aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,851 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ed4823bbe8'
${ noResults }
Commit Graph

9851 Commits (ed4823bbe8d33bdfc24c858433023bf07e6aa7cf)
 

Author SHA1 Message Date
Jeff Lucovsky 462a4e2b5b detect/analyzer: Improve warning message 
This changeset modifies the warning printed when a rule
is determined to detect in both directions.
 6 years ago
Eric Leblond 5d76f0897c af-packet: remove rollover reference 
This patch removes reference to rollover in the configuration file
and add warnings when it is used.
 6 years ago
Philippe Antoine 037d50ef06 signature: fix overflow in parsing 6 years ago
Philippe Antoine 3e12066819 http: adds events for each libhtp log 
Fixes #997
 6 years ago
Mats Klepsland 3c57ac144c detect-ssl-version: move unittests to tests/ 6 years ago
Mats Klepsland 238797cc66 detect-ssl-state: move unittests to tests/ 6 years ago
Mats Klepsland 479e73b98e detect-tls-version: move unittests to tests/ 6 years ago
Mats Klepsland 767bde5e74 detect-tls-cert-validity: move unittests to tests/ 6 years ago
Mats Klepsland a260a57b68 detect-tls-sni: move unittests to tests/ 6 years ago
Mats Klepsland adb4da3975 detect-tls-ja3-string: move unittests to tests/ 6 years ago
Mats Klepsland 74a7b7e3cf detect-tls-ja3-hash: move unittests to tests/ 6 years ago
Mats Klepsland 5d3b94b3e4 detect-tls-cert-subject: move unittests to tests/ 6 years ago
Mats Klepsland 0d728ee4c6 detect-tls-cert-serial: move unittests to tests/ 6 years ago
Mats Klepsland e125e58c97 detect-tls-cert-issuer: move unittests to tests/ 6 years ago
Mats Klepsland 3646234ac5 detect-tls-cert-fingerprint: move unittests to tests/ 6 years ago
Mats Klepsland 12d37b8b2c detect-tls: tidy up unittests 
By doing the following:
- removing unnecessary locks
- moving variable declarations
- removing redundant function 'SigCleanSignatures'
 6 years ago
Mats Klepsland 15012fc908 ja3: check if JA3 is disabled on one line 6 years ago
Mats Klepsland 285855d928 detect-tls: remove NULL settings from keyword registration 6 years ago
Mats Klepsland 008f08c1b3 detect-tls: declare ssl_state as const in GetData() 6 years ago
Mats Klepsland 0f7f35bd85 detect-tls: check return values of functions on setup 
Check the return values of DetectBufferSetActiveList() and
DetectSignatureSetAppProto().
 6 years ago
Mats Klepsland 1c04d7cdae detect-tls: remove confusing underscores from variables 
Remove confusing underscore prefix from variables in GetData() for
all tls keywords.
 6 years ago
Mats Klepsland 7020cffaa8 userguide: 'sticky' instead of 'Sticky' for all tls keywords 6 years ago
Jeff Lucovsky de983fb7c9 app-layer-ftp: Potential memory leak fixed 
Ensure that when handling failures during STOR command
processing, that all memory is freed on the error path.
 6 years ago
Mats Klepsland 03d986dd55 userguide: add documentation for tls.certs keyword 6 years ago
Mats Klepsland ba857e9739 detect: add tls.certs keyword 
Add keyword to do "raw" matching on each of the certificates in the
TLS certificate sticky buffer.

Example:
  alert tls any any -> any any (msg:"tls.certs test"; tls.certs; \
          content:"|01 02 03 04|"; sid:1;)
 6 years ago
Victor Julien edae50de94 detect/ssh: fix ssh.protoversion memory leak 6 years ago
Victor Julien 567a7c3cef detect/ssh: mark old ssh keywords as deprecated 6 years ago
Victor Julien d623dc4ac0 detect/parse: add flag to indicate keyword is deprecated 
Issue warning when it is still used.
 6 years ago
Victor Julien b84eba80aa detect/nfs.version: minor cleanups 6 years ago
Victor Julien 2ea11da230 detect/nfs: add nfs.version 6 years ago
Victor Julien 3299f007f8 detect/dcerpc: add dcerpc.iface 
Keep dce_iface as an alias.
 6 years ago
Victor Julien cdff1d50b7 detect/dcerpc.opnum: minor code cleanups 6 years ago
Victor Julien 6840e5c7df detect/dcerpc: add dcerpc.opnum as new name for dce_opnum 6 years ago
Jeff Lucovsky cc492c50c8 eve/logging: disable anomaly logging by default 
Disable anomaly logging by default. Networks with excessive issues may
experience packet processing degradation.
 6 years ago
Philippe Antoine b6b7778e2d http: adds event for header repetition 6 years ago
Jason Ish 9d8eb7b5f0 filestore: remove jansson ifdefs 
Jansson is now required.
 6 years ago
Jason Ish 3dc973d4b1 eve/file: remove rust and jansson ifdefs. 
Both Rust and Jansson are required now.
 6 years ago
Jason Ish 42c327adc4 filestore: fix leak in contructing json 
Use json_array_append_new instead of json_array_append to transfer
ownership of the integer object to jansson so it gets freed.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2961
 6 years ago
Victor Julien ddfcf76c57 detect/engine: make DetectAppLayerMpmRegister decprecated 6 years ago
Victor Julien 752bb1c410 detect/dnp3: add dnp3.data with v2 api support 
Adds MPM support as well. Add TxDetectFlags support to the parser
to avoid duplicate matches.
 6 years ago
magenbluten 09a21627d5 filestore: fix dropping of unwanted files (Issue #2853) 6 years ago
Victor Julien 9132e4032a files: open files with track id only 6 years ago
Victor Julien 3b31bad855 detect/dce_stub_data: add dcerpc.stub_data 
Also use v2 API for inspect and mpm registration.
 6 years ago
Victor Julien d270a7603a detect/inspect: add flags to inspect buffer 6 years ago
Victor Julien 32fb7d773a detect/content-inspect: turn void arg into Packet 
Replace the 'void *data' argument by a 'Packet *p' as this was
the only user left of the data pointer.
 6 years ago
Victor Julien b7a7517273 detect/dce_stub_data: minor cleanups 6 years ago
Victor Julien 55db6d6fb4 detect/dcerpc: move endian handling from pointer to flags 6 years ago
Victor Julien b2638f7195 detect/krb5: add krb5.sname and krb5.cname 6 years ago
Victor Julien aefce4d761 detect/nfs: remove HAVE_RUST guards 6 years ago
Victor Julien da45d92c54 valgrind: support hyperscan warning 
Issue on Ubuntu 19.04.

==18655== Conditional jump or move depends on uninitialised value(s)
==18655==    at 0x5454603: hs_alloc_scratch (in /usr/lib/x86_64-linux-gnu/libhs.so.5.1.0)
==18655==    by 0x3D5C9A: SCHSPreparePatterns (util-mpm-hs.c:707)
==18655==    by 0x215FEC: DetectMpmPrepareBuiltinMpms (detect-engine-mpm.c:364)
==18655==    by 0x20813A: SigGroupBuild (detect-engine-build.c:1932)
==18655==    by 0x21287B: SigLoadSignatures (detect-engine-loader.c:366)
==18655==    by 0x35A702: LoadSignatures (suricata.c:2419)
==18655==    by 0x35B0DD: PostConfLoadedDetectSetup (suricata.c:2574)
==18655==    by 0x35C827: main (suricata.c:2986)

https://github.com/intel/hyperscan/issues/148
 6 years ago