[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta3-123-g0704ece
OISF Git
noreply at openinfosecfoundation.org
Fri Mar 20 09:14:00 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 0704ece4d7414dc5ba9427e9a0446dee9f34e13e (commit)
via 724c7044e19e0e1624982720653eaf6b8c95606f (commit)
via 7c9e015748db1c5c61505cbd2894507daa9a32c6 (commit)
via 71d01f06b920a632ca68a7111b550f95eab6b158 (commit)
via b51075e804189a50191581611fa5e21e57ae602f (commit)
via 85e12f2bc6b75de14a9f324a879dff547118dcd6 (commit)
via 0bc27c7dc7f5e4c0e30c1a703f1b1545c91ef3b8 (commit)
via 3083f51cc6bfe3708f9cfb1050ef8c66dda09769 (commit)
via 2be9ccfe9c92d7e21ff09b2103a51248bb1f6ecd (commit)
via 7108085d33b2848f0eccd8c82244f671ed10e793 (commit)
via 97d77e3540972e60a3557382cefeb58a8b730191 (commit)
via a80cc696d73a9ec71556c2e49f1e7789b57dcdfc (commit)
via c9a8262ccf877f45a903d2e113a492ce5988dc8f (commit)
via 55e7370fc514258b83a26645633c8ee3c386617c (commit)
via b1c54a8673fcc293090ff61eca791a6b45e3d228 (commit)
via 0c263105cd1e8799150df6fbfc4de34b520d9f52 (commit)
via e7882da178fcb8d8faf02557602e2d25139f800a (commit)
via f4617d53574637482319d54b81d8de4a50d442a7 (commit)
via b0cb4c17ec3e31f53051b5bf6223aaaf45529c4d (commit)
via 38b349af1e8c3e1b85dcb5ba2708ceb7f164f402 (commit)
via b038b6a2f87549474503ff80c2e5586ccd02c92d (commit)
via d66fa1add1137791e0d323b55649f2f13aeb52ac (commit)
via 664100c0742bd3e9a43b8e2975789111ebf04e25 (commit)
via 092ddc1853d4f11baf7d6b64c61e0e3b29044e07 (commit)
via 49bad2cfba46f8a52d69632f559d6a36e1cca4e2 (commit)
via 69f99245c554f2d4ad028026abf8725967896ad4 (commit)
from 60a49657df10d6d14f087037593fd8ef4daf07d5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0704ece4d7414dc5ba9427e9a0446dee9f34e13e
Author: Victor Julien <victor at inliniac.net>
Date: Thu Mar 19 17:20:27 2015 +0100
detect-reload: enable unconditionally
Reloading is available unconditionally now.
commit 724c7044e19e0e1624982720653eaf6b8c95606f
Author: Victor Julien <victor at inliniac.net>
Date: Mon Mar 16 10:53:56 2015 +0100
detect-reload: 0 detect threads is no error
The reload code would consider 0 detect threads to be an error,
but it's not in case of unix socket mode.
commit 7c9e015748db1c5c61505cbd2894507daa9a32c6
Author: Victor Julien <victor at inliniac.net>
Date: Thu Mar 5 16:25:09 2015 +0100
unix-socket: implement reload-rules
Implement the reload-rules unix socket command. The unix command
thread signals the main thread to do the reload and it waits for
it to complete.
commit 71d01f06b920a632ca68a7111b550f95eab6b158
Author: Victor Julien <victor at inliniac.net>
Date: Thu Mar 5 13:04:33 2015 +0100
detect reload: load config
Load the YAML into a prefix "detect-engine-reloads.N" where N is the
reload counter. This way we can load the updated config w/o overwriting
the current one.
commit b51075e804189a50191581611fa5e21e57ae602f
Author: Victor Julien <victor at inliniac.net>
Date: Thu Mar 5 13:00:33 2015 +0100
detect: remove config at prefix
Remove config at prefix when freeing a detect engine.
commit 85e12f2bc6b75de14a9f324a879dff547118dcd6
Author: Victor Julien <victor at inliniac.net>
Date: Mon Mar 2 08:59:44 2015 +0100
rule vars: support prefix
Support the detection engine's prefix when retrieving rule vars.
commit 0bc27c7dc7f5e4c0e30c1a703f1b1545c91ef3b8
Author: Victor Julien <victor at inliniac.net>
Date: Sun Mar 1 20:30:01 2015 +0100
rule-vars: take detect engine as arg
commit 3083f51cc6bfe3708f9cfb1050ef8c66dda09769
Author: Victor Julien <victor at inliniac.net>
Date: Sun Mar 1 12:34:11 2015 +0100
detect:pass DetectEngineCtx to port parsing
Preparation for prefix handling in port parsing.
commit 2be9ccfe9c92d7e21ff09b2103a51248bb1f6ecd
Author: Victor Julien <victor at inliniac.net>
Date: Sun Mar 1 11:02:33 2015 +0100
detect: pass DetectEngineCtx to address parsing
Preparation for prefix handling in address parsing.
commit 7108085d33b2848f0eccd8c82244f671ed10e793
Author: Victor Julien <victor at inliniac.net>
Date: Fri Jan 16 17:46:16 2015 +0100
detect: initialize detection engine by prefix
Initalize detection engine by configuration prefix.
DetectEngineCtxInitWithPrefix(const char *prefix)
Takes the detection engine configuration from:
<prefix>.<config>
If prefix is NULL the regular config will be used.
Update sure that DetectLoadCompleteSigPath considers the prefix when
retrieving the configuration.
commit 97d77e3540972e60a3557382cefeb58a8b730191
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 13 11:59:21 2015 +0100
conf: add ConfYamlLoadFileWithPrefix
Add function to load a yaml file and insert it into the conf tree at
a specific prefix.
Example YAML:
somefile: myfile.txt
If loaded using ConfYamlLoadFileWithPrefix with prefix "myprefix", it
can be retrieved by the name of "myprefix.somefile".
commit a80cc696d73a9ec71556c2e49f1e7789b57dcdfc
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 29 11:16:49 2015 +0100
detect: allow det_ctx->de_ctx to be NULL
When freeing det_ctx, allow de_ctx to be NULL.
commit c9a8262ccf877f45a903d2e113a492ce5988dc8f
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 27 12:33:21 2015 +0100
detect: reload thread init cleanup
Rename the thread init function DetectEngineThreadCtxInitForLiveRuleSwap
to DetectEngineThreadCtxInitForReload and change it's logic to take the
new detection engine as argument and let it return the
DetectEngineThreadCtx or NULL on error.
The old approach used the thread init API format, but it wasn't used in
that way.
commit 55e7370fc514258b83a26645633c8ee3c386617c
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 27 11:30:08 2015 +0100
detect reload: allow master update during reload
Add DetectEngineReference, which takes a reference to a detect engine,
and make DetectEngineThreadCtxInitForLiveRuleSwap use it. This way
reload will not depend on master staying the same. This allows master
to be updated in between w/o affecting the reload that is in progress.
commit b1c54a8673fcc293090ff61eca791a6b45e3d228
Author: Victor Julien <victor at inliniac.net>
Date: Sat Jan 17 10:53:54 2015 +0100
detect: remove old live reload implementation
Remove code that ran the reload in it's own thread. Simplify the
signal handling.
commit 0c263105cd1e8799150df6fbfc4de34b520d9f52
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 19 22:09:59 2015 +0100
detect: move reload into main loop
Use new DetectEngineReload() function. It's called from the main loop
instead of it being spawned into it's own temporary thread. This greatly
simplifies the signal handling.
An added advantage is that this seems to improve the memory usage.
Related to bug #1358
commit e7882da178fcb8d8faf02557602e2d25139f800a
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 19 14:54:11 2015 +0100
detect: introduce 'minimal' detect engine
The minimal detect engine has only the minimal memory use and setup
time. It's to be used for 'delayed' detect where the first detection
engine is essentially empty.
The threads setup are also minimal.
commit f4617d53574637482319d54b81d8de4a50d442a7
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 19 12:11:22 2015 +0100
threading: remove 'dummy' slot logic
Now that delayed detect is not using it anymore, the dummy logic
can be removed.
commit b0cb4c17ec3e31f53051b5bf6223aaaf45529c4d
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 19 12:08:55 2015 +0100
detect: unify delayed detect and reload
Instead of threading logic with dummy slots and all, use the regular
reload logic for delayed detect.
This means we pass a empty detect engine to the threads and then
reload (live swap) it as soon as the engine is running.
commit 38b349af1e8c3e1b85dcb5ba2708ceb7f164f402
Author: Victor Julien <victor at inliniac.net>
Date: Mon Jan 19 10:27:34 2015 +0100
runmodes: remove DetectEngineCtx passing from API
No longer pass a pointer to the current detection engine to the
runmode API calls.
Note: breaks delayed detect. Will be fixed in a future commit.
commit b038b6a2f87549474503ff80c2e5586ccd02c92d
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 20 11:25:02 2015 +0100
unittests: add exception to detect engine setup
Add code to allow for unittests not following the complete api.
Update replace tests as they don't use the unittests runmode that
powers the workaround based on RunmodeIsUnittests().
commit d66fa1add1137791e0d323b55649f2f13aeb52ac
Author: Victor Julien <victor at inliniac.net>
Date: Sat Jan 17 18:44:23 2015 +0100
detect: update detect engine management
Update detect engine management to make it easier to reload the detect
engine.
Core of the new approach is a 'master' ctx, that keeps a list of one or
more detect engines. The detect engines will not be passed to any thread
directly, but instead will only be accessed through the detect engine
thread contexts. As we can replace those atomically, replacing a detect
engine becomes easier.
Each thread keeps a reference to its detect context. When a detect engine
is replaced or removed, it's added to a free list. Once its reference
count reaches 0, it is freed.
commit 664100c0742bd3e9a43b8e2975789111ebf04e25
Author: Victor Julien <victor at inliniac.net>
Date: Fri Jan 16 19:25:24 2015 +0100
suricatasc: allow for much longer response times
commit 092ddc1853d4f11baf7d6b64c61e0e3b29044e07
Author: Victor Julien <victor at inliniac.net>
Date: Tue Jan 27 16:34:16 2015 +0100
detect: no exit on reference/classification errors
Don't exit on errors during classification and reference parsing.
Add some suppression of error messages when in unittest mode.
commit 49bad2cfba46f8a52d69632f559d6a36e1cca4e2
Author: Victor Julien <victor at inliniac.net>
Date: Fri Jan 16 19:28:44 2015 +0100
detect: consolidate more setup into DetectEngineCtxInit
Loading of classifications, references and action order was done
unconditionally, so can be done in one place.
commit 69f99245c554f2d4ad028026abf8725967896ad4
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 29 11:45:44 2015 +0100
unix-command: fix duplicate registration error msg
-----------------------------------------------------------------------
Summary of changes:
scripts/suricatasc/src/suricatasc.py | 8 +-
src/app-layer-detect-proto.c | 2 +-
src/conf-yaml-loader.c | 65 ++++
src/conf-yaml-loader.h | 2 +
src/detect-engine-address.c | 190 +++++-----
src/detect-engine-address.h | 2 +-
src/detect-engine-iponly.c | 33 +-
src/detect-engine-iponly.h | 2 +-
src/detect-engine-mpm.c | 3 +-
src/detect-engine-port.c | 90 ++---
src/detect-engine-port.h | 2 +-
src/detect-engine.c | 664 +++++++++++++++++++++++-----------
src/detect-engine.h | 19 +-
src/detect-filemd5.c | 6 +-
src/detect-lua.c | 6 +-
src/detect-parse.c | 36 +-
src/detect-replace.c | 15 +-
src/detect.c | 25 +-
src/detect.h | 30 +-
src/runmode-af-packet.c | 23 +-
src/runmode-af-packet.h | 7 +-
src/runmode-erf-dag.c | 22 +-
src/runmode-erf-dag.h | 6 +-
src/runmode-erf-file.c | 19 +-
src/runmode-erf-file.h | 4 +-
src/runmode-ipfw.c | 17 +-
src/runmode-ipfw.h | 5 +-
src/runmode-napatech.c | 20 +-
src/runmode-napatech.h | 5 +-
src/runmode-netmap.c | 12 +-
src/runmode-netmap.h | 6 +-
src/runmode-nflog.c | 15 +-
src/runmode-nflog.h | 6 +-
src/runmode-nfq.c | 17 +-
src/runmode-nfq.h | 5 +-
src/runmode-pcap-file.c | 22 +-
src/runmode-pcap-file.h | 5 +-
src/runmode-pcap.c | 26 +-
src/runmode-pcap.h | 5 +-
src/runmode-pfring.c | 22 +-
src/runmode-pfring.h | 7 +-
src/runmode-tile.c | 13 +-
src/runmode-tile.h | 2 +-
src/runmode-unix-socket.c | 18 +-
src/runmode-unix-socket.h | 2 +-
src/runmodes.c | 10 +-
src/runmodes.h | 4 +-
src/suricata.c | 182 +++-------
src/suricata.h | 1 -
src/tm-threads.c | 94 -----
src/tm-threads.h | 3 -
src/unix-manager.c | 21 +-
src/unix-manager.h | 2 +-
src/util-classification-config.c | 24 +-
src/util-reference-config.c | 16 +-
src/util-rule-vars.c | 152 ++++++--
src/util-rule-vars.h | 2 +-
src/util-runmodes.c | 51 +--
src/util-runmodes.h | 24 +-
suricata.yaml.in | 3 -
60 files changed, 1138 insertions(+), 962 deletions(-)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list