aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,077 Commits
7 Branches
155 Tags
195 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fc7879322e'
${ noResults }
Commit Graph

4077 Commits (fc7879322e5afdb19a6493d44d840f1e6b679a52)
 

Author SHA1 Message Date
Anoop Saldanha 34a9c047fc updated to fix unix shutdown sequence 
Should fix crashes occuring from unix mode shutdown/cleanup phase.
 12 years ago
Ignacio Sanchez d771e08156 Adds support for the geoip keyword 
Adds support for match-on conditions (src, dst, any, both)
Uses GEOIP_MEMORY_CACHE for performance reasons
Adds support for negation and multiple countries in the same rule

Bug fixes

Changed to take flow direction from rule, if present

Comments addressed. Unit tests added.
 12 years ago
Eric Leblond 6dfd106139 conf: add unittest for WithDefault functions. 12 years ago
Eric Leblond f59c63c457 pcap: add support for 'default' interface 12 years ago
Eric Leblond feabe6e9a2 pfring: add support for 'default' interface 12 years ago
Eric Leblond 4ae27756b0 af-packet: add support for 'default' interface 
This patch adds support for 'default' interface which is used to get
parameter values when per-interface is not defined.
 12 years ago
Eric Leblond 0bddf4f02f conf: introduce WithDefault function 
This patch introduces a new set of functions to the ConfGetChildValue
family. They permit to look under a default node if looking under
base node as failed. This will be used to access to default parameters
for a data type (for instance, first usage will be interface).
 12 years ago
Eric Leblond 6b81430bcb pcap-file: don't kill engine in unix socket mode 
This patch updates the cleaning code to avoid to exit from suricata
in unix socket mode when a invalid pcap is given.
 12 years ago
Jamie Strandboge bc04090bc9 suppress: DETECT_SUPPRESS_REGEX should support IPv6 addresses too. Bug #697. 12 years ago
Victor Julien 80ed1ba008 file md5: print filename and line number on md5 parse errors. Bug #693. 12 years ago
Nikolay Denev 9480559c65 preserve the existing error code order 
restore SC_WARN_IPFW_SETSOCKOPT
move SC_ERR_IPFW_SETSOCKOPT at the end of the enum
 12 years ago
Nikolay Denev 894ad21be5 setsockopt() failures are already fatal, 
so treat them as such and print error instead of warning.
 12 years ago
Nikolay Denev 29b69fb026 set SO_BROADCAST on the divert socket so that broadcast 
packets can be reinjected.
 12 years ago
Victor Julien 6783463eee Fix ftpbounce address calc failing on PPC64 12 years ago
Victor Julien 0c84a7a2a9 Use _mm_free for memory allocated by _mm_alloc. Bug 703. Minor compiler warning fixes. 12 years ago
Victor Julien 34d063adea Fix double definition of CPU_* macro's for Darwin/OSX. Bug 701. 12 years ago
Victor Julien f0578c474e Fix byte order detection on Mac OS X/Darwin. Bug 700. 12 years ago
Victor Julien 5f4c52801e Fix protocol check for IP-only (#689). 12 years ago
Victor Julien 633707457f Update changelog for 1.4 12 years ago
Victor Julien 1eed3f2233 ipv6: add event for ipv6 packet with icmpv4 header 12 years ago
Anoop Saldanha 53c023342c fix for 653. 
break out of afp readring loop if shutdown is initiated.
 12 years ago
Victor Julien a55ff64a1b Use GET_PKT_LEN and GET_PKT_DATA macro's 12 years ago
Eric Leblond e690b3bbc9 magic: freebsd magic return differently 
FreeBSD don't return "Microsoft Office Document" but
"OLE 2 Compound Document". This patch takes this into account.
 12 years ago
Anoop Saldanha a30a1e5950 fix for bug 675. 
Fix icmpv6-csum to send the right length to calculate the csum.
 12 years ago
Anoop Saldanha af92c2fa4b Unittest to show the issue we have with 674 - csum-icmpv6 sends 
wrong length for csum calculation)
 12 years ago
Victor Julien 150b0c5ae0 ipv6: add option to detect HOP/DST headers with only padding. Detect unknown DST/HOP opts. 12 years ago
Victor Julien ba367dad3c icmpv6: fix payload handling 12 years ago
Victor Julien 538a941486 decoder events: fix bug causing some rules not to be inspected if the decoder completed with warnings 12 years ago
Victor Julien f5cd7c6a92 decode events: add debug statement 12 years ago
Victor Julien 82769a1b37 profiling: fix missing profile names 12 years ago
Victor Julien 72443a0d62 unified2: append open instead of trucate open so that in case we rotate within a second we don't overwrite files. Instead we violate the limit. 12 years ago
Victor Julien 298d21372b flow: only BUG_ON use_cnt in flows when compiled with debug-validation 12 years ago
Anoop Saldanha b22a0cffbb cleanup flowtimeout threadvars retrieval + 
throw back pseudo pkt back to packetpool inside flow timeout.
 12 years ago
Victor Julien abecef5d82 stream: send eof to app layer from stream end pkt if necessary 12 years ago
Ludovico Cavedon ac8b087717 Wait until both sides close the TCP connection before initiating cleanup 12 years ago
Victor Julien 40d067e9ec Update docs from wiki 12 years ago
Victor Julien e4f2566177 Update changelog for 1.4rc1 12 years ago
Eric Leblond 2accda78a1 unix runmode: fix error handling. 
If 'output-dir' argument was not given it was possible to reach a
possibly problematic condition.
 12 years ago
Eric Leblond 1fd47cfb96 Remove useless code. 12 years ago
Eric Leblond b3d4285982 fix logic error in sanity check 12 years ago
Eric Leblond 9c47ada771 Add removal safe TAILQ iterator. 
TAILQ_FOREACH macro was not safe for element removal as it was
accessing the next element in case of a free. This patch is inspired
by Linux list handling and provide a new macro TAILQ_FOREACH_SAFE.
This macro is removal safe and only differs by a last argument being
a temporaty pointer to an element.
 12 years ago
Eric Leblond 06751ecd75 prelude: don't build string objet for NULL string 
prelude_string_set_ref don't like when it is called with a NULL
parameter. This patch adds check for NULL value. This is formally
good as there is no use of a NULL description.
 12 years ago
Jason Ish 005f7a2399 Feature 638: Display DAG drop counts on exit; add DAG packet and drop stats to live stats. 12 years ago
Ludovico Cavedon b617c9c3f2 Fix length check on user-agent header 12 years ago
Ludovico Cavedon 5dd0a1d917 Add User-Agent header content to file metadata 12 years ago
Anoop Saldanha 34d5aadcb8 warn users that we don't support content strings whose length's > 255. 12 years ago
Ludovico Cavedon 2f4c9198a6 Initialize flow_manager_mutex 12 years ago
Anoop Saldanha 464ed95f71 fix for bug #526. 
Insert pseudo packet under low load conditions to complete rule swap.
This is necessary when we use autofp active packets where most packets
would be sent to the first queue under low load conditions.
 12 years ago
Victor Julien 467f28e98e clang: make atomics work 12 years ago
Victor Julien 389c48f222 Fix detection of spin locks supported. Clean up how we handle falling back to mutex if spinlocks aren't supported. 12 years ago