Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View

Tags: default personal
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

default personal
Jason Ish
detect-engine: check for tx detect flag support
When registing a detection engine, check that the app-layer
protocol supports tx detect flags. Exit with a fatal
error if it does not as this is a code implementation
error that should be resolved during development.
  • profiling: 'make distcheck' failed -  stdio
Jason Ish
krb5: register tx detect flags
Related ticker #3345:
Victor Julien
files: simplify pruning logic
Since ebcc4db84ac2c1957a6cc23b5154d7d6333f4cb8 the flow worker runs
file pruning after parsing, detection and loging. This means we can
simplify the pruning logic. If a file is in state >= CLOSED, we can
prune it. Detection and outputs will have had a final chance to
process it.

Remove the calls to the pruning code from Rust. They are no longer
Eric Leblond
qa/coccinelle: port struct-flags.py to Python3
Jeff Lucovsky
detect: Improve handling of variable values
When one of offset/depth/distance is from a variable, adjust the depth
by the offset as is done with scalar values at parse time.
Jason Ish
snmp: add tx detect flags
Jeff Lucovsky
detect/mpm: Improved handling of variable values
This commit removes the offset and depth if either of these values are
dependent upon a byte-extract operation.
Jason Ish
rust: add tx detect flags function to registration struct
Victor Julien
http/multipart: use proper progress value to test eof
Jason Ish
dcerpc: add tx detect flags
Jeff Lucovsky
detect/analyzer: Suppress direction warnings
This commit suppresses direction warnings by the rules analyzer for ICMP
and ICMPV6 since it's not actionable.
Victor Julien
detect/file.data: fix buffer reusing id 0
Philippe Antoine
transform: fixes comment about compress_whitespace
Victor Julien
detect/replace: fix debug print issue
Don't print field that will likely not be 0 terminated.
Eric Leblond
qa: generate struct-flags.cocci at each run
Jason Ish
app-layer: validate TX detect flag callbacks
Check that both are set or unset.
Victor Julien
files: remove FILE_USE_TRACKID flag
Once it was optional but as it no longer is it is no longer useful.

Remove it.
Eric Leblond
qa/coccinelle: reformat struct-flags.py
Jason Ish
ftpdata: add tx detect flags
  • profiling: 'make distcheck' failed -  stdio
Jeff Lucovsky
detect: Fix spelling errors
jason taylor
docs: update datasets examples
Signed-off-by: jason taylor <jtfas90@gmail.com>
Victor Julien
http: split request/response tx id handling
When HTTP pipelining was in use, the transaction id used for events
and files could be off. If the request side was several requests ahead
of the responses, it would use the HtpState::transaction_cnt for events
and files, even though that is only incremented on complete requests.

Split request and response tx id tracking. The response is still handled
by the HtpState::transaction_cnt, but the request side is now handled by
its own logic.
Philippe Antoine
transform: updates doc about compress_whitespace
And removes duplicate test from strip_whitespace
Jeff Lucovsky
detect/analyzer: Improved fast pattern display
When transforms are part of a rule, improve information displayed with
fast patterns to include the original buffer name and whether any
transform(s) are applied.
Jason Ish
rust: define TxDetectFlag struct and binding macros
Define a TxDetectFlag type and macros to generating C
bindings for getting and settings the tx detect
Victor Julien
stats: fix stats not always syncing in flow timeout
Eric Leblond
qa/coccinelle: flag check for setter and getter
WHen adding something like
/* coccinelle: AppLayerParserStateIssetFlag():4,2:APP_LAYER_PARSER_ */
the coccinelle check will consider that AppLayerParserStateIssetFlag
is taking 4 parameters and that the second one is a flag that needs
to be checked against APP_LAYER_PARSER_.
Philippe Antoine
fastlog: move code to reduce variable scope
Jason Ish
app-layer: method to see if parser supports tx detect flags
Add method to check if a parser for an app-layer protocol
supports tx detect flags.

This is a bit of a hack for now as where we need to run
this check from we do not have the IP protocol.
  • gt4-pcap-tests: 'make install' failed -  stdio
  • profiling: 'make distcheck' failed -  stdio
Jason Ish
enip: add tx detect flags
Jason Ish
debug: add SCReturnBool function exit macro
  • profiling: 'make distcheck' failed -  stdio
doc: fix typo on example
Quotes have been forgotten in the dnp3.data example, which throws an
SC_ERR_INVALID_SIGNATURE(39) if used like in the example.
Eric Leblond
qa/coccinelle: fix false positive in setter getter
Coccinelle test was doing a false positive on the function
AppLayerParserStateSetFlag and AppLayerParserStateIssetFlag.
To address that, this patch adds a new coccinelle markup:

/* coccinelle: AppLayerParserStateSetFlag():2,2:APP_LAYER_PARSER_ */

It indicates that AppLayerParserStateSetFlag is a setter and getter
and that the checks should be disabled inside the function.

Currently this markup is only used for that but following patch will
add some checks on option value.
Jason Ish
github-actions: builds for our tier one linux distributions
Example of using GitHub actions to perform builds across
CentOS, Ubuntu, Debian and the latest Fedora.
Victor Julien
qa/banned-functions: remove strndup now we have a fall back
Jason Ish
modbus: add tx detect flags
Jeff Lucovsky
mpm: Fix typos and spelling errors
Jason Ish
app-layer: add tx detect functions to register struct
Eric Leblond
qa/coccinelle: fix make distcheck
We need to use top_srcdir to know where the sources are. Relative
directory is not enough.
Philippe Antoine
fastlog: use icmp type and code instead of port
Fixes #3266