[Oisf-devel] [COMMIT] OISF branch, master, updated. 291ddd95f259124759aba3cc5420413d5b5f8941
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Mon Dec 12 14:34:54 UTC 2011
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 291ddd95f259124759aba3cc5420413d5b5f8941 (commit)
via 7db72bce75120c8751ed21d6a8aefcc7d5a020fd (commit)
via 89f83e714c61049b767fdd4755e02e10bd4c7ad2 (commit)
from 6e7a8f38bf837803a85b4aa50c7ca22f23a4c8b1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 291ddd95f259124759aba3cc5420413d5b5f8941
Author: Victor Julien <victor at inliniac.net>
Date: Mon Dec 12 15:22:06 2011 +0100
Detection engine -- mpm
Each signature is in one mpm ctx at max, but there were 3 separate
id's in use: packet, stream, http. Merged them all into one.
Could shrink the SignatureHeader structure with 8 bytes because of this,
should lead to better caching performance.
commit 7db72bce75120c8751ed21d6a8aefcc7d5a020fd
Author: Victor Julien <victor at inliniac.net>
Date: Mon Dec 12 13:48:21 2011 +0100
Optimize detection engine prefiltering logic.
commit 89f83e714c61049b767fdd4755e02e10bd4c7ad2
Author: Victor Julien <victor at inliniac.net>
Date: Mon Dec 12 12:23:42 2011 +0100
Introduce http_server_body keyword.
The http_server_body content modifier modifies the previous content to inspect
the normalized (dechunked, unzipped) http_server_body. The workings are similar
to http_client_body. Additionally, a new pcre flag was introduced "/S".
To facilitate this change the signature flags field was changed to be 64 bit.
-----------------------------------------------------------------------
Summary of changes:
src/Makefile.am | 2 +
src/detect-content.h | 21 +-
src/detect-depth.c | 73 +-
src/detect-distance.c | 130 +-
src/detect-engine-hsbd.c | 2363 ++++++++++++++++++++
src/{detect-engine-hcbd.h => detect-engine-hsbd.h} | 16 +-
src/detect-engine-mpm.c | 150 ++-
src/detect-engine-mpm.h | 1 +
src/detect-engine-state.c | 49 +-
src/detect-engine-state.h | 20 +-
src/detect-fast-pattern.c | 25 +-
src/detect-http-client-body.c | 6 +-
...ttp-client-body.c => detect-http-server-body.c} | 1278 ++++++-----
...ttp-client-body.h => detect-http-server-body.h} | 8 +-
src/detect-isdataat.c | 71 +-
src/detect-nocase.c | 95 +-
src/detect-offset.c | 67 +-
src/detect-parse.c | 6 +
src/detect-pcre.c | 55 +-
src/detect-pcre.h | 31 +-
src/detect-within.c | 132 +-
src/detect.c | 162 +-
src/detect.h | 144 +-
src/suricata-common.h | 1 +
src/suricata.c | 2 +
src/util-profiling.c | 1 +
26 files changed, 3860 insertions(+), 1049 deletions(-)
create mode 100644 src/detect-engine-hsbd.c
copy src/{detect-engine-hcbd.h => detect-engine-hsbd.h} (71%)
copy src/{detect-http-client-body.c => detect-http-server-body.c} (63%)
copy src/{detect-http-client-body.h => detect-http-server-body.h} (83%)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list