aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,011 Commits
7 Branches
155 Tags
192 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'eb4c71fdd6'
${ noResults }
Commit Graph

12011 Commits (eb4c71fdd6d3eedba19d4503925910a6939b8e1a)
 

Author SHA1 Message Date
Juliana Fajardini eb4c71fdd6 ippair/bit: fix formatting 4 years ago
Juliana Fajardini e7c1c3c374 ebpf/util: change flow storage to new 'id' type 4 years ago
Juliana Fajardini 3b1a653467 device/storage: use dedicated 'id' type 
- Wrap the id in a new LiveDevStorageId struct, to avoid id
 confusion with other storage API calls.
- Formatting fixes by clang.
 4 years ago
Juliana Fajardini 68b8b3d63e detect/engine-tag: fix typo 4 years ago
Juliana Fajardini b807059c34 host/storage: use dedicated 'id' type 
- Wrap the id in a HostStorageId struct to avoid id confusion
with other storage API calls.
- Fix formatting with clang script.
 4 years ago
Juliana Fajardini cf516de587 ippair/storage: use dedicated 'id' type 
- Wrap the id in a new IPPairStorageId struct, to avoid id
confusion with other storage API calls.
- Formatting fixes by clang.
 4 years ago
Jeff Lucovsky aa9ad56a5b output/log: Removed pcie (Tilera) log vestiges 
This commit removes the last remnants of the Tilera log output mechanism
(unsupported since 5.0.x).
 4 years ago
Jeff Lucovsky 38ae21a196 output/log: Ensure files closed in threaded mode 
This commit ensures that file objects are closed in threaded mode.
 4 years ago
Victor Julien bc667a4a93 flow/storage: use dedicated 'id' type 
Wrap the id in a new FlowStorageId struct to avoid id confusion with other
storage API calls.
 4 years ago
Philippe Antoine d2d0e0adc9 rust: remove exported unused functions 4 years ago
Victor Julien 4b3be24506 app-layer/expectation: clean up storage id logic 4 years ago
Philippe Antoine 68d6922e3c ftp: fixes leak with duplicate expectation 4 years ago
Philippe Antoine cd8c2ef994 fuzz: use stream.midstream=true 4 years ago
Philippe Antoine e9b76a0e66 fuzz: specify protocol with fuzz target name 
cf https://redmine.openinfosecfoundation.org/issues/4125

This allows fuzz_applayerparser_parse to fuzz one specific
app-layer protocol based on the binary name, as is done
with the environment variable FUZZ_APPLAYER
That is if we rename/copy to fuzz_applayerparser_parse_smb,
it will fuzz only SMB protocol
This way, we can easily produce different fuzz targets for
each protocol in oss-fuzz
 4 years ago
Philippe Antoine 6da9a37285 rdp: correctly returns incomplete in parse_tc 
Adding the already consumed bytes
In case an incomplete tls handshake is handled with/after
a refular rdp t123_tpkt
 4 years ago
Philippe Antoine 3de0123ffb http2: adds check about dynamic headers table size 4 years ago
Andreas Herz c93073c246 rules: add newer rule files to makefile for release tarball 4 years ago
Jeff Lucovsky 2893b04ab0 general: Typo cleanup 4 years ago
Jeff Lucovsky 02ceac8b8d detect/threshold: Improve threshold.config perf 
This commit improves performance when parsing threshold.config by
removing a loop-invariant to create a one-time object with the parsed
address(es).

Then, as needed, copies of this object are made as the suppression
rule(s) are processed.
 4 years ago
Jeff Lucovsky e873632a28 detect/threshold: Function to deep-copy thresh obj 
This commit adds a function to make a deep copy of a DetectThresholdData
object.

The function is used when parsing threshold.config items to make a
one-time object and then add copies as needed.
 4 years ago
Jeff Lucovsky 11f9cc6524 detect/address: Expose DetectAddressCopy function 4 years ago
Philippe Antoine 1ca4f041bb http2: pass data through when decompression fails 
as is done for HTTP1
 4 years ago
Jeff Lucovsky ef62761e8c threshold-config: Improve support for big IP lists 4 years ago
Juliana Fajardini c6a35d09b7 templates: fix typos 
- *template*files[ch][rs]: fix typos
- scripts/setup-app-layer: fix typos
 4 years ago
Juliana Fajardini 4748826dc7 scripts/setup-app-layer: fix Makefile.am patch 
adjust lines for patching /src/Makefile.am, as current generated
Makefile wasn't building Suricata.
Add suggestion to run "./configure" before running "make".
Add --logger and --parser options to examples.
 4 years ago
Jason Ish 877e5214b8 logging: removed unused logger IDs 
- pre-json dns logger
- unified2
- pre-json drop logger
 4 years ago
Jason Ish 6853bf98fb dns: only register a single logger 
DNS no longer requires a logger to be registered for to-client and
to-server directions. This has not been required with the stateless
design of the Rust DNS parser.
 4 years ago
Victor Julien b1fee90392 output/tx: add warning to avoid future bugs 4 years ago
Victor Julien 3cc3df2172 output/tx: move eof checks out of logging loop 4 years ago
Victor Julien b05bd058e9 app-layer: minor code cleanups 4 years ago
Victor Julien 1098e3b7c6 app-layer: remove conditional logic around API calls 
Remove logic that suggested some API calls could be conditional,
even though Suricata wouldn't even start up if they weren't
registered.
 4 years ago
Jason Ish 4d5d7b4bd3 eve/netflow: use generic json context 4 years ago
Jason Ish a68d50608b eve/flow: use generic json context 4 years ago
Jason Ish 67c4621bdb eve/ftp: use generic json context 
The FTP logger contained no extra data in its context so the
generic json context can be used.
 4 years ago
Jason Ish 2d78afe4b0 eve: refactor CreateEveHeaderWithTx to include common options 4 years ago
Jason Ish 06ba611667 eve cleanup: remove duplicate/redundant code 
The first change was to have CreateEveHeader add the common options
as this was left out in a few loggers. While update all the loggers
that use CreateEveHeader, remove redundant code, in particular
from loggers that don't need to use their own context but
can use the generic one.
 4 years ago
Jason Ish 64330498f8 eve/mqtt: fix mqtt logging with threaded eve 
Mqtt was not setting up a per-thread file context for logging
in threaded mode, leading a crash when used in threaded mode.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4404
 4 years ago
Jeff Lucovsky dd8eeb6353 general: Correct typos 4 years ago
Jeff Lucovsky 11ec61d0b4 thresholds: Improve validation of threshold.config 
This commit improves the handling of threshold.config. When used with
"-T", a non-zero return code occurs when the file cannot be validated.

To maintain legacy behavior, when "-T" is not used and threshold.config
contains one or more invalid lines, Suricata continues execution.
 4 years ago
Jeff Lucovsky cb03455c04 error: Add code for threshold config validation 
This commit adds a new warning code for threshold config file validation
failures.
 4 years ago
Eric Leblond a73b5f0ea5 eve/ike: restore common option logging 4 years ago
Philippe Antoine 2997be6707 sslv2: precise detection pattern with probing parser 4 years ago
Philippe Antoine e8415f249b fuzz: adds structure aware target 
so as not to fuzz libpcap
and generate structure aware signatures
 4 years ago
Philippe Antoine 0105d4f017 rust: bump bitflags dependency version 
So that lexical-core, needed by nom, and using bitflags
is used with version 0.7.5 instead of version 0.7.0
which fixed the fact that BITS is now a reserved keyword
in nightly version
 4 years ago
Philippe Antoine cb150e97d0 kerberos: fix probing parser tag condition 
according to the comment
 4 years ago
Jason Ish abb3cc85d5 install: better warning on install-full and don't fail 
If suricata-update is not available on "make install-full", don't
exit 1, instead give the reason why its not installed, but still
succeed the install.
 4 years ago
Victor Julien ae29804a28 github-ci: add libnet to ubuntu-20-04-cov-sv builder 4 years ago
Victor Julien 398ebf9345 eve/drop: use highest priority drop 
When adding the alert to a drop record make sure the add the highest
priority.

It would until now add all drops from high to low prio, effectively
overwriting the record each time.

Ticket #4397
 4 years ago
Victor Julien 6cf44fc839 detect/alert: apply pd only actions to flow 
Ticket #4394
 4 years ago
Victor Julien 6c594d29db detect/alert: minor code refactor 
Use a simpler reject check and move logic into util func.
 4 years ago