[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta1-402-g3f8947f
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Mon Dec 2 15:06:07 UTC 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 3f8947ff3d786364c5af593dac4ef37874a22726 (commit)
via 7074ca373bb14acdecf2b7798650786c5f49e006 (commit)
via abccbe13f352c244f0af3aebef0241fa3242c9d4 (commit)
via daedb6c55751547a5af4660a3555a229f6b3de30 (commit)
via 0460b194b1175c0bf65a392934b49ac73e838622 (commit)
via 1bdc39fe9b632bb6b86ea1d83b3dabe4e66d68d2 (commit)
via 8b5be26f496b79f2f6c5523f4bff3536d7183daa (commit)
via b2c58b8d149eb4bcca56762076d0fc8c0e2e679a (commit)
via 3088b6ac346400da62c101f1b5ba22b13a4973b4 (commit)
from 92568c3857276f03697ef27083768b265c49cbf3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3f8947ff3d786364c5af593dac4ef37874a22726
Author: Victor Julien <victor at inliniac.net>
Date: Mon Dec 2 15:04:08 2013 +0100
app layer: set event if proto detect disabled for a stream, but we see data anyway.
commit 7074ca373bb14acdecf2b7798650786c5f49e006
Author: Victor Julien <victor at inliniac.net>
Date: Tue Nov 5 14:41:45 2013 +0100
proto detection: add limit for one sided sessions
If a session only has data in one direction, like ftp data sessions,
protocol detection will only run in one direction. This led to a
situation where reassembly would hold all the segments as proto
detection was never flagged as complete.
This patch introduces a limit for protocol detection in this case.
If the limit is reached, detection will give up.
commit abccbe13f352c244f0af3aebef0241fa3242c9d4
Author: Victor Julien <victor at inliniac.net>
Date: Tue Nov 5 14:41:31 2013 +0100
stream: add size debug code
commit daedb6c55751547a5af4660a3555a229f6b3de30
Author: Victor Julien <victor at inliniac.net>
Date: Tue Sep 24 19:36:51 2013 +0200
stream: wait for protocol detection to complete
Wait for protocol detection to complete before removing segments
from the list.
commit 0460b194b1175c0bf65a392934b49ac73e838622
Author: Eric Leblond <eric at regit.org>
Date: Mon Dec 2 11:08:01 2013 +0100
decode: clean DecodeThreadVars counter
Speed counters are not compute anymore and can be removed from the
structure definition.
commit 1bdc39fe9b632bb6b86ea1d83b3dabe4e66d68d2
Author: Eric Leblond <eric at regit.org>
Date: Wed Nov 27 13:22:42 2013 +0100
cmdline: add -k to specify checksum validation
This patch adds a '-k' option to suricata to be able to specify
the checksum validation to use. If '-k all' is used, checksum
validation is forced. If '-k none' is used, no checksum validation
is made.
Message output in case of detection of a pcap file with a probable
cheksum issue has been updated to indicate that '-k' is a solution.
commit 8b5be26f496b79f2f6c5523f4bff3536d7183daa
Author: Eric Leblond <eric at regit.org>
Date: Thu Jun 20 09:29:10 2013 +0200
pcap-file: add checksum-checks configuration variable
This patch adds support for checksum-checks in the pcap-file running
mode. This is the same functionnality as the one already existing for
live interface.
It can be setup in the YAML:
pcap-file:
checksum-checks: auto
A message is displayed for small pcap to warn that invalid checksum
rate is big on the pcap file and that checksum-check could
be set to no.
commit b2c58b8d149eb4bcca56762076d0fc8c0e2e679a
Author: Eric Leblond <eric at regit.org>
Date: Tue Feb 19 14:53:52 2013 +0100
Set packet invalid flag during decoding.
This patch set a new value in pkt->flag to signal that a packet is
invalid during decoding. The patch has been obtained via a coccinelle
transformation.
commit 3088b6ac346400da62c101f1b5ba22b13a4973b4
Author: Eric Leblond <eric at regit.org>
Date: Tue Feb 19 14:45:05 2013 +0100
Add invalid pkt counter.
This patch adds and increments a invalid packet counter. It
does this by introducing PacketDecodeFinalize function
This function is incrementing the invalid counter and is also
signalling the packet to CUDA.
-----------------------------------------------------------------------
Summary of changes:
src/app-layer-detect-proto.c | 25 +++++++++++++
src/app-layer-detect-proto.h | 6 ++-
src/app-layer.c | 52 ++++++++++++++++++++++++++++
src/decode-ethernet.c | 2 +-
src/decode-events.c | 2 +
src/decode-events.h | 1 +
src/decode-gre.c | 32 +++++++++--------
src/decode-icmpv4.c | 6 ++--
src/decode-icmpv6.c | 6 ++--
src/decode-ipv4.c | 54 +++++++++++++++---------------
src/decode-ipv6.c | 8 ++--
src/decode-ppp.c | 10 +++---
src/decode-pppoe.c | 16 ++++----
src/decode-raw.c | 2 +-
src/decode-sctp.c | 2 +-
src/decode-sll.c | 2 +-
src/decode-tcp.c | 8 ++--
src/decode-udp.c | 6 ++--
src/decode-vlan.c | 4 +-
src/decode.c | 36 ++++++++++++-------
src/decode.h | 13 +++++--
src/source-af-packet.c | 5 +--
src/source-erf-dag.c | 2 +
src/source-erf-file.c | 2 +
src/source-ipfw.c | 2 +
src/source-mpipe.c | 4 ++-
src/source-napatech.c | 3 ++
src/source-nfq.c | 2 +
src/source-pcap-file.c | 57 +++++++++++++++++++++++++++++--
src/source-pcap-file.h | 2 +
src/source-pcap.c | 5 +--
src/source-pfring.c | 5 +--
src/stream-tcp-private.h | 2 +
src/stream-tcp-reassemble.c | 77 +++++++++++++++++++++++++++++++++--------
src/stream-tcp.c | 17 +++++++++
src/stream-tcp.h | 1 +
src/suricata.c | 28 +++++++++++++++-
src/suricata.h | 1 +
src/tmqh-packetpool.c | 1 +
suricata.yaml.in | 9 +++++
40 files changed, 389 insertions(+), 129 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list