aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,561 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fa6d41ca66'
${ noResults }
Commit Graph

13561 Commits (fa6d41ca6625aa62222a01b5a18a09475c6a4e50)
 

Author SHA1 Message Date
Victor Julien fa6d41ca66 filestore: remove obsolete checks 2 years ago
Victor Julien 0b3053a376 filestore: fix empty file not opening, but trying to close 2 years ago
Victor Julien 23323a961f app-layer: reduce app cleanup and output-tx calls 
Track packets that updated the app-layer, and for those run
the transaction housekeeping and output-tx logging loops.

Do the same of end of flow packets.

This skips needless iterations over the transaction stores.
 2 years ago
Victor Julien 4bb7f827e0 output/tx: minor cleanups/optimizations 2 years ago
Victor Julien 39cf5b151a src: includes cleanup 
Work towards making `suricata-common.h` only introduce system headers
and other things that are independent of complex internal Suricata
data structures.

Update files to compile after this.

Remove special DPDK handling for strlcpy and strlcat, as this caused
many compilation failures w/o including DPDK headers for all files.

Remove packet macros from decode.h and move them into their own file,
turn them into functions and rename them to match our function naming
policy.
 2 years ago
Victor Julien 3e2295a963 detect: clean up detect-engine-state.h 
Remove prototypes that are not about purely the data structures.
 2 years ago
Victor Julien ad0a29cabc detect: remove wrapper func 2 years ago
Victor Julien 1dd0a2fed6 detect: move DetectTransaction to header its used in 2 years ago
Victor Julien 41265a859e detect/files: optimize file.data by skipping non-file txs 
As well as 'file' txs not in our direction.

Implement the same logic for file.name and file.magic prefilter engines.
 2 years ago
Victor Julien db0f9ddc69 files/tx: inspection, logging and loop optimizations 
Introduce AppLayerTxData::file_tx as direction(s) indicator for transactions.
When set to 0, its not a file tx and it will not be considered for file
inspection, logging and housekeeping tasks.

Various tx loop optimizations in housekeeping and output.

Update the "file capable" app-layers to set the fields based on their
directional file support as well as on the traffic.
 2 years ago
Victor Julien 3263202094 detect/tx: add AppLayerTxData to PrefilterTx 
In preparation of some file inspection optimizations, for which we need the
tx data.

Update all users.
 2 years ago
Victor Julien 602c39ed01 files: remove unused code 2 years ago
Victor Julien b1c22169f8 files: don't set NOSTORE in 'store all' case 2 years ago
Victor Julien d39a79b6f2 smtp: remove bad tests 2 years ago
Victor Julien 79499e4769 app-layer: move files into transactions 
Update APIs to store files in transactions instead of the per flow state.

Goal is to avoid the overhead of matching up files and transactions in
cases where there are many of both.

Update all protocol implementations to support this.

Update file logging logic to account for having files in transactions. Instead
of it acting separately on file containers, it is now tied into the
transaction logging.

Update the filestore keyword to consider a match if filestore output not
enabled.
 2 years ago
Victor Julien 01e64d80da app-layer: trunc parser per direction 2 years ago
Victor Julien ff9d1807f9 app-layer: parser flags to u16 2 years ago
Victor Julien a1d728bb65 app-layer: specify direction in tx cleanup 
In preparation of per tx files storage.
 2 years ago
Victor Julien c27df6304d app-layer: introduce common AppLayerStateData API 
Add per state structure for storing flags and other variables.
 2 years ago
Victor Julien 96b642c32d file: minor debug updates 2 years ago
Victor Julien 2218a3716e file: clean up file flags handling 2 years ago
Victor Julien 408b64558f files: debug log flags 2 years ago
Victor Julien bdbaaa3b24 lua: store id with tx ptr 2 years ago
jason taylor db5cf1f8f9 userguide: Add rule file globbing option details 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
dependabot[bot] 7771402a3a github-actions: bump codecov/codecov-action from 3.1.0 to 3.1.1 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](81cd2dc814...d9f34f8cd5)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
dependabot[bot] 5490fe00ab github-actions: bump ossf/scorecard-action from 2.0.3 to 2.0.4 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](865b409285...e363bfca00)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2 years ago
Sascha Steinbiss 8438ee48aa decode-ipv4: adjust validation to RFC 
RFC1108 only specifies a minimum field length of 3, not
a fixed length of 11.
 2 years ago
Sascha Steinbiss fb790121bb decode-ipv4: implement extended security option 
IP option 0x85 (extended security) is mentioned in the
documentation for the ipopts keyword but was not implemented.
 2 years ago
Philippe Antoine eb155639c6 ci: build with -Wimplicit-int-conversion 
Seems to have got lost on the way in CFLAGS
 2 years ago
Philippe Antoine ae6abd8ca3 ssl: fix compiler warning 
implicit conversion loses integer precision: 'int' to 'uint16_t'
because C shifts << translates automatically to signed integers
 2 years ago
Victor Julien 879a46f085 rust: lock to time 0.3.13 to avoid MSRV bump to 1.59 
Indirect dependency through x509-parser.
 2 years ago
Pierre Chifflier 16db04c1a7 rust: remove nom 5 dependency 2 years ago
Pierre Chifflier 0acf75bff7 rust/applayertemplate: convert to nom7 2 years ago
Pierre Chifflier 378e915846 rust/asn1: convert parsers to nom7 2 years ago
Pierre Chifflier 0ba0572c4a rust/x509: finish transition to nom7 2 years ago
Pierre Chifflier 3ef5121ab0 rust/telnet: convert parsers to nom7 2 years ago
Pierre Chifflier d98b386f36 rust/conf: convert parser to nom7 2 years ago
Pierre Chifflier db9a1e17b6 rust/ssh: finish transition to nom7 2 years ago
Pierre Chifflier b31c72c06a rust/rdp: convert parsers to nom7 2 years ago
Pierre Chifflier 49520b2143 rust/rdp: upgrade dependency on tls-parser 2 years ago
Pierre Chifflier beadd090b8 rust: upgrade versions of BER/DER, Kerberos and SNMP parsers 2 years ago
Jason Ish baab1de735 rust: update x509-parser to 0.14.0 
Resolves RustSec issues in time and chrono:
- https://rustsec.org/advisories/RUSTSEC-2020-0071
- https://rustsec.org/advisories/RUSTSEC-2020-0159

Ticket: #5259.

Ammended by Victor Julien to bump to 0.14 instead of 0.13.
 2 years ago
Pierre Chifflier 3aace49649 rust/x509: update dependency on x509-parser 2 years ago
Victor Julien b06c0579f5 stream: fix reachable assertion 
Fix `Flow::thread_id` not always getting properly set up, leading to
a reachable assertion.

Bug #4582.
 2 years ago
Juliana Fajardini 7b0008d4f0 userguide: add section about exception policies 
This describes briefly what the exception policies are, what is the
engine's behavior, what options are available and to which parts are
they implemented.

Task #5475
Task #5515
 2 years ago
Juliana Fajardini 6f294f2f2d userguide: minor rewording and typo fixes 
Some of these were recently introduced, some were highlited after the
applayer sections got merged. Some paragraphs seem to have been changed
due to trying to respect character limits for lines. Also includes a
typo pointed out by one of our community members via Discord.
 2 years ago
Juliana Fajardini 9d9bc04886 stream/tcp: typo fix 2 years ago
jason taylor 489af24132 detect: update ttl debug log messages 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 2 years ago
Jeff Lucovsky ab4d0f7f4a detect/stream_size: Rename detect.rs to stream_size.rs 
This commit renames detect.rs to stream_size.rs to reflect its content.
 2 years ago
Jeff Lucovsky 2386f2614f detect/iprep: Move iprep logic into a separate module 2 years ago