aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,851 Commits
7 Branches
155 Tags
200 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ed4823bbe8'
${ noResults }
Commit Graph

9851 Commits (ed4823bbe8d33bdfc24c858433023bf07e6aa7cf)
 

Author SHA1 Message Date
Victor Julien 2f1ace64c6 flow: on timeout, consider reverse flows for pseudo packets 6 years ago
Victor Julien 4d6e6b8270 flow: introduce flow swap support 6 years ago
Victor Julien 0225ab3828 common: introduce flags and var swapping macros 6 years ago
Victor Julien d307cfad05 packet: add 'swap' function to reverse direction 6 years ago
Victor Julien d5baac3f85 detect/flow: don't require flow for direction options 
Flow isn't directly used for direction checks, so don't require
a flow to be present.
 6 years ago
Victor Julien c1dcc26965 detect/parse: improve direction setting on sigs 
Only set both directions if no direction has been explicitly set before.
 6 years ago
Victor Julien 9a14cb252d detect/bytetest: debug cleanup 6 years ago
Victor Julien cb9b27ab89 app-layer/pd: free memory 6 years ago
Victor Julien 39725907d6 detect: remove BUG_ON from packet path 6 years ago
Victor Julien 042f806362 detect: fix match array reset 
Fix match array reset depending on prefilter matches for the
current run. If there were none, the match array of the previous
packet was used. This could lead to inspection of rules from the
wrong rule group.
 6 years ago
Victor Julien 05d9527d01 app-layer/profile: fix udp protocol detection profiling 6 years ago
Victor Julien f44bbd71f5 app-layer/udp: micro optimization 6 years ago
Jeff Lucovsky 6123d77527 Fix memory leak with TOS handling 
Use `pcre_copy_substring` to avoid memory allocations when parsing
TOS values.
 6 years ago
jason taylor 1f3dd85216 pfring: update bpf error handling to be consistent 
* updated bpf error handling to be consistent with af-packet
* minor internal doc updates

Signed-off-by: jason taylor <jtfas90@gmail.com>
 6 years ago
Giuseppe Longo d0e2420faf reputation: move unit tests 
UTs are moved inside "test/" directory,
and reworked to improve readability and reduce lines of code.
 6 years ago
Giuseppe Longo 389227d899 detect-iprep: fix memory leaks 
Loading rules with iprep keyword cause
memory leaks due to missing frees.

Direct leak of 8 byte(s) in 4 object(s) allocated from:
    #0 0x7f81c862bd28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
    #1 0x7f81c6afea69 in pcre_get_substring (/lib/x86_64-linux-gnu/libpcre.so.3+0x27a69)
    #2 0x43206f7420676e68  (<unknown module>)

SUMMARY: AddressSanitizer: 8 byte(s) leaked in 4 allocation(s).
 6 years ago
Eric Leblond 58b804f7d2 flow-bypass: set thread name to FB 6 years ago
Eric Leblond abe2836caf suricata.yaml: fix name of encryption-handling var 6 years ago
Jason Ish a69afd5cf9 autoconf/python: check for distutils 
Require distutils to install the Python tools. Update the logic
to only install suricatactl (and suricatasc) if Python and
distutils are found. Suricata-Update will only be installed if
bundled, and python-distutils and python-yaml are found.
 6 years ago
Jason Ish a228986caa autoconf: prefer python 3 over python 2 
When looking for Python, prefer "python3" over "python2" and
"python".

Also add information about the Python path and version to the
./configure summary.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2808
 6 years ago
Victor Julien 69d0d484eb af-packet: don't use anonymous unions 6 years ago
Victor Julien acd9e1c2e7 af-packet: fix v3 code using v2 union member 6 years ago
Victor Julien 96c6cf98d5 doc/userguide: add 3rd-party-integration to dist 6 years ago
Pierre Chifflier f90733fe3f rust/ikev2: fix events not being raised in first message 
The `set_event` function requires that the transaction is already
inserted, or the event set is silently lost.
When parsing first IKEv2 message, first insert transaction, prepare
values, and borrow back inserted transaction to update it.
 6 years ago
Pierre Chifflier 27b0775d27 rules: fix event names for ikev2 (weak authentication and DH parameters) 6 years ago
Jason Ish db2ceb46dc travis: call make check in qa/coccinelle 
Was being skipped due to the way the tests are called on
travis to prevent Travis from failing on too much output.
 6 years ago
Jason Ish fff927fa4a travis/macos: use xcode 8.3 build image 
Travis retired the xcode 8.1 image and has already been
routing this build to the xcode 8.3 image.
 6 years ago
Jason Ish 08fb4d790e travis-ci/macos: install PyYAML and jq for verify 6 years ago
Jason Ish 9d86e9c54a travis: cache rust toolchain 6 years ago
Jason Ish e9d1e37f3d travis-ci: run suricata-verify on each build 6 years ago
Victor Julien f1c83c3308 doc/userguide: new 3rd party section, add bluecoat 
Add Symantec SSLV (bluecoat) doc to new 3rd party section for
documenting integrating Suricata with 3rd party tools.
 6 years ago
Bryant Smith 398133b6ce doc: add byte_* documentation to the userguide 
Added byte_test, byte_jump and byte_extract description and example rules
 6 years ago
Victor Julien 9948c96c68 stream/ips: set proper payload len for inspection 
On mem(cap) presure we fall back to the packet payload. The previous
patch failed to properly set the payload length.
 6 years ago
Victor Julien d6903e70c1 file-log: remove and add warning 
Feature was deprecated and scheduled for removal.

Ticket #2376
 6 years ago
Eric Leblond 83a8df90f3 doc: improvement of xbits documentation page 6 years ago
Eric Leblond 43ede4db7f doc: xbits:noalert is not a valid syntax 6 years ago
Eric Leblond 2b1fa53c66 detect-hostbits: error on some invalid config 6 years ago
Eric Leblond e09fa43ba5 detect-xbits: error on some invalid config 6 years ago
Eric Leblond 910c3691af detect-flowbits: error on some invalid syntax 
The regular expression was accepting something like
"flowbits:!isset,isma;" without complaining even if it is not
correct and don't have the expected result.
 6 years ago
Eric Leblond 033fbc0f85 suricata: fix list keywords URL in release mode 
The tags are suricata-X.X.X so we need to update the chain to get
URLs right.
 6 years ago
Shivani Bhardwaj bb08040df6 unix-socket: Fix the message for unregister-tenant-handler 6 years ago
Shivani Bhardwaj 2483331a5d doc/unix-socket: Add missing commands and detail 
Add missing commands and their corresponding details in unix-socket
userguide.

Closes redmine ticket #2800
 6 years ago
Shivani Bhardwaj 342f3d5eec suricatactl: Clean up parser, improve help 
So far the suricatactl parser was unclear about the options to use and
did not well display the required and optional param difference. Fix
that to make it legible for any user.

Before
```
└─ $ ▶ ./bin/suricatactl filestore -h
usage: suricatactl filestore [-h] {prune} ...

positional arguments:
  {prune}

optional arguments:
  -h, --help  show this help message and exit

└─ $ ▶ ./bin/suricatactl filestore prune -h
usage: suricatactl filestore prune [-h] [-d DIRECTORY] [--age AGE] [-n] [-v]
                                   [-q]

optional arguments:
  -h, --help            show this help message and exit
  -d DIRECTORY, --directory DIRECTORY
                        filestore directory
  --age AGE             prune files older than age
  -n, --dry-run         only print what would happen
  -v, --verbose         increase verbosity
  -q, --quiet           be quiet, log warnings and errors only
```

After
```
└─ $ ▶ ./bin/suricatactl filestore -h
usage: suricatactl filestore [-h] {prune} ...

positional arguments:
  {prune}     sub-command help
    prune     Remove files in specified directory older than specified age

optional arguments:
  -h, --help  show this help message and exit

└─ $ ▶ ./bin/suricatactl filestore prune -h
usage: suricatactl filestore prune [-h] -d DIRECTORY [--age AGE] [-n] [-v]
                                   [-q]

optional arguments:
  -h, --help            show this help message and exit
  -n, --dry-run         only print what would happen
  -v, --verbose         increase verbosity
  -q, --quiet           be quiet, log warnings and errors only

required arguments:
  -d DIRECTORY, --directory DIRECTORY
                        filestore directory
  --age AGE             prune files older than age, units: s, m, h, d
```
 6 years ago
Shivani Bhardwaj 2b05f315e1 suricatactl: Fix PyLint issues 
Pylint is a tool to make sure we do not regress the support for Python
3. The following conventions, warnings, errors, refactors have been
fixed.

W0301: Unnecessary semicolon (unnecessary-semicolon)
C0303: Trailing whitespace (trailing-whitespace)
W1401: Anomalous backslash in string
C0103: Variable name doesn't conform to snake_case naming style
R1705: Unnecessary "elif" after "return"
W1201: Specify string format arguments as logging function parameters
W0611: Unused import
R1710: Either all return statements in a function should return an expression, or none of them should
W0612: Unused variable
C0103: Method name doesn't conform to snake_case naming style
R0201: Method could be a function
 6 years ago
Shivani Bhardwaj ccea7fe50a suricatactl: Make code compatible with Python 3 
Call to suricatactl was failing with Python3 with the following error:
```
Traceback (most recent call last):
  File "bin/suricatactl", line 40, in <module>
    sys.exit(main())
  File "./suricata/ctl/main.py", line 50, in main
    args.func(args)
AttributeError: 'Namespace' object has no attribute 'func'
```
Fix this by making it run with Py3 just like it does with Py2.

Closes redmine ticket #2793
 6 years ago
Victor Julien c47164ebc8 doc: add table for custom values of eve/http 6 years ago
Victor Julien 74a42f683c eve/http: add proxy related custom headers 6 years ago
Victor Julien ac7ab4ef01 eve/http: fix custom header table 6 years ago
Victor Julien e99063b6b8 smtp: minor code cleanup and debug addition 6 years ago
Victor Julien bf905bcbca checksum: use u64 types 6 years ago