aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,587 Commits
7 Branches
161 Tags
208 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-7.0.11'
${ noResults }
Commit Graph

454 Commits (suricata-7.0.11)

Author SHA1 Message Date
Shivani Bhardwaj 98b12d1c30 release: 7.0.11; update changelog 3 weeks ago
Jason Ish f19e28f121 version: start development towards 7.0.11 4 months ago
Shivani Bhardwaj 9378707700 release: 7.0.10; update changelog 4 months ago
Shivani Bhardwaj 77652d0f7a version: start development towards 7.0.10 4 months ago
Shivani Bhardwaj 76729e4266 release: 7.0.9; update changelog 4 months ago
Shivani Bhardwaj 51bc167807 version: start development towards 7.0.9 8 months ago
Shivani Bhardwaj 97e69ffb1b release: 7.0.8; update changelog 8 months ago
Shivani Bhardwaj cd7d785267 version: start development towards 7.0.8 10 months ago
Shivani Bhardwaj 572a16fb5a release: 7.0.7; update changelog 10 months ago
Philippe Antoine ca8bf6e64c http: have a headers limit 
Ticket: 7191

So as to avoid quadratic complexity in libhtp.
Make the limit configurable from suricata.yaml,
and have an event when network traffic goes over the limit.

(cherry picked from commit bb714c9178)
 10 months ago
Jason Ish 926a7dae48 configure: require cbindgen version of 0.16.0 or newer 12 months ago
Shivani Bhardwaj 561d2d32c6 version: start development towards 7.0.7 1 year ago
Shivani Bhardwaj 9db8668166 release: 7.0.6; update changelog 1 year ago
Jason Ish 97409fe37b rust: rename .cargo/config to .cargo/config.toml 
Addresses this warning from the Rust compiler:

warning: `../rust/.cargo/config` is deprecated in favor of `config.toml`
note: if you need to support cargo 1.38 or earlier, you can symlink `config` to `config.toml`
(cherry picked from commit 8560564657)
 1 year ago
Sascha Steinbiss 93fd349b3f ja4: implement for TLS and QUIC 
Ticket: OISF#6379
(cherry picked from commit 120313f4da)
 1 year ago
Sascha Steinbiss f48b48da65 ja3: make feature compile time configurable 
(cherry picked from commit 9d0db71ebf)
 1 year ago
Victor Julien 7b3783da12 detect: optimize sig_cnt setting 
Utilize _popcnt64 where available.

(cherry picked from commit c4ac6cd)
 1 year ago
Shivani Bhardwaj 27fbb70a14 version: start development towards 7.0.6 1 year ago
Shivani Bhardwaj c4cf7b09f0 release: 7.0.5; update changelog 1 year ago
Jason Ish 41926c51cd configure: .git can be a file as well 
In worktree scenarios, .git is a file. Assuming its a directory causes
the release date to check the ChangeLog instead of the last commit,
while not a big issue, can be confusing.
 1 year ago
Jason Ish e0e6ad2cef configure: export release date for documentation 
Sphinx embeds a date in the generated man pages, and to provide
reproducible builds this date needs to be provided to Sphinx,
otherwise it will use the current date.

If building from Git, extract the date from the most recent commit. In
a release, this commit would be the commit that sets the version so is
accurate.

If .git does not exist, use the most recent data found in the
ChangeLog.

The ChangeLog is not used when building from git, as the main/master
branch may not have recent enough timestamps.

This should provide a consistent date when re-building the
distribution from the same non-git archive, or from the same git
commit.

Ticket: #6911
(cherry picked from commit b58dd5e585)
 1 year ago
Jason Ish e6dd68ffbb configure: don't check ./revision, it never exists 
Stop checking the ./revision file for the git revision info, its never
created.

(cherry picked from commit c00c2b116f)
 1 year ago
Shivani Bhardwaj acc898f3e0 version: start development towards 7.0.5 1 year ago
Shivani Bhardwaj d8bad3b1aa release: 7.0.4; update changelog 1 year ago
Shivani Bhardwaj 6b0ff3ef25 version: start development towards 7.0.4 1 year ago
Shivani Bhardwaj be68bbc4ab release: 7.0.3; update changelog 1 year ago
Philippe Antoine e7e28822f4 http1: configurable max number of live tx per flow 
Ticket: #5921

Co-authored-by: Jason Ish <jason.ish@oisf.net>
(cherry picked from commit 4175680a8a)
 1 year ago
Victor Julien 2fe2d82506 version: start development towards 7.0.3 2 years ago
Shivani Bhardwaj d07e20c0a3 release: 7.0.2; update changelog 2 years ago
Lukas Sismis 1bcea5a992 dpdk: add hugepage hint to lower the amount of reserved hugepages 
If a user allocates too many hugepages and those are largely not used
then Suricata suggests that the user can lower the amount of hugepages
and therefore save memory for other purposes.

Ticket: #5966
 2 years ago
Victor Julien 908f49eef1 version: start development towards 7.0.2 2 years ago
Juliana Fajardini 8553d567d2 release: 7.0.1; update changelog 2 years ago
Jason Ish ae3b1a9e36 configure: more idiomatic autoconf for sphinx-build checks 
- Use SPHINX_BUILD instead of HAVE_SPHINX_BUILD, as here we're
  actually using the path of the program.

- Wrap some elements in [] as is done in modern idiomatic autoconf
 2 years ago
Jason Ish 82758fb09f configure: check for new enough sphinx-build 
We need a recent version of Sphinx to build the documentation in
7.0. Check for a minimum version of 3.4.3. If older, do not build the
docs which is the same behavior when sphinx-build is not found.

Bug: #6297
 2 years ago
Ralph Eastwood 95ecbd1178 configure: move -lntapi to LIBS variable 
Previously -lntapi was appended to LDFLAGS which did not work with
all build environments.
 2 years ago
Victor Julien 5c10ea2dc8 version: start development towards 7.0.1 2 years ago
Shivani Bhardwaj 21ec99aa76 release: 7.0.0; update changelog 2 years ago
Jason Ish 401d895b1d configure: set minimum rust version to 1.63.0 
Ticket: #4163
 2 years ago
Victor Julien 639c5cc4df version: start development towards 7.0.0-rc3 2 years ago
Shivani Bhardwaj da99a69c5b release: 7.0.0-rc2; update changelog 2 years ago
Jason Ish f0885a2a2e install: create runtime data directory 
On installation, make sure the data directory is created. This will
usually be /var/lib/suricata/data, but otherwise follows the
autoconf/automake instructions.

This directory is for runtime state information, which for now is
datasets but may be expanded in the future.  Suricata already expects
this directory to exist for "state" and "save" datasets, but it has
been up to the user to create it.
 2 years ago
Jason Ish 03442a36ef windows: add -lntdll to Windows builds 
Rust 1.70 has introduced some possible issues between LLVM and gcc
causing link errors that are fixed by explicitly adding -lntdll.

Thanks to https://github.com/extendr/rextendr/pull/285 for the fix.
 2 years ago
Lukas Sismis fee79ff3c4 dpdk: add linker flag for DPDK Bond library 
Header checking (AC_CHECK_HEADER) did not work as
DPDK 19.11 included rte_eth_bond.h file even if net/bonding
driver was disabled. However, it was still not available in
ldconfig configuration. For this reason Bond PMD is checked with
ldconfig tool.
However when installing the DPDK library manually, the user needs to
update the entries in ldconfig to be able to find the Bond PMD.

Ticket: #6099
 2 years ago
Eric Leblond 020cfbcd61 profiling: introduce rules profiling 
Performance measurement of rules is important on live Suricata
as bad rules can cause severe performance regression. This patch
introduces the --enable-profiling-rules that activate profiling
for the rules. This reduces the performance impact of full
profiling  and provide visiblity on the rules performance at
the same time.
 2 years ago
Victor Julien 7dbf8a54f1 configure: spelling 2 years ago
Victor Julien a3c8105ac4 fuzz: spelling: AFLFUZZ_PERSISTENT_MODE 2 years ago
Jason Ish 6f14aed0e6 rust: bundle Cargo.lock 
Cargo.lock has to be provided as template, Cargo.lock.in so it can
live beside Cargo.lock in out of tree automake builds, like distcheck.

This will pin Rust dependencies even for git builds, updating
Cargo.lock will now be a manual process that we'll have to take care
of periodically.
 2 years ago
Jason Ish 744759b0c9 source-xf-xdp: update for deprecated function in libbpf 
libbpf 0.8 deprecates bpf_get_link_xpd_id, and 1.0 removes it. Add
./configure check to see if this method is available and use it if so,
otherwise use the deprecated method which is not available on older
but still supported Linux distributions.

Ticket: #5924
 2 years ago
Jason Ish c6c781ef67 config: put version in configuration as a proper value 
Adds a new field, "suricata-version" to the configuration file with
the major and minor version of the Suricata that generated the
configuration file.

This may be useful in the future for presenting warnings about
important changes, or even providing different defaults based on what
the user might expect.

Ticket: 5822
 2 years ago
Victor Julien 935dedf1e8 version: start development towards 7.0.0-rc2 3 years ago