suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	e416b2cdfb	stream: fix IPv6 pseudo packet setup Bug #1022: IPv6 pseudo packet setup using reverse logic of IPv4.	11 years ago
Victor Julien	ef17b7b9f4	stream: reduce scope of StreamTcpPseudoPacketSetupHeader	11 years ago
Victor Julien	ce4d262c7d	IPv4 decoder compile warning fix	11 years ago
Victor Julien	07c97412f3	DNS: fix response name length logic In some cases where the length would be calculated as 0 we'd loop until we'd hit our loop limit. Update name logic everywhere.	11 years ago
Anoop Saldanha	95ed53c590	Fix for #1003 . Now that we call stream reassembly directly from proto detection, we will need to check if reassembly has been disabled inside the stream reassembly callback. This prevents any calls to bypass and re-enter proto detection, despite having reassembly disabled.	11 years ago
Victor Julien	7ebd1e6433	Counters: fix delayed-detect counter registration Make sure we register the detect.alerts counter before packet runtime starts even in delayed detect mode. The registration of new counters at packet runtime is not supported by the counters api and might lead to crashes as there is no proper locking to allow for this operation. This changes how delayed detect works a bit. Now we call the ThreadInit callback twice. The first call will only register the counter. The 2nd call will do all the other setup. This way the counter is registered before the counters api starts operating in the packet runtime. Fixes the segv reported in ticket #1018.	11 years ago
Victor Julien	9e88c51e24	Counters: move perf critical var to the top of the SCPerfContext struct	11 years ago
Victor Julien	ed03196a20	Counter: fix accidental logic change	11 years ago
Victor Julien	45dfecafd4	Counters: remove unused updated field	11 years ago
Victor Julien	49087f21e4	Optimizations to reduce branch misses	11 years ago
Victor Julien	64f5129f12	Counters: remove unused tm_name comparison loops	11 years ago
Victor Julien	76c305c128	Counters: fix unix socket	11 years ago
Victor Julien	25aeeebdf7	Counters: merge SCPerfCounterName into SCPerfCounter as there was a 1 on 1 mapping	11 years ago
Victor Julien	3445d17ae5	Counters: remove SCPerfCounterValue struct as we no longer support multiple data types	11 years ago
Victor Julien	677cd03e52	Counters: more unused code removal	11 years ago
Victor Julien	8d4a61a789	Counters: remove unused code	11 years ago
Victor Julien	698ff4e4aa	Counters: remove all unused parts of the API	11 years ago
Eric Leblond	79fcf1378a	Use unlikely in malloc failure test. This patch is a result of applying the following coccinelle transformation to suricata sources: @istested@ identifier x; statement S1; identifier func =~ "(SCMalloc\|SCStrdup\|SCCalloc\|SCMallocAligned\|SCRealloc)"; @@ x = func(...) ... when != x - if (x == NULL) S1 + if (unlikely(x == NULL)) S1	11 years ago
Eric Leblond	c8b3f4418a	af-packet: init correctly the config structure This fix a crash when interface is not defined in YAML.	11 years ago
Eric Leblond	eea760de3c	decode: fix typo in comment	11 years ago
Anoop Saldanha	167597cfb0	Update ftp parser protocol detection to use lowercase patterns.	11 years ago
Anoop Saldanha	36bd444406	Introduce new API to allow case insensitive protocol detection patterns.	11 years ago
Anoop Saldanha	90827ea990	Remove the obsolete DetectFtpBounceMatch() function.	11 years ago
Ken Steele	9fce4da84d	Spell fixes in threads-arch-tile.h	11 years ago
Anoop Saldanha	e8cd15c823	Support for feature #983 . Provide support for icmvp4 and icmpv6 as well. You can now use alert icmpv4 and alert icmpv6 as well, apart from the existing alert icmp, which created a rule that applied to both icmpv4 and icmpv6.	11 years ago
Nelson Escobar	cf9f1e3191	Build cuda kernel for capability 3.5 devices.	11 years ago
Victor Julien	3f8b9dde04	Dead code removal	11 years ago
Victor Julien	84af1ee277	storage: fix and small optimization	11 years ago
Victor Julien	77ae8b8878	flow: set correct family in FLOW_COPY_IPV6_ADDR_TO_PACKET	11 years ago
Victor Julien	2a4f821284	Fix 2 unittests	11 years ago
Victor Julien	8516000208	Minor code cleanup/fixes to fast pattern unittests cppcheck: [detect-fast-pattern.c:1183] -> [detect-fast-pattern.c:1183]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1217] -> [detect-fast-pattern.c:1217]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1449] -> [detect-fast-pattern.c:1449]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1479] -> [detect-fast-pattern.c:1479]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1509] -> [detect-fast-pattern.c:1509]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1539] -> [detect-fast-pattern.c:1539]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1570] -> [detect-fast-pattern.c:1570]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1686] -> [detect-fast-pattern.c:1686]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1716] -> [detect-fast-pattern.c:1716]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1746] -> [detect-fast-pattern.c:1746]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1776] -> [detect-fast-pattern.c:1776]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1806] -> [detect-fast-pattern.c:1806]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1836] -> [detect-fast-pattern.c:1836]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1866] -> [detect-fast-pattern.c:1866]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1896] -> [detect-fast-pattern.c:1896]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:1926] -> [detect-fast-pattern.c:1926]: (style) Same expression on both sides of '&'. [detect-fast-pattern.c:2022] -> [detect-fast-pattern.c:2022]: (style) Same expression on both sides of '&'.	11 years ago
Victor Julien	af311aee4e	Minor fix for detection engine setup error check cppcheck said: [detect-engine-mpm.c:2075] -> [detect-engine-mpm.c:2075]: (style) Same expression on both sides of '\|\|'.	11 years ago
Victor Julien	974e86e450	Minor pppoe cleanup cppcheck said: [decode-pppoe.c:58] -> [decode-pppoe.c:60]: (performance, inconclusive) Variable 'pppoedh' is reassigned a value before the old one has been used if variable is no semaphore variable.	11 years ago
Victor Julien	209946b07c	Fix broken check in stream.max-synack-queued parsing (coverity 1038103)	11 years ago
Victor Julien	bec59f426e	Fix sanity check in AppInspectionEngine registration code	11 years ago
Jason Ish	2953b3f640	Feature #901 - VLAN defrag support. Take VLAN IDs into account when re-assembling fragments. Prevents fragments that would otherwise match, but on different VLANs from being reassembled with each other.	11 years ago
Ken Steele	2d3dc23026	Correct indentation and wording of comments.	11 years ago
Ken Steele	a63b87df9e	Clean up function syntax Remove space before ( in function names. Put { on new line. Make tests static.	11 years ago
Anoop Saldanha	619414c59e	Add a /* fall through */ comment for all switch case fall throughs. This should server as a message to coverity that the fall through is intentional.	11 years ago
Victor Julien	b6efaeb0c0	storage: fix freeing storage Fix freeing storage. Also add workaround for unittests that don't (fully) setup storage. Bug #991.	11 years ago
Victor Julien	37669bfdd2	threshold: register threshold host storage. Related to bug #991	11 years ago
Victor Julien	1b11165864	Reset both sides of the de_state on rule reload. Bug #998 .	11 years ago
Victor Julien	74d8d95f83	Don't initialize threshold before rules on delayed detect. Bug #999 .	11 years ago
Victor Julien	64203be3ba	iprep: fix reputation loading and reloading When an IP is listed in multiple categories, each new "load" would clear the previous loads for that IP. Bug #976	11 years ago
Victor Julien	c583c9e205	tag: fix session seconds tracking Fix bug #995. Tag time setting was initialized using "usec" field instead of "sec" field. This led to immediate timing out of tag. Added proper matching unittests for all tagging types. Bug #995.	11 years ago
Victor Julien	1822a897ff	tag: add some debug statements	11 years ago
Victor Julien	a26243a23c	Clean up rule reload logging	11 years ago
Anoop Saldanha	b24fb72247	fix for bug #987 . We don't support jabber protocol detection atm. Disable the code check inside suricata to check if jabber protocol detection is enabled in the yaml file. Also updated an error log message for app layer.	11 years ago
Anoop Saldanha	83a72d50dd	API renaming/beautification.	11 years ago
Anoop Saldanha	1ea5d27508	Fix for bug #989 . In case of recursive call to protocol detection from within protocol detection, and the recursively invoked stream still hasn't been ack'ed yet, protocol detection doesn't take place. In such cases we will end up still calling the app layer with the wrong direction data. Introduce a check to not call app layer with wrong direction data. When sockets are re-used reset all relevant vars correctly. This commit fixes a bug where we were not reseting app proto detection vars. While fixing #989, we discovered some other bugs which have also been fixed, or rather some features which are now updated. One of the feature update being if we recieve wrong direction data first, we don't reset the protocol values for the flow. We let the flow retain the detected values. Unittests have been modified to accomodate the above change.	11 years ago

1 2 3 4 5 ...

4389 Commits (e416b2cdfbd28cb6ea6946f1040ac49838f5a34c) All Branches Search

4389 Commits (e416b2cdfbd28cb6ea6946f1040ac49838f5a34c)

All Branches