aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
15,483 Commits
7 Branches
161 Tags
172 MiB
master
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'suricata-7.0.8'
${ noResults }
Commit Graph

15483 Commits (suricata-7.0.8)
 

Author SHA1 Message Date
Eric Leblond 72ec56ab23 source-nfq: autodetection of queue max length function 
Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 3825ca2ed8 config.h.in is an autogenerated file 
It thus should not be put into the repository.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 8330747234 Add multi queue support to NFQ run mode 
This patch adds support for multiple Netfilter queue
in the NFQ run mode. Suricata can now be started on
multiple queue by using a comma separated list of
queue identifier on the command line. The following syntax:
	suricata -q 0 -q 1 -c /opt/suricata/etc/suricata.yaml
will start a suricata listening to Netfilter queue 0 and 1.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 1375e90030 Prepare multi queue support in NFQ 
This patch prepare support for multiqueue in the
source file. The NFQ vars contained in Packet structure
has a new member. It is a reference to the NFQ thread var
it comes from. The behaviour is modified as a single verdict
thread treat packet for all Netfilter queues.

Locking is done in the verdict function to ensure that
simultaneous modifications of counters can not occur.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond d0faa6c96e Fix some spacing. 
This trivial patch fixes some indentation problems.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 88fb3a641e Delete some commented code in runmodes 
This patch simply suppress some commented code in runmodes.c.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond f9e453e14c affinity: Use configured 'threads' value if set 
This patch modifies runmodes to make them use the new 'threads'
variable.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond fb3641982f affinity: 'threads' param to configure threads number 
This patch adds a new parameter the affinity. The 'threads' keyword
is used to set the number of threads to start for a family. It can
only be used on family where multiple thread are laucnh in the running
mode. This is mainly the case of the detect threads.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 789d46cc3c Add per-cpu prio handling 
This patch updates affinity setting to add a support for per cpu
priority setting. In exclusive mode a thread is dedicated to a CPU.
This patch adds the ability to set the thread prio for all threads
of a family running on a given CPU.

With this patch we can write
    - detect_cpu_set:
        cpu: [ "all" ]
        mode: "exclusive" # run detect threads in these cpus
        low_prio: [ 0 ]
        medium_prio: [ "1-2" ]
        high_prio: [ 3 ]
With this configuration, detect threads assigned to cpu 0 will
have a low priority. Detect threads on cpus 1 and 2 will have
prio medium...

The previous configuration is equivalent to:
    - detect_cpu_set:
        cpu: [ "all" ]
        mode: "exclusive" # run detect threads in these cpus
        low_prio: [ 0 ]
        high_prio: [ 3 ]
        prio: "medium"
because the prio value is used a default.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond a11e40dedf Pcapfile mode: support for cpu affinity settings 
This patch adds support for cpu affinity setting in the pcapfile
runmode.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 9d5f08e0d9 Pcap mode: use CPU affinity setting 
This patch adds support for CPU affinity settings
in pcap mode.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 51df6beb26 Convert RunModeIpsNFQAuto to new affinity mode. 
The default NFQ run mode is now using the new affinity system. It
thus can be configured via suricata.yaml.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond ea566d6601 Handle management thread with corresponding affinity 
This patch implement the setting of each management threads in
the corresponding thread affinity. This is done by modifiying
thread creation function.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 0809deafc4 Implement function needed for affinity in tm-threads 
This patch features the implementation of affinity related
changes in tm-threads. In place code has been used but some
refactoring has been done to avoid code duplication.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 77f2b6a7a9 Make runmode parse affinity settings. 
This patch modifies runmode to parse configuration file related
to affinity settings. It also prepare the export of the
set_cpu_affinity which was previously local. It is now used
in the affinity and tm-threads files.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 2011366429 Include affinity in runmodes and threadvars. 
This small patch add inclusion of util-affinity.h in the
files that will have to use affinity related features.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 37ee483b75 Add affinity util function and related files 
This patch adds two new files which implement advanced affinity
settings.

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 559b5db7df yaml: add config for cpu_affinity 
This patch introduces the configuration part of cpu_affinity
evolution. The idea is to have thread families (receive, stream, ...)
and to be able to specify for each of them:
 - The cpus to use
 - The mode of balancing between the cpus
 - The thread priority to use (value of nice)

Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Eric Leblond 96e3852191 source-nfq: add define of SOL_NETLINK 
Signed-off-by: Eric Leblond <eric@regit.org>
 15 years ago
Martin Beyer 396b750414 Fixed optional args in SCCudaModuleGetGlobal 15 years ago
Martin Beyer 5dc5d73a66 fixed NULL checks in util-cuda 15 years ago
Martin Beyer 0d4ac48aa0 added texture reference api to util-cuda 15 years ago
Victor Julien d10cf5b4e3 Increase stream msg size. 15 years ago
Victor Julien ec5b622553 Inspect all stream msgs at any time when running in stream-inline mode. Skip detection for packets flagged for dropping before detect. 15 years ago
Victor Julien 48c7f18453 Fix bug in the segment insert code causing an inconsistent segment list in some overlap conditions. 15 years ago
Victor Julien 929ce0bb9b Add a counter to NFQ for modified packets. 15 years ago
Victor Julien 05539d7357 Fix a reassembly overlap issue. Fix a inline reassembly gap handling issue. 15 years ago
Victor Julien 00e4dde6a6 Fix PKT_STREAM_EOF never being set, resulting in some raw stream chunks never being inspected. Improve debug output. 15 years ago
Victor Julien e92ab40d39 Fix compilation for non-DEBUG case. 15 years ago
Victor Julien 1dca88fe69 Do the actual checksum recalculation and packet replacement on modifing a packet in the stream engine. 15 years ago
Victor Julien 2db06cc79e Improve Inline reassembly wrt to GAP handling. Add more tests. 15 years ago
Victor Julien 29e02abc94 Expand and fix stream unittest helpers. 15 years ago
Victor Julien 121e9c72aa Add more debug printing of reassembled data into the app layer api. 15 years ago
Victor Julien 4c82c0e750 Improve RawInline reassembly: remove unnecessary segments from the stream in an earlier stage. Test this properly. 15 years ago
Victor Julien d00c6172c9 Update stream section of example configuration. 15 years ago
Victor Julien 668bd46c1c Add flow prune debug counters (disabled by default). 15 years ago
Victor Julien 4bf4382354 Make sure tunnel packets (and pseudo packets) properly decrement the flow use counter in all cases. 15 years ago
Victor Julien 37587c0b7d Add missing stream inline files. 15 years ago
Victor Julien 3a774165fa Initial version of a inline raw reassembly function that reassembles in a sliding window. Introduce new unittest helpers for stream reassembly. 15 years ago
Victor Julien abdffadc1c Add a new app layer reassembly function that is for inline use, and use it when the stream engine is in inline mode. 15 years ago
Victor Julien 8cacd5fe50 Fix the stream.inline config option. Set PKT_STREAM_EST flag also for packets that are part of a session in a state beyond TCP_ESTABLISHED. 15 years ago
Victor Julien a8bb98836b Don't handle and validate the TCP timestamp at the same time. Instead validate first, then later when all other validation has been done as well, handle. 15 years ago
Victor Julien 8d3f9c53a9 Minor cleanups. 15 years ago
Victor Julien bff70eed6d Update to depth code. Get segment from the correct pool when a payload is truncated. 15 years ago
Victor Julien 66c40f782c Have reassembly errors also set a stream event. 15 years ago
Victor Julien 0f072648e6 Another iteration of the reassembly depth enforcement, now considering retransmissions. 15 years ago
Victor Julien 935958219d Rename RST validation function to match convention 15 years ago
Victor Julien 94fe0d5fa2 Add ACK validation to Reset/RST validation code. 15 years ago
Victor Julien 16cd31a408 Remove unused pseudo packet reassembly code. 15 years ago
Victor Julien bf88a6de09 Add depth comment. 15 years ago