aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,199 Commits
7 Branches
161 Tags
174 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-2.0.8'
${ noResults }
Commit Graph

81 Commits (suricata-2.0.8)

Author SHA1 Message Date
Victor Julien ed877c64d1 Bug 611: fix for iponly 
Fix Bug 611 for ip-only rules as well. If 'alert ip' rule has ports,
don't match on protocols that don't have ports. Like ICMP.

Bug #611.
 12 years ago
Victor Julien 01b80e2d8f detect ip-only: update radix usage 
Update IP-only lookups to the changed radix API.

The return of user_data is treated as a succesful lookup, instead of
the node.
 12 years ago
Victor Julien 941d5a1081 Don't use strdup in ip-only address parsing 12 years ago
Victor Julien 7b687da726 profiling: add tracking of missing keywords 12 years ago
Victor Julien 97bfcac444 profiling: introduce per keyword profiling 
Initial version of per keyword profiling. Prints stats about
how ofter a keyword was checked and what the costs were.
 12 years ago
Victor Julien edeeb7ed44 Store TX id with alerts 
When generating an alert and storing it in the packet, store the tx_id
as well. This way the output modules can log the tx_id and access the
proper tx for logging.

Issue #904.
 12 years ago
Victor Julien 7f8d256e7c Fix tests that didn't expect radix to be freed 12 years ago
Anoop Saldanha e2f4144d99 fix for #920. 
Cull the space before the address specified in address var variables.
 12 years ago
Victor Julien f4dcba6de3 In case of fragments, don't consider ports. Bug #847. 12 years ago
Eric Leblond 3f107fa130 decode: Packet action start with PACKET 
Rename all Packet action macro to have them prefixed by PACKET.
 12 years ago
Eric Leblond efaa9a7302 action handling: define and use macros 
The action field in Packet structure should not be accessed
directly as the tunneled packet needs to update the root packet
and not the initial packet.

This patch is fixing issue #819 where suricata was not able to
drop fragmented packets in AF_PACKET IPS mode. It also fixes
drop capability for tunneled packets.
 12 years ago
Victor Julien 5f4c52801e Fix protocol check for IP-only (#689). 13 years ago
Anoop Saldanha b1ce94babe Temporary fix for bug #599. 
Treat sigs with negated addresses as non ip-only.

This fix exposes bug #608, which results in 2 failed unittest which
have now been disabled by this commit.  Would be reenabled when we
have #608 fix in.
 13 years ago
Anoop Saldanha fdc666f732 unittest to show failure for bug #599. 13 years ago
Victor Julien e30b1bfe64 Simple IP reputation implementation 13 years ago
Victor Julien 84bad6db77 Silence compiler warnings found by clang 13 years ago
Victor Julien 80d62b59ec Fix drop (and other actions) not being applied to thresholded packets. Bug #613. 13 years ago
Victor Julien c3f4f8d46a Dead code cleanup. Coverity 728047, 728048, 728049. 13 years ago
Eric Leblond e176be6fcc Use unlikely for error treatment. 
When handling error case on SCMallog, SCCalloc or SCStrdup
we are in an unlikely case. This patch adds the unlikely()
expression to indicate this to gcc.

This patch has been obtained via coccinelle. The transformation
is the following:

@istested@
identifier x;
statement S1;
identifier func =~ "(SCMalloc|SCStrdup|SCCalloc)";
@@

x = func(...)
... when != x
- if (x == NULL) S1
+ if (unlikely(x == NULL)) S1
 13 years ago
Eric Leblond d292004880 Add some missing checks of SCStrdup return. 13 years ago
Eric Leblond fd7b6db22d sig: Add ipv6 and ipv4 to list of protocols 
With this patch it is possible to do:
 alert ipv6 any any -> any any
or
 alert ip4 any any -> any any
to match on IPv4 or IPv6 packets.
 13 years ago
Victor Julien af97c36c08 Properly clean signature's ip only data. 13 years ago
Victor Julien ea0d172693 No longer pass StreamMsg to output for alert logging, instead use the same callback code as is used for state alerts. 13 years ago
Anoop Saldanha 7495f59773 bug #451 fix for parsing address. Increase buffer size 13 years ago
Victor Julien c4b34e6ef7 Fix various minor clang/scan-build warnings. 14 years ago
Victor Julien 8339ca6d4e Implement post match support for ip-only. 14 years ago
Victor Julien 9324ed7b90 Fix icmpv6 ip-only rule not firing. #363. 14 years ago
Victor Julien c1a40447c1 IP Only cleanup: make most functions static. Add error message on address parsing issues. 14 years ago
Anoop Saldanha 7433d92dd2 undo this commit - 
commit eff08f93d8
Author: Anoop Saldanha <poonaatsoc@gmail.com>
Date:   Thu Nov 3 14:31:24 2011 +0530

    update failing unittest to reflect the mpm design update

Fixed a bug in the mpm code that would make all the changes in the commit just undone wrong.
 14 years ago
Anoop Saldanha eff08f93d8 update failing unittest to reflect the mpm design update 14 years ago
Victor Julien 6bad2dbd79 Don't match on IP only rules that use ports if packet is not (proper) TCP, UDP or SCTP. Rules out frags matching as well. 14 years ago
Victor Julien e13181496c ip-only: added support for matching on ports. 14 years ago
Eric Leblond 6b9d1012ff Transform inet_ntop call into PrintInet one. 14 years ago
Anoop Saldanha 7e5c52c80b add flowbits:set; only sigs to be treated as ip only 14 years ago
Gerardo Iglesias Galvan 5d85b0f7b7 Fix potential crash in ip-only address parsing code 14 years ago
Victor Julien 864c8718e1 Store matching stream msg (ptr) in packets alert structure so it's available to the output plugins. 15 years ago
Pablo Rincon fb5fb3ab3f IPOnly module fix for building stage. Radix Tree fix inserting diferent netmask user datas 15 years ago
Eric Leblond 49adc264bc Don't print message after SCMalloc failure. 
This patch generated via coccinelle is getting rid of logging
message after a SCMalloc failure. They were useless as SCMalloc
already displays a message.
 15 years ago
Pablo Rincon 5c43db85ce Drop streams on inline mode when a drop rule match from a reassembled stream and/or app layer inspection 15 years ago
Victor Julien 1071a53210 Fix unittests after ip_proto keyword change. 15 years ago
Pablo Rincon 70bda6506d Fix for bug 180 (check proto specified at the IP hdr) 15 years ago
Gurvinder Singh cda664a8c4 memroy leaks fixes in detection module, app layer and counters 15 years ago
Victor Julien 2c8282a70b Fix small memleak in ip only parsing code. 15 years ago
William Metcalf 32a2da147b Null deref fix for detect-engine-iponly.c 15 years ago
Gerardo Iglesias Galvan 9f4fae5b1a Fix inconsistent use of dynamic memory allocation 15 years ago
Pablo Rincon 46187bfe73 Fix action logic after last pass changes 16 years ago
Pablo Rincon e18e2ec998 Changing threshold logic 16 years ago
Pablo Rincon 1238668961 Adding actions order and suport for rule action "pass" 16 years ago
William Metcalf ce01927515 Import of GPLv2 Header 050410 16 years ago
William Metcalf 9527aa26a2 Small windows fixes ifdef wrapper for netinet/in.h O_NOFOLLOW def missing so added ifndef define install doc updated. 16 years ago