Commit Graph

1571 Commits (fc248ca7a11c75f471d25f5dad157e16820b4843)
 

Author SHA1 Message Date
William Metcalf 7006085195 udp decoding added icmp unreachables added to reject 16 years ago
Victor Julien 3f7195454b Big detection engine update. 16 years ago
Victor Julien ea5bb1c8d5 Small update and new tests for wu-manber. 16 years ago
Victor Julien ebf41c3b1e Remove obsolete decode-http files. 16 years ago
Victor Julien 3c1cd07296 todo file update 16 years ago
Victor Julien 1cb274a39a Update build sys 16 years ago
Victor Julien aecda426bf Update the wu-manber pattern matcher: it supports dynamic hash sizes and improves init times. 16 years ago
Victor Julien 54ffe2053e Large detection engine update. 16 years ago
Victor Julien 8b3d06fd92 Rename some detection engine related files. 16 years ago
Victor Julien f3a94413db Properly support 'alert ip' rules. Add support for handling ip only rules differently. 16 years ago
Victor Julien dee5ab1aa3 Fix uricontent mpm ctx comparison. 16 years ago
Victor Julien fed6926809 Small cleanups 16 years ago
Victor Julien dc48c58473 Switch to using a detection engine ctx. 16 years ago
Victor Julien 171c8c777d Group signatures by protocol. 16 years ago
Victor Julien 2c8e6a7c5a Allow CFLAGS to be overridden by ./configure. 16 years ago
Victor Julien e16e333601 Add GIT guide. 16 years ago
Victor Julien 3446566e44 Style cleanups for resets. 16 years ago
Victor Julien 45f83f7636 branching test 16 years ago
William Metcalf 0ffa1c2465 updates for configure.in, added reject code, some decode stuff for tcp 16 years ago
Victor Julien cdce794124 Update todo 16 years ago
Victor Julien 9e5049cddc Improve memory handling and parsing of the msg rule keyword. 16 years ago
Victor Julien eb1c4e4987 Large update to the detection engine. Greatly improve initialization speed and memory usage. 16 years ago
Victor Julien b1a13c89bd Improve memory handling of the pcre rule keyword. 16 years ago
Victor Julien a603577132 Small update to the pcre used for signature parsing. 16 years ago
Victor Julien 4484837aa8 Update todo. 16 years ago
Victor Julien 0489370f5b Big speedup of the initialization code for signatures. Contains WIP code as well. 16 years ago
Victor Julien ac60f32197 Make nocase keyword initilization failure fatal and slightly improve the error message it prints. 16 years ago
Victor Julien 84087e7077 Fix a memory error in the addresslist parsing code. Add a functions aimed at speeding up the signature initialization code. 16 years ago
Victor Julien b50fc8aecd Speed up appending of sigs to a sig group head by using a tail ptr. 16 years ago
Victor Julien 0726efead9 Support address lists. 16 years ago
Victor Julien f2fbf395b8 Fix mixed up CI and CS searching in WuManber. Add better tests. 16 years ago
Victor Julien 69162f9cd0 Fix issue with log-httplog where it logged uri's of previous packets because of a broken uri check. 16 years ago
Victor Julien 05fd319f6c Add log-httplog module that logs http request uri's, hosts and useragents to a per line text format. 16 years ago
Victor Julien eaaeb30cd6 Add noalert keyword for use with sigs that are used for capturing only. 16 years ago
Victor Julien 63bb777100 Use a default prio of 3. 16 years ago
Victor Julien f0ed41fb0a Support priority keyword, add priority to alert-fastlog. 16 years ago
Victor Julien 867d493d7f Source NFQ update... less hackish, but still needs work as soon as we know how to do configuration. 16 years ago
Victor Julien dc224cb2d2 Large update containing the first step to making the detection engine use rule groups. Address based rule groups are now implemented. 16 years ago
Victor Julien 9afa171d71 cosmetic update of alert-fastlog Will 16 years ago
Victor Julien a7ee4c5b1b Update todo of alert-fastlog 16 years ago
Victor Julien 3df4b7da2b Set p->proto and add TCP, UDP, etc macros. 16 years ago
Victor Julien b7bc35e8b2 support for 'negation' in addresses and the 'any' special case. 16 years ago
Victor Julien 876f0c95c7 Signature rule keywords are case insensitive. Support that. 16 years ago
Victor Julien d036264f80 Cleanup signature parsing and other detect.c parts. 16 years ago
Victor Julien f1db87276c Start on addr and proto parsing in rules. 16 years ago
Victor Julien 6c1f2071be Add unittest registration to the threading modules api. 16 years ago
Victor Julien cd19ee8bf2 Fix crash when to_client traffic was scanned for uricontent when there was no uri available... 16 years ago
Victor Julien f77c654d13 Further develop the address api. Added dynamic group head support. 16 years ago
Victor Julien 3ec5f66729 Fix some address code related compiler warnings. 16 years ago
Victor Julien d2b089f359 Fix including the header for htonl breaking the code. 16 years ago