dump-config command line parameter to dump the state of the
  configuration db after loading the config file.
 16 years ago
William Metcalf 073d04210c added detection of PF_RING for -lpfring enabled pcap 16 years ago
Brian Rectanus ff6a2a018c Cleanup autoconf 16 years ago
Brian Rectanus fa5939ca91 64 bit cleanup part2 16 years ago
William Metcalf dd86b51dbc added optional option to specify signature file to load 16 years ago
Victor Julien e6400bf456 --enable-unittests now controls compilation of unittest code. Added crude commandline support for running unittests: ./eidps runtests 16 years ago
William Metcalf a3510f2025 Made NFQ optional via --enable-nfqueue, --enable-logsigs will now load local.rules in the path other fixes 16 years ago
William Metcalf 6899b3da0b Updated configure.in for libpcre libpthread libpcap checking 16 years ago
William Metcalf b5c19be29c libpcap fixes for error handling and defines 17 years ago
Will Metcalf af992242a8 libpcap stuff v2 17 years ago
Victor Julien 51a9e36e10 Remove vips references. Rename to eidps. 17 years ago
Victor Julien 9c7f5afa79 Large update: pcap support, threading fixes, initial stream tracking, time handling, pool support, runmodes, decoders added, autojunk update. 17 years ago
Victor Julien 2c8e6a7c5a Allow CFLAGS to be overridden by ./configure. 17 years ago
William Metcalf 0ffa1c2465 updates for configure.in, added reject code, some decode stuff for tcp 17 years ago
Victor Julien bab4b62376 Initial add of the files. 17 years ago