aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,544 Commits
7 Branches
155 Tags
194 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f9840b513d'
${ noResults }
Commit Graph

10544 Commits (f9840b513d1b295eb6977fa9971472d427086487)
 

Author SHA1 Message Date
Jeff Lucovsky ae198add6d detect/analyzer: Refactor engine analysis code 
This commit changes the analysis code to be table driven to better
identify the rule elements covered by the analysis.
 5 years ago
Philippe Antoine 6e63c957ff signature: Fixes memory leak in parsing app layer event 5 years ago
Jason Ish fccbd36d37 dns: log addresses in flow direction, not packet 
Ticket #3340.
https://redmine.openinfosecfoundation.org/issues/3340
 5 years ago
Victor Julien 0824b04134 filestore: don't assume flow is TCP 
Filestore can be used by UDP based protocols as well. NFSv2 is one
that Suricata supports.

Bug #3277.
 5 years ago
Victor Julien 2a55afbd89 decode/pppoe: fix potential crash in debug statement 5 years ago
Victor Julien 51ad701d8e version: starting work on 5.0.1 5 years ago
Victor Julien 2ab7fb4b41 version: automate and cleanup ver handling 
Create a single function to return the version string, to avoid lots
of ifdefs in multiple places.

Make the version determine the 'release' status. If the version from
autoconf has '-dev' in the name, it is not a release. If it hasn't
it is considered a release version.
 5 years ago
Victor Julien 51ec980e80 dataset: fix string length handling in hash 5 years ago
Eric Leblond 1721da91ef dataset: fix hash computation 5 years ago
Victor Julien 64a789bbf6 nfq: clear memory of queue before using it 
Avoids using uninitialized memory. Show showed itself
in nonsense values in counters, and in nfq_handle_packet
errors that were likely the result of passing uninitialized
memory to the nfq API.

Bug 3263.
Bug 3120.

Fixes: b2a6c60dee ("source-nfq: increase maximum queues number to 65535")
 5 years ago
Victor Julien 2fd1174a56 nfq: micro optimization 5 years ago
Victor Julien 9d6087f7d6 nfq: don't warn on 'handle_packet' error 
NFQ can generate warnings/errors with a delay. After Suricata has
succesfully passed a verdict to the kernel, there are still things
that can go wrong for that verdict. This is then passed to the
queue through a netlink error message, which leads to nfq_handle_packet
returning an error code.

Suppress the warning. Also remove the errno/strerror use as
nfq_handle_packet does not set the errno.

Thanks to Florian Westphal.

Bug 3120.
 5 years ago
Victor Julien f8acad7fca nfq: code cleanups 5 years ago
Alexander Gozman f280e66f84 nfq: check for EAGAIN after recv() call in NFQRecvPkt() 5 years ago
Victor Julien 4cc90e9a4c nfq: minor code cleanups 5 years ago
Victor Julien 01cea2ec89 datasets: suppress noisy debug statement 5 years ago
Victor Julien 505b2dd256 log-pcap: don't print (null) for compression method 5 years ago
Victor Julien fb26268c6b tcp: don't set event on empty SACK opt 
TCP_OPT_INVALID_LEN was set if the opt len was 2. While useless
an empty SACK is not uncommon.

Seen on an iOS device talking to an Apple server.

Bug #3254.
 5 years ago
Victor Julien aae76a84cd suricata: use version from autoconf 5 years ago
Eric Leblond 9ef2f81ee7 doc/userguide: fix typo 5 years ago
Eric Leblond 821d590f5b doc/userguide: fix base64 example 
Add a sticky buffer example and fix the content modifier one.
 5 years ago
Eric Leblond 2d11e9394c detect-base64: fix url in list keywords commands 5 years ago
Pascal Delalande 8e6a2bd42e doc: removal of disable-rust and path typo for suricatasc 5 years ago
Jason Ish 6eada54fc8 eve/dns: don't log warning if dns log version not set 
If the DNS log version is not set, we default to v2. This should
not be warning, but better logged at the config level.

A warning will still be logged if the value is set but is not
1 or 2.
 5 years ago
Philippe Antoine 989a6461b0 signature: leak fix in DetectAddressParse2 5 years ago
Philippe Antoine c1e41632c1 config: use logging instead of stderr 5 years ago
Wesley van der Ree bf1b65558b mpls: Allow MPLS after vlan. 
Fixes #2771
 5 years ago
Victor Julien 7cca9005fb dns: minor cleanup 5 years ago
Victor Julien 4164c0bbd6 app-layer: make dns,smb,tls parsers less noisy w/o config 5 years ago
Victor Julien 0526878fee detect/tls: set alternatives for legacy tls keywords 5 years ago
Victor Julien 3019f10ac7 detect/tls: tls.cert_fingerprint is a sticky buffer 
Not a content modifier.
 5 years ago
Victor Julien d5ae68afc2 doc: fix version in install doc 5 years ago
Victor Julien 1c27a99827 doc: add upgrade page 5 years ago
Victor Julien 697410cbbf changelog: update for 5.0.0 5 years ago
Victor Julien 3b5b71afa0 changelog: update 5.0rc1 section with missing entries 5 years ago
Jason Ish 412ae11bad automake: use tar-ustar for longer filenames 
According to the automake manual it should be considered
portable these days.

https://www.gnu.org/software/automake/manual/html_node/List-of-Automake-options.html

Required for the dist generation with Rust vendoring.
 5 years ago
Jason Ish 718fcbb682 doc: document eve/dns v2 as the default 
Adds eve/dns v2 format documentation. Update legacy format
to require the version field.
 5 years ago
Jason Ish 16221c0b33 suricata.yaml/dns: small cleanups, not that default is v2 
Note that the eve dns log format is version 2 by default.

Make the value of commented out values their default.

Update the comment on the types to better reflect what it does.
 5 years ago
Jeff Lucovsky 42452b327c mem: Use correct len with strlcpy 5 years ago
Fabrice Fontaine b026fbb519 configure.ac: fix static build with pcap 
pcap can depends on nl-3 so use pkg-config to find these dependencies
otherwise all AC_CHECK_LIB calls will fail when building statically

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 5 years ago
Jason Ish 8cf4afabc3 Makefile: prefix suricata-update error with @ 
So only the echo output is displayed. Not the lines themselves.
 5 years ago
Jason Ish 03da49bfaa suricata-update: don't install if requirements not met 
Don't try to run suricata-update if its not installed.

The 'make install-rules' target would try to run suricata-update
when it was detected that it was bundled, but didn't consider
if suricata-update was actually installed.
 5 years ago
Victor Julien d19ded6c43 stream: fix progress for min_inspect_depth 
Make sure progress don't exceed raw_progress.
 5 years ago
Victor Julien 5f15e7c6a4 smtp: implement min_inspect_depth logic 
Implement min_inspect_depth for SMTP so that file_data and
regular stream matches don't go out of sync on the stream start.

Added toserver bytes tracking.

Bug #3190.
 5 years ago
Victor Julien 58e48bcb87 debug: make it easier to trace flush logic 5 years ago
Victor Julien 728d19eaac configure: don't print ERROR if we don't exit 5 years ago
Victor Julien 876f05aa28 eve/dhcp: remove leftover template comments 5 years ago
Victor Julien 9716c24ba1 eve/alert: clean up proto metadata 
Use a switch statement to select the protocol specific function.
 5 years ago
Victor Julien f66e12f7af dns: rename rust files and funcs 5 years ago
Victor Julien 842037d327 jansson: remove explicit <jansson.h> includes 
Header is included from suricata-common.h
 5 years ago