aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,331 Commits
7 Branches
161 Tags
169 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-1.3'
${ noResults }
Commit Graph

3331 Commits (suricata-1.3)
 

Author SHA1 Message Date
Anoop Saldanha 2bc7d0792d update clean up of old detection engine contexts for live rule swap 13 years ago
Anoop Saldanha eee33866df DetectEngineCtxFree() cleanup, also in main 13 years ago
Anoop Saldanha c3eab5cf4e Replace the old atomic sets using cas with the new sc_atomic_set macro 13 years ago
Anoop Saldanha 32183faa82 free flowvar entries in flow after live rule swap. Sync flowbits entries into packet struct to be used by alert debuglog when alert debuglog is enabled 13 years ago
Anoop Saldanha 8fb2040eee disable live rule swap when -s or -S option's used at startup 13 years ago
Anoop Saldanha 31eb5fa2f6 Introduce util-signal.[ch]. Move our signal setup functions here 13 years ago
Victor Julien 4cde2355bd Simplify flow resetting on de_ctx update. Detect ctx id starts at 1. So in a flow 0 means uninitialized (thus set) and if we detect flow is not equal to detect id, we reset the sgh storage and de_state. 13 years ago
Anoop Saldanha 6fa46d7526 If new ruleset requires any htp callbacks that aren't already set, don't load new ruleset; request user to restart suricata + disable setting fileinsepection flags unconditionally in main 13 years ago
Anoop Saldanha e5edcfaca8 add unittest for atomic operation with void * 13 years ago
Anoop Saldanha ecad4a24fa live rule support added 
To reload ruleset during engine runtime, send the USR2 signal to the engine, and the ruleset would be reloaded from the same yaml file supplied at engine startup
 13 years ago
Anoop Saldanha 83a8f6e03a cleanup threshold config de-init 13 years ago
Anoop Saldanha 5e02cb2365 slot_data updated as an atomic var no 13 years ago
Anoop Saldanha 5878d83174 byte_extract_id var now a non-global de_ctx specific var 13 years ago
Anoop Saldanha f4ce9011d2 make mpm ctx container de_ctx specific. Also introduce global variable in mpm_ctx. this is a workaround for cleaning non global mpm_ctx's since we now don't supply the de_ctx around the detection engine API 13 years ago
Anoop Saldanha 7acf5ad38e clean reference config API 13 years ago
Anoop Saldanha 6003c7cb6b clean classification config API 13 years ago
Anoop Saldanha f5af4c9ceb util action api returns error code if it encounters wrong values parsing wrong action conf 13 years ago
Anoop Saldanha f2dd61868d variable names global vars, global no more. Moved to detection engine ctx, a place it belongs 13 years ago
Anoop Saldanha 946100845f fix replace unittets. Re-set modified global_var to orignial value when the test completes 13 years ago
Anoop Saldanha 55d4e9518e Kill engine during init stage if it fails to load valid value for sgh-mpm-context 13 years ago
Anoop Saldanha d7a93b6fcd clear root node during conf de-init. also create root_backup when the root is restored back using it 13 years ago
Victor Julien ab3fcb01f9 http: decode double decoded path and query string characters. Bug #464. 13 years ago
Victor Julien c6cac1ef48 build: Use expanded sysconfdir to pass as CONFIG_DIR to the code. 13 years ago
Victor Julien 108da566bc http: make client and server body inspection more robust in cases where realloc fails 13 years ago
Victor Julien 60c3af9303 detect: Only run mpm on HTTP buffers in the proper direction. Fixes a file_data FN. 13 years ago
Victor Julien 2055b509a3 dcerpc/smb/smb2: more robust error checking, cosmetic code updates. 13 years ago
Anoop Saldanha fc15cc7de1 some more mpm engine cleanup 13 years ago
Anoop Saldanha f9612f3b83 mpm engine cleanup. Remove unnecessary flags 13 years ago
Anoop Saldanha 5bb347106b cookie header now inspects Set-Cookie headers as well 13 years ago
Anoop Saldanha 593b0cb150 unittests that fail, displaying the issue that we don't inspect set-cookie headers against cookie keywords 
The next patch in the series will fix the issue and let the unittests pass as well.
 13 years ago
Victor Julien c0ac64e58c pcap: make sure thread count is 1 if config is missing for a device. 13 years ago
Anoop Saldanha bc6cf43840 #482 - use decode_flag for all decode TMs. Use the flag as a way to retrieve decode TMs from ThreadVars 13 years ago
Anoop Saldanha 0d602d9cde we now support offset, depth inspection against all packet payloads and stream messages 13 years ago
Anoop Saldanha a34f91358d tests to highlight that 
- suricata treates sigs with offset/depth without any packet keywords as stream sigs
- as a consequence suricata will FN on such sigs

The tests introduced here will fail, displaying the issues.  The
next patch in the series would fix the said issues.
 13 years ago
Anoop Saldanha c5cc9d454d stream raw reassembly fix 13 years ago
Anoop Saldanha db8500bb26 fast pattern cleanup - Remove FastPatternSupportEnabledForSigMatchList() and all it's associated structures 13 years ago
Anoop Saldanha 988c92f71c http user agent keyword + mpm + inspection + fast pattern support added 13 years ago
Victor Julien bd3a655aeb Add pcap workers mode. 
Some cards like Napatech or Myricom support libpcap wrappers that allow for
multiple streams, queues, ringbuffers. The workers mode can be of use in
those cases.
 13 years ago
Anoop Saldanha 34fde4ed75 bug #471 - file_data fast pattern unittests added 13 years ago
Anoop Saldanha 90ccbfd80a bug #471 - http server body fast pattern unittests added 13 years ago
Victor Julien 850379552a rule analyzer: minor cleanups. Fix warning-only setting, allow true/yes/enabled for yaml option. 13 years ago
Victor Julien b210bf1290 Fix commandline supplied yaml path being ignored. 13 years ago
Eileen Donlon c81020e9a3 feature 349 rule analyzer v1 13 years ago
Eric Leblond a5268088cd OpenBSD: fix tar command. 13 years ago
Eric Leblond 2d22f667c2 config: use config file in sysconfdir by default. 13 years ago
marcos 8dfddd0a0f Added -T switch to suricata output. 
Simply added the -T to be printed out when suricata is run without any
arguments.  The capability to test a configuration file has been in
suricata for some time, just doesn't show up as an option right now.
 13 years ago
Victor Julien b744708f28 filemd5: implement negated matching. 13 years ago
Victor Julien ed9b07ef1f Update changelog to reflect 1.3beta2 changes. 13 years ago
Victor Julien dbdab0cb1c Disable dce unittests that tick off clamav. #458. 13 years ago
Anoop Saldanha 1f5469fa5a bug #458 - unittest that uses clamav FPing payload disabled for now. Needs to be rewritten though with new payloads 13 years ago