aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,244 Commits
7 Branches
161 Tags
170 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-3.0RC3'
${ noResults }
Commit Graph

6244 Commits (suricata-3.0RC3)
 

Author SHA1 Message Date
Victor Julien 44a444ba78 Update changelog for 3.0RC3 10 years ago
Victor Julien 37a64bdd45 redis: fix compiler warning 10 years ago
Victor Julien 5457c8d5b3 prelude: clean up memory on setup failure 10 years ago
Victor Julien 33ce781759 pcap: fix setup failure memleak on libpcap < 1.0 10 years ago
Victor Julien 8719d90314 prelude: style fixup 10 years ago
Eric Leblond 1d9087f79f prelude: fix thread safeness 
Prelude analyzer is not thread safe so we need to have one
analyzer per thread.
 10 years ago
Eric Leblond 93642a0d1d suricata: can't use -l and unix socket runmode 
It is not possible to use simultaneously -l and unix socket
runmode because setting the log directory make it final so
not modifable by other call.

It is a implementation limitation but it does not make sense
to set logging directory to have it overwritten by the first
directory specified 'by pcap-file'. So it seems correct to
only trigger an error if this both options are used at the same
time.
 10 years ago
Eric Leblond 2002b37e30 unix-manager: display errors like errors 
Not being able to setup the output directory or file is an error so
it should be printed as such.
 10 years ago
Eric Leblond 6b37985c66 unix-manager: fix race condition 
Under high load it is possible that the thread is not yet started
and that we register a command at the same time. As a consequence,
the commands list is not yet initialized and we have a segfault.

This patch moves the initialization in the ThreadInit function to
be sure the commands list is available when needed.
 10 years ago
Victor Julien 083f22f6d6 icmpv4: remove unused header fields 10 years ago
Victor Julien 375092da85 icmpv4: remove unused declarations 10 years ago
Victor Julien ed1cc1ee2a icmpv4: harden embedded packet handling 10 years ago
Victor Julien fe445367bd icmpv4: improve dest unreachable logic 
When a ICMPv4 destination unreachable packet contains an embedded packet
this packet is parsed. When it's found to be invalid, the whole ICMP
packet is tagged as invalid.

In some cases the unreachable packet would still be used.

This patch fixes this by checking the packet is invalid flag as well
in the ICMPV4_DEST_UNREACH_IS_VALID macro.
 10 years ago
Victor Julien 2fbfd6efcc DER decoder: don't use strlcpy on non-strings 10 years ago
Victor Julien fae2836039 http: more sane body inspection/tracking defaults 10 years ago
Victor Julien efdd9e08f2 http: improve body pruning 
In case the body wasn't inspected the body_inspected variable wouldn't
get updated leading to the body not getting pruned at all.

This patch adds support for this case.
 10 years ago
Victor Julien 64017cd29b ips/drop-log: fix crash on logging drops 
When logging drops for fragmented UDP packets, triggered by detection
in the reassembled packet, a missing check could lead to access of the
packets UDP header pointer when it was NULL.
 10 years ago
Victor Julien 136c6440c8 http file: fix txid type 10 years ago
Victor Julien 006cd5ae36 file: sync file and tx id types 10 years ago
Victor Julien a74a8c874f smtp: reset inspection buffers 10 years ago
Victor Julien 2582e61af7 http: fix body prune check 10 years ago
Victor Julien e94bf9726d Update Changelog for 3.0RC2 10 years ago
Victor Julien b333e5feae dns: reject bad response data 10 years ago
Victor Julien 260841827f smtp: improve handling of bad traffic 
No longer fail tracking the SMTP stream when a unexpected reply is
encountered.

Do not store the unexpected reply.
 10 years ago
Victor Julien 4b69e1aec1 stream-tcp: bail early on segments before base_seq 
In cases where base_seq has moved beyond last_ack, bail early.
 10 years ago
Victor Julien 8cdd96d7a4 tls: suppress warnings on alloc failure 10 years ago
Victor Julien b4dad91e26 unified2: disable by default 10 years ago
Victor Julien 36fde7df42 stats log: suppress 0 counters by default 10 years ago
Victor Julien 86a3f06410 afpacket: suppress output 10 years ago
Victor Julien bed1867830 afpacket: move zero copy setup to config parsing 
This way it's run and logged per device, instead of per thread.
 10 years ago
Victor Julien 9d882116e2 afpacket: indent fixup 10 years ago
Victor Julien cf2588acc4 offloading: compress printing of iface offloading 10 years ago
Victor Julien f89a421990 afpacket: on missing cluster settings, set defaults 10 years ago
Victor Julien 49dbb455b5 afpacket: add null decoder, put ethernet first 10 years ago
Victor Julien 7b45a8a2a9 device: constify string args 10 years ago
Jason Ish d87a60f3cc modbus: disable by default 10 years ago
Eric Leblond 538f37bd38 output-json: add app_proto key in root 
By adding the key in the root of *flow and fileinfo  events it
will be possible to get all events for one application layer by
using a 'event_type:proto OR app_proto:proto' filter. This will
permit to the analyst to get a good view of events related to
one protocol.

This patch also fixes a regression in file logging where app_proto
was available before 94dbd303e4 create
the regression.
 10 years ago
Alexander Gozman 8ac48872a5 Feature 1605: more descriptive error messages when checking MTU, etc 10 years ago
Victor Julien 019f856442 profiling: fix lock profile compilation 10 years ago
Victor Julien ac476de5ed json: small improvement to log message wording 10 years ago
Eric Leblond 9930f447d2 output-json: fix regression on log prefix handling 
The log prefix option was not anymore honored due to a regression
caused by some recent code.
 10 years ago
Maurizio Abba 1291250c0f app-layer-smtp: support for multiline response 
Multiline response support is provided but not enforced. This patch
allow parsing multiline response when a reply is processed
 10 years ago
Victor Julien 737c99dd30 Update changelog for 3.0RC1 10 years ago
Victor Julien 84c4566a14 Update dev version to reflect we're doing 3.0 now 10 years ago
Victor Julien d77e403024 rule vars: fix compiler warning 10 years ago
Victor Julien a7f54d63b7 tls: fix compiler warnings 10 years ago
Victor Julien a1075ee2f2 http: add test for plain http over connect 10 years ago
Victor Julien cd81af0bc9 http: don't run unittests twice 10 years ago
Victor Julien e86e27bab7 http: test cleanups 10 years ago
Aaron Campbell 50f4fb2a72 Fix out-of-bounds memory access in DNS TXT record parser. 
The datalen variable is declared unsigned.  If txtlen and datalen are equal,
datalen will first be reduced to 0, and then the datalen-- line will cause its
value to wrap to 65535.  This will cause the loop to continue much longer than
intended, and eventually may crash on an out-of-bounds *tdata dereference.

Signed-off-by: Aaron Campbell <aaron@monkey.org>
 10 years ago