suricata
suricata copied to clipboard
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: https://redmine.openinfosecfoundation.org/issues/3910 Previous PR: https://github.com/OISF/suricata/pull/11296 Changes since v14: - remove THashData size check when checking for memcap for a value dequeued from the spare queue - rebased...
Staging: - #11388 SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1947
replace #11358 and #11359: - rebase - address review comments SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1939 https://redmine.openinfosecfoundation.org/issues/6822 https://redmine.openinfosecfoundation.org/issues/426 https://redmine.openinfosecfoundation.org/issues/6967 https://redmine.openinfosecfoundation.org/issues/7120
Link to ticket: https://redmine.openinfosecfoundation.org/issues/7044 SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1946 Previous PR: https://github.com/OISF/suricata/pull/11151 Changes since v1: - changed the entire approach TODO: Remove truncate glue code and parser specific calls
Link to [redmine](https://redmine.openinfosecfoundation.org/issues/2696) ticket: 2696 Describe changes: - Use libhtp-rs. Rebased from #10996 with libhtp-rs living in the repo cc @jasonish First commit good in #11377 Draft to see CI...
Continuation of #11089 When configured, include the reference value in the alert. The configuration value is in the `alert` section: types.alert.reference. The default value is off/no. Set to yes to...
Continuation of #11344 Convert the byte_extract option parser from C to Rust. Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: [6873](https://redmine.openinfosecfoundation.org/issues/6873) Describe changes: - Refactor code in rust/src/detect to support re-usability - Implement the...
SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1945 https://redmine.openinfosecfoundation.org/issues/6674
Getting time through the Time Stamp Counter (TSC) can be precise and fast, however only for a short duration of time. The implementation across CPUs seems to vary. The original...
Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: https://redmine.openinfosecfoundation.org/issues/2224 Describe changes: - detect: adds `absent` keyword to match on absent buffer SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1942 https://github.com/OISF/suricata/pull/11301 with use of `SIGMATCH_OPTIONAL_OPT`