suricata

Commit Graph

Author	SHA1	Message	Date
Travis Green	6f5eb487a1	doc: add missing and fix 404 for --list-keywords	7 years ago
Travis Green	c2adb9e669	doc: added tos keyword Redmine issue: https://redmine.openinfosecfoundation.org/issues/2583	7 years ago
Philippe Antoine	7fca771ef4	Fixes other affected tests for smtp pipelining Either checking state has pipelining Or removing pipelining from input	7 years ago
Philippe Antoine	447c1042f4	smtp: improve pipelining support Fixes #1863	7 years ago
Victor Julien	8357ef3f8f	proto/detect: workaround dns misdetected as dcerpc The DCERPC UDP detection would misfire on DNS with transaction ID 0x0400. This would happen as the protocol detection engine gives preference to pattern based detection over probing parsers for performance reasons. This hack/workaround fixes this specific case by still running the probing parser if DCERPC has been detected on UDP. The probing parser result will take precedence. Bug #2736.	7 years ago
Victor Julien	11f3659f64	teredo: be stricter on what to consider valid teredo Invalid Teredo can lead to valid DNS traffic (or other UDP traffic) being misdetected as Teredo. This leads to false negatives in the UDP payload inspection. Make the teredo code only consider a packet teredo if the encapsulated data was decoded without any 'invalid' events being set. Bug #2736.	7 years ago
Victor Julien	e30212c5d8	detect: fix crash during startup with malformed yaml detect-engine: custom-values: toclient-groups: 200 toserver-groups: 200 Bug #2745	7 years ago
Victor Julien	4c8f6b2246	offloading: on bsd, disable rxcsum and v6 variants	7 years ago
Victor Julien	fa6b73d1c9	offloading: don't set multiple times per interface This could happen with netmap igb0->igb0^ IPS mode.	7 years ago
Victor Julien	ad1945aae4	detect: fix content inspection flags Fix generic inspect function content inspection flags so that streaming buffers work correctly.	7 years ago
Victor Julien	394e115036	detect/rawbytes: improve error message plus do minor cleanups	7 years ago
Victor Julien	f336ba3217	detect/file-data: fix enabling http body tracking	7 years ago
Victor Julien	3eec088d31	detect/parse: error out on unused sticky buffers	7 years ago
Victor Julien	b36e921cf9	detect/prefilter: add closing debug return statement	7 years ago
Victor Julien	3a057c5f54	capture: fix mtu plus sign names for non-netmap Bug #2502.	7 years ago
Victor Julien	31f81429c2	stats: more accurate interval handling In the stats loop sleep for a time period more closely matching the stats.interval setting. Fix an off by one that would make the loop wake up ~1 second early. Bug #2716	7 years ago
Jason Ish	d03a5be118	dns json v2 (C) - log rrtype in response Redmine issue: https://redmine.openinfosecfoundation.org/issues/2723	7 years ago
Jason Ish	87250da0fc	rust/dns: add v1 dns logging Redmine issue: https://redmine.openinfosecfoundation.org/issues/2704	7 years ago
Victor Julien	9d36182b74	unix: fix deadlock in unix runmode on many cores Same issue as in `7f8795c756`, with the solution now also applied to the unix socket runmode. Bug #2734	7 years ago
Victor Julien	8d2883f3fa	output/tx: fix multi-instance logger output Fix transactions not being logged after the first tx logger had logged.	7 years ago
Victor Julien	0e40231189	app-layer: improve transaction cleanup handling The app layers with a custom iterator would skip a tx if during the ..Cleanup() pass a transaction was removed. Address this by storing the current index instead of the next index. Also pass in the next "min_tx_id" to be incremented from the last TX. Update loops to do this increment. Also make sure that the min_id is properly updated if the last TX is removed when out of order. Finally add a SMB unittest to test this. Reported by: Ilya Bakhtin	7 years ago
Victor Julien	d34e41068f	app-layer: fix tx tracking updates in tx cleanup Fix min_id not getting updated in all cases. Reported by: Ilya Bakhtin	7 years ago
Victor Julien	e62e4bdc49	app-layer: add debug statements to tx cleanup logic	7 years ago
Victor Julien	37203c98a1	unittests/app-layer: add helper to get app tx trackers	7 years ago
Eric Leblond	f3be8eaaf4	detect-depth: remove semi coma from desc It was breaking the CSV export.	7 years ago
Eric Leblond	8c1b16e22d	doc: fix some links in list-keywords command	7 years ago
Eric Leblond	64df672cf7	util-bpf: workaround OpenBSD old libpcap OpenBSD is not using a pcap_compile_* function so we can just comment the code for OpenBSD users.	7 years ago
Eric Leblond	6853683085	af-packet: remove unused field in AFPThreadVars	7 years ago
Eric Leblond	6bfecd6906	af-packet: remove years old todos	7 years ago
Eric Leblond	017acaa465	netmap: use custom BPF compile function	7 years ago
Eric Leblond	28e9e4c85c	af-packet: use the new BPF compilation function	7 years ago
Eric Leblond	3c566e0f89	util-bpf: introduce custom BPF compile functions We can't get error from pcap_compile_nopcap() so let's get our own function and output message.	7 years ago
Eric Leblond	e98b5e4946	af-packet: micro optimization Use a else if instead of two chained if constructs.	7 years ago
Eric Leblond	9efa4ace69	af-packet: improve error handling Stress condition in Suricata could lead to interface to disconnect when it is not necessary. This patch updates the error handling code to try to continue reading when such a case occurs.	7 years ago
jason taylor	74761b04fe	bypass:added new documentation reference Documentation didn't previously exist for the bypass keyword Signed-off-by: jason taylor <jtfas90@gmail.com>	7 years ago
Eric Urban	90a0731564	debug/log: add log level for JSON type resolves #2671	7 years ago
Victor Julien	6f2b974f9c	detect/mpm: fix fast_pattern handling of len >255 The fast pattern selection logic would truncate a patterns len to 255 leading to assigning the same pid to different patterns. This in turn would be caught by the hyperscan setup code which would abort. Bug #2714.	7 years ago
Victor Julien	961610489a	iprep: small cleanups	7 years ago
Victor Julien	5740c79b93	iprep: improve error checking of path handling	7 years ago
Victor Julien	0b3220a0df	detect: improve inspect buffer handling Fix and Optimize cleanup. For the simple single inspect buffer optimize the cleanup by keeping track of the actually used buffers. This avoid looping over unused buffers. Fix the case of cleaning not being done after a tx if the next tx is also inspected in the context of the same packet. Fix cleanup of the multi-inspect buffers. Optimize in 2 ways. First like with single keep track of which multi-inspect buffers have been used. Second, keep a max of the buffers within a multi-inspect buffer. Use this max to limit (nested) looping.	7 years ago
jason taylor	683be94830	profiling: set loop limit to match array size Signed-off-by: jason taylor <jtfas90@gmail.com>	7 years ago
Victor Julien	5aef72efd1	prelude: fix potential uninitialized value use	7 years ago
Victor Julien	ca1161d798	detect: suppress coverity deadcode warnings Suppress as scan-build-7 relies on this 'dead' code to not issue a warning.	7 years ago
Victor Julien	7b318592e6	filestore: suppress coverity toctou warning	7 years ago
Victor Julien	cb2008fb27	detect: fix coverity memory leak warnings	7 years ago
Victor Julien	16100e592d	file: use u32 file id everywhere	7 years ago
Victor Julien	59d526481c	detect/distance: improve value parsing and fix broken test	7 years ago
Victor Julien	9cce1995ef	detect/within: clean up option value parsing	7 years ago
Victor Julien	8814b994b5	detect/within: test cleanups	7 years ago
Victor Julien	1803af7aa6	eve/dns: improve version warning message	7 years ago

1 2 3 4 5 ...

8176 Commits (suricata-4.1.2)