git -c advice.detachedHead=false checkout FETCH_HEAD
- run: ./autogen.sh
- - run: ./configure
+ - run: ./configure --enable-warnings
- run: make -j ${{ env.CPUS }}
- run: python3 ./suricata-verify/run.py -q --debug-failed
- run: make install-full
- name: Configuring
run: |
./autogen.sh
- CFLAGS="${DEFAULT_CFLAGS}" ./configure
+ CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings
- run: make -j ${{ env.CPUS }} distcheck
env:
DISTCHECK_CONFIGURE_FLAGS: "--enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk"
- run: tar xf prep/libhtp.tar.gz
- run: tar xf prep/suricata-update.tar.gz
- run: ./autogen.sh
- - run: ./configure --disable-shared
+ - run: ./configure --enable-warnings --disable-shared
env:
CC: "clang"
RUSTFLAGS: "-C instrument-coverage"
- run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow" ./configure --disable-shared
- run: make check
- run: make distclean
- - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua
+ - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua
env:
LDFLAGS: "-fsanitize=address"
ac_cv_func_realloc_0_nonnull: "yes"
- run: tar xf prep/libhtp.tar.gz
- run: tar xf prep/suricata-update.tar.gz
- run: ./autogen.sh
- - run: ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
+ - run: ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
env:
CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer"
LDFLAGS: "-fsanitize=address"
- run: sudo -u suricata -s ./autogen.sh
working-directory: /home/suricata/suricata
- - run: sudo -u suricata -s env PATH="/home/suricata/.cargo/bin:$PATH" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
+ - run: sudo -u suricata -s env PATH="/home/suricata/.cargo/bin:$PATH" ./configure --enable-warnings --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
working-directory: /home/suricata/suricata
env:
ac_cv_func_realloc_0_nonnull: "yes"
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- - run: ./configure --disable-shared --enable-unittests
+ - run: ./configure --enable-warnings --disable-shared --enable-unittests
env:
CC: "clang-14"
CXX: "clang++-14"
# using leading to random crashes: https://github.com/actions/runner-images/issues/9491
run: sudo sysctl vm.mmap_rnd_bits=28
- run: ./autogen.sh
- - run: ./configure --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect
+ - run: ./configure --enable-warnings --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect
env:
LIB_FUZZING_ENGINE: "fail_to_onefile_driver"
CC: "clang-14"
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- - run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-unittests
+ - run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-warnings --enable-unittests
- run: make -j ${{ env.CPUS }}
- run: make check
- run: make dist
# using leading to random crashes: https://github.com/actions/runner-images/issues/9491
run: sudo sysctl vm.mmap_rnd_bits=28
- run: ./autogen.sh
- - run: ./configure --enable-debug-validation
+ - run: ./configure --enable-warnings --enable-debug-validation
env:
CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer"
LDFLAGS: "-fsanitize=address"
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- - run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-fuzztargets --disable-shared
+ - run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-warnings --enable-fuzztargets --disable-shared
- run: AFL_HARDEN=1 make -j ${{ env.CPUS }}
ubuntu-22-04-netmap-build:
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-netmap
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-netmap
- run: make -j ${{ env.CPUS }}
- run: ./src/suricata --build-info | grep -E "Netmap support:\s+yes"
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-dpdk
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-dpdk
- run: make -j ${{ env.CPUS }}
- run: make check
# IDS config
- run: tar xf prep/suricata-update.tar.gz
- run: tar xf prep/suricata-verify.tar.gz
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests
- run: make -j ${{ env.CPUS }}
- run: make check
# -j2 caused random failures during cargo vendor
- run: tar xf prep/suricata-update.tar.gz
- run: tar xf prep/suricata-verify.tar.gz
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk
- run: make -j ${{ env.CPUS }}
- run: make check
- name: Building Rust documentation
cp prep/cbindgen $HOME/.cargo/bin
chmod 755 $HOME/.cargo/bin/cbindgen
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build
- run: make -j ${{ env.CPUS }}
- run: make check
- run: tar xf prep/suricata-verify.tar.gz
cp prep/cbindgen $HOME/.cargo/bin
chmod 755 $HOME/.cargo/bin/cbindgen
- run: ./autogen.sh
- - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets
+ - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --enable-fuzztargets
- run: make -j ${{ env.CPUS }}
- run: make check
- run: tar xf prep/suricata-verify.tar.gz
- run: tar xvf prep/libhtp.tar.gz
- run: tar xvf prep/suricata-update.tar.gz
- run: ./autogen.sh
- - run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --prefix="$HOME/.local/"
+ - run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-warnings --enable-unittests --prefix="$HOME/.local/"
- run: CPATH="$HOMEBREW_PREFIX/include:$CPATH" LIBRARY_PATH="$HOMEBREW_PREFIX/lib:$LIBRARY_PATH" PATH="/opt/homebrew/opt/libtool/libexec/gnubin:$PATH" CFLAGS="${DEFAULT_CFLAGS}" make -j2
# somehow it gets included by some C++ stdlib header (case unsensitive)
- run: rm libhtp/VERSION && make check
- name: Build
run: |
./autogen.sh
- CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
+ CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
make -j3
- name: Run
run: |
- name: Build
run: |
./autogen.sh
- CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
+ CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
make -j3
- name: Run
run: |
- name: Build
run: |
./autogen.sh
- CFLAGS="-ggdb -Werror" ./configure --enable-gccprotect --disable-gccmarch-native --disable-shared --enable-windivert --with-windivert-include=/windivert/WinDivert-1.4.3-A/include --with-windivert-libraries=/windivert/WinDivert-1.4.3-A/x86_64
+ CFLAGS="-ggdb -Werror" ./configure --enable-warnings --enable-gccprotect --disable-gccmarch-native --disable-shared --enable-windivert --with-windivert-include=/windivert/WinDivert-1.4.3-A/include --with-windivert-libraries=/windivert/WinDivert-1.4.3-A/x86_64
make -j3
- name: Run
run: |
export PATH=/opt/work/.cargo/bin:$PATH
chmod +x autogen.sh
./autogen.sh
- ./configure
+ ./configure --enable-warnings
make
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3.25.3
git checkout $rev
echo "Building rev ${rev}" | tee -a build_log.txt
./autogen.sh >> build_log.txt 2>&1
- CC="sccache gcc" ./configure --enable-unittests >> build_log.txt 2>&1
+ CC="sccache gcc" ./configure --enable-warnings --enable-unittests >> build_log.txt 2>&1
if ! make -j2 >> build_log.txt 2>&1; then
echo "::error ::Failed to build rev ${rev}"
tail -n 50 build_log.txt
shell: bash {0}
- run: git clone https://github.com/OISF/libhtp -b 0.5.x
- run: ./autogen.sh
- - run: ./configure --enable-unittests
+ - run: ./configure --enable-warnings --enable-unittests
- name: Check formatting
run: |
./scripts/clang-format.sh check-branch --diffstat --show-commits >> check_formatting_log.txt 2>&1
run: |
./scripts/bundle.sh libhtp
./autogen.sh
- ./configure
+ ./configure --enable-warnings
- name: Run Cargo Audit
working-directory: rust
run: |
run: |
./scripts/bundle.sh libhtp
./autogen.sh
- ./configure
+ ./configure --enable-warnings
- name: Cargo Update and Build
working-directory: rust
run: |
- run: git config --global --add safe.directory /__w/suricata/suricata
- run: ./scripts/bundle.sh
- run: ./autogen.sh
- - run: ./configure
+ - run: ./configure --enable-warnings
- run: cargo clippy --all-features --fix --allow-no-vcs
working-directory: rust
- run: |
- run: git config --global --add safe.directory /__w/suricata/suricata
- run: ./scripts/bundle.sh
- run: ./autogen.sh
- - run: scan-build-16 ./configure --enable-dpdk --enable-nfqueue --enable-nflog
+ - run: scan-build-16 ./configure --enable-warnings --enable-dpdk --enable-nfqueue --enable-nflog
env:
CC: clang-16
# exclude libhtp from the analysis
])
AC_SUBST(RUST_FEATURES)
+ AC_ARG_ENABLE(enable_warnings,
+ AS_HELP_STRING([--enable-warnings], [Enable supported C compiler warnings]),[enable_warnings=$enableval],[enable_warnings=no])
+ AS_IF([test "x$enable_warnings" = "xyes"], [
+ # check if our compiler supports -Wunused-macros
+ AC_MSG_CHECKING(for -Wunused-macros support)
+ OCFLAGS=$CFLAGS
+ CFLAGS="$CFLAGS -Wunused-macros"
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
+ [[]])],
+ AC_MSG_RESULT([yes]),
+ [AC_MSG_RESULT([no])
+ CFLAGS="$OCFLAGS"])
+ ])
+
AC_CHECK_LIB(fuzzpcap, FPC_IsFuzzPacketCapture, HAS_FUZZPCAP="yes")
AM_CONDITIONAL([HAS_FUZZPCAP], [test "x$HAS_FUZZPCAP" = "xyes"])
AC_ARG_ENABLE(fuzztargets,
#define DNP3_MAX_TRAN_SEQNO 64
/* Maximum application layer sequence number. */
-#define DNP3_MAX_APP_SEQNO 16
+// unused #define DNP3_MAX_APP_SEQNO 16
/* The number of bytes in the header that are counted as part of the
* header length field. */
};
/* Reserved addresses. */
-#define DNP3_RESERVED_ADDR_MIN 0xfff0
-#define DNP3_RESERVED_ADDR_MAX 0xfffb
+// unused #define DNP3_RESERVED_ADDR_MIN 0xfff0
+// unused #define DNP3_RESERVED_ADDR_MAX 0xfffb
/* Source addresses must be < 0xfff0. */
-#define DNP3_SRC_ADDR_MAX 0xfff0
-
-#define DNP3_OBJ_TIME_SIZE 6 /* AKA UINT48. */
-#define DNP3_OBJ_G12_V1_SIZE 11
-#define DNP3_OBJ_G12_V2_SIZE 11
-#define DNP3_OBJ_G12_V3_SIZE 1
+// unused #define DNP3_SRC_ADDR_MAX 0xfff0
/* Extract the prefix code from the object qualifier. */
#define DNP3_OBJ_PREFIX(x) ((x >> 4) & 0x7)
/* Calculate the next transport sequence number. */
#define NEXT_TH_SEQNO(current) ((current + 1) % DNP3_MAX_TRAN_SEQNO)
-/* Calculate the next application sequence number. */
-#define NEXT_APP_SEQNO(current) ((current + 1) % DNP3_MAX_APP_SEQNO)
-
/* CRC table generated by pycrc - http://github.com/tpircher/pycrc.
* - Polynomial: 0x3d65. */
static const uint16_t crc_table[256] = {
#define BOTH_SET(a, b) ((a) != NULL && (b) != NULL)
#define BOTH_SET_OR_BOTH_UNSET(a, b) (((a) == NULL && (b) == NULL) || ((a) != NULL && (b) != NULL))
-#define THREE_SET_OR_THREE_UNSET(a, b, c) (((a) == NULL && (b) == NULL && (c) == NULL) || ((a) != NULL && (b) != NULL && (c) != NULL))
#define THREE_SET(a, b, c) ((a) != NULL && (b) != NULL && (c) != NULL)
static void ValidateParserProto(AppProto alproto, uint8_t ipproto)
#define FILEDATA_CONTENT_INSPECT_WINDOW 4096
/* raw extraction default value */
-#define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
-#define SMTP_MAX_REQUEST_AND_REPLY_LINE_LENGTH 510
+#define SMTP_RAW_EXTRACTION_DEFAULT_VALUE false
#define SMTP_COMMAND_BUFFER_STEPS 5
/* we are in process of parsing a fresh command. Just a placeholder. If we
* are not in STATE_COMMAND_DATA_MODE, we have to be in this mode */
-#define SMTP_PARSER_STATE_COMMAND_MODE 0x00
+// unused #define SMTP_PARSER_STATE_COMMAND_MODE 0x00
/* we are in mode of parsing a command's data. Used when we are parsing tls
* or accepting the rfc 2822 mail after DATA command */
-#define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
-/* Used when we are still in the process of parsing a server command. Used
- * with multi-line replies and the stream is fragmented before all the lines
- * for a response is seen */
-#define SMTP_PARSER_STATE_PARSING_SERVER_RESPONSE 0x02
+#define SMTP_PARSER_STATE_COMMAND_DATA_MODE 0x01
/* Used to indicate that the parser has seen the first reply */
#define SMTP_PARSER_STATE_FIRST_REPLY_SEEN 0x04
/* Used to indicate that the parser is parsing a multiline reply */
#define SMTP_COMMAND_OTHER_CMD 5
#define SMTP_COMMAND_RSET 6
-/* Different EHLO extensions. Not used now. */
-#define SMTP_EHLO_EXTENSION_PIPELINING
-#define SMTP_EHLO_EXTENSION_SIZE
-#define SMTP_EHLO_EXTENSION_DSN
-#define SMTP_EHLO_EXTENSION_STARTTLS
-#define SMTP_EHLO_EXTENSION_8BITMIME
-
#define SMTP_DEFAULT_MAX_TX 256
typedef struct SMTPInput_ {
#define SSLV2_MT_REQUEST_CERTIFICATE 7
#define SSLV2_MT_CLIENT_CERTIFICATE 8
-#define SSLV3_RECORD_HDR_LEN 5
-#define SSLV3_MESSAGE_HDR_LEN 4
+#define SSLV3_RECORD_HDR_LEN 5
/** max length according to RFC 5246 6.2.2 is 2^14 + 1024 */
#define SSLV3_RECORD_MAX_LEN ((1 << 14) + 1024)
static int DetectByteMathSetup(DetectEngineCtx *, Signature *, const char *);
#ifdef UNITTESTS
+#define DETECT_BYTEMATH_ENDIAN_DEFAULT (uint8_t) BigEndian
+#define DETECT_BYTEMATH_BASE_DEFAULT (uint8_t) BaseDec
+
static void DetectByteMathRegisterTests(void);
#endif
static void DetectByteMathFree(DetectEngineCtx *, void *);
-#define DETECT_BYTEMATH_ENDIAN_DEFAULT (uint8_t) BigEndian
-#define DETECT_BYTEMATH_BASE_DEFAULT (uint8_t) BaseDec
/**
* \brief Registers the keyword handlers for the "byte_math" keyword.
*/
#include "rust.h"
#define BUFFER_NAME "dce_stub_data"
-#define KEYWORD_NAME "dce_stub_data"
static int DetectDceStubDataSetup(DetectEngineCtx *, Signature *, const char *);
#ifdef UNITTESTS
#include "flow-util.h"
-/** convert enum to string */
-#define CASE_CODE(E) case E: return #E
-
static inline int StateIsValid(uint16_t alproto, void *alstate)
{
if (alstate != NULL) {
Signature *s_prev;
} SigDuplWrapper;
-#define CONFIG_PARTS 8
-
-#define CONFIG_ACTION 0
-#define CONFIG_PROTO 1
-#define CONFIG_SRC 2
-#define CONFIG_SP 3
-#define CONFIG_DIREC 4
-#define CONFIG_DST 5
-#define CONFIG_DP 6
-#define CONFIG_OPTS 7
-
/** helper structure for sig parsing */
typedef struct SignatureParser_ {
char action[DETECT_MAX_RULE_SIZE];
#define BUFFER_NAME "quic_sni"
#define KEYWORD_NAME "quic.sni"
-#define KEYWORD_ID DETECT_AL_QUIC_SNI
static int quic_sni_id = 0;
#define BUFFER_NAME "quic_ua"
#define KEYWORD_NAME "quic.ua"
-#define KEYWORD_ID DETECT_AL_QUIC_UA
static int quic_ua_id = 0;
#define BUFFER_NAME "quic_version"
#define KEYWORD_NAME "quic.version"
-#define KEYWORD_ID DETECT_AL_QUIC_VERSION
static int quic_version_id = 0;
#define BUFFER_NAME "smb_version"
#define KEYWORD_NAME "smb.version"
-#define KEYWORD_ID DETECT_SMB_VERSION
static int g_smb_version_list_id = 0;
g_smb_version_list_id = DetectBufferTypeRegister(BUFFER_NAME);
SCLogDebug("registering " BUFFER_NAME " rule option");
-}
\ No newline at end of file
+}
SC_ATOMIC_SET(flow_timeouts, flow_timeouts_emerg);
}
-/* 1 seconds */
-#define FLOW_NORMAL_MODE_UPDATE_DELAY_SEC 1
-#define FLOW_NORMAL_MODE_UPDATE_DELAY_NSEC 0
-/* 0.3 seconds */
-#define FLOW_EMERG_MODE_UPDATE_DELAY_SEC 0
-#define FLOW_EMERG_MODE_UPDATE_DELAY_NSEC 300000
-#define NEW_FLOW_COUNT_COND 10
-
typedef struct FlowTimeoutCounters_ {
uint32_t rows_checked;
uint32_t rows_skipped;
#define LOG_HTTP_CF_REQUEST_HOST 'h'
#define LOG_HTTP_CF_REQUEST_PROTOCOL 'H'
#define LOG_HTTP_CF_REQUEST_METHOD 'm'
-#define LOG_HTTP_CF_REQUEST_URI 'u'
-#define LOG_HTTP_CF_REQUEST_TIME 't'
+#define LOG_HTTP_CF_REQUEST_URI 'u'
#define LOG_HTTP_CF_REQUEST_HEADER 'i'
#define LOG_HTTP_CF_REQUEST_COOKIE 'C'
#define LOG_HTTP_CF_REQUEST_LEN 'b'
#define PRINT_BUF_LEN 46
-#define OUTPUT_BUFFER_SIZE 65535
-#define CERT_ENC_BUFFER_SIZE 2048
+#define OUTPUT_BUFFER_SIZE 65535
#define LOG_TLS_DEFAULT 0
#define LOG_TLS_EXTENDED 1
#define MODULE_NAME "EveStreamLog"
-#define LOG_DROP_ALERTS 1
-
typedef struct EveStreamOutputCtx_ {
uint16_t trigger_flags; /**< presence of flags in packet trigger logging. 0xffff for all. */
OutputJsonCtx *eve_ctx;
}
}
-#define DEFAULT_LOG_FILENAME "alert.json"
-
static void JsonAlertLogSetupMetadata(AlertJsonOutputCtx *json_output_ctx,
ConfNode *conf)
{
JsonAnomalyLogDeInitCtxSubHelper(output_ctx);
}
-#define DEFAULT_LOG_FILENAME "anomaly.json"
static void SetFlag(const ConfNode *conf, const char *name, uint16_t flag, uint16_t *out_flags)
{
DEBUG_VALIDATE_BUG_ON(conf == NULL);
SCFree(output_ctx);
}
-#define DEFAULT_LOG_FILENAME "dnp3.json"
-
static OutputInitResult OutputDNP3LogInitSub(ConfNode *conf, OutputCtx *parent_ctx)
{
OutputInitResult result = { NULL, false };
#include "output-json-dns.h"
#include "rust.h"
-/* we can do query logging as well, but it's disabled for now as the
- * TX id handling doesn't expect it */
-#define QUERY 0
-
#define LOG_QUERIES BIT_U64(0)
#define LOG_ANSWERS BIT_U64(1)
#define MODULE_NAME "JsonFrameLog"
-#define JSON_STREAM_BUFFER_SIZE 4096
-
typedef struct FrameJsonOutputCtx_ {
LogFileCtx *file_ctx;
uint16_t flags;
SC_ATOMIC_EXTERN(unsigned int, cert_id);
-#define MODULE_NAME "LogTlsLog"
-#define DEFAULT_LOG_FILENAME "tls.json"
-
#define LOG_TLS_DEFAULT 0
#define LOG_TLS_EXTENDED (1 << 0)
#define LOG_TLS_CUSTOM (1 << 1)
* AF_XDP socket runmode
*
*/
-#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1
#define SC_PCAP_DONT_INCLUDE_PCAP_H 1
#include "suricata-common.h"
#include "tm-threads.h"
#include "runmode-napatech.h"
#include "source-napatech.h" // need NapatechStreamDevConf structure
-#define NT_RUNMODE_AUTOFP 1
-#define NT_RUNMODE_WORKERS 2
-
static const char *default_mode = "workers";
#ifdef HAVE_NAPATECH
+#define NT_RUNMODE_AUTOFP 1
+#define NT_RUNMODE_WORKERS 2
+
#define MAX_STREAMS 256
static uint16_t num_configured_streams = 0;
static uint16_t first_stream = 0xffff;
#ifdef HAVE_PFRING
#include <pfring.h>
-#endif
#define PFRING_CONF_V1 1
#define PFRING_CONF_V2 2
+#endif
const char *RunModeIdsPfringGetDefaultMode(void)
{
*
*/
-#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1
#define SC_PCAP_DONT_INCLUDE_PCAP_H 1
#include "suricata-common.h"
#include "suricata.h"
#endif
#ifdef HAVE_PACKET_EBPF
+#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1
#include <bpf/libbpf.h>
#include <bpf/bpf.h>
-#endif
struct bpf_program {
unsigned int bf_len;
struct bpf_insn *bf_insns;
};
+#endif
#ifdef HAVE_PCAP_H
#include <pcap.h>
* AF_XDP socket acquisition support
*
*/
-#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1
#define SC_PCAP_DONT_INCLUDE_PCAP_H 1
#include "suricata-common.h"
#include "suricata.h"
/* eof */
/**
* @}
- */
\ No newline at end of file
+ */
#include "util-device.h"
#include "runmodes.h"
-#define IPFW_ACCEPT 0
-#define IPFW_DROP 1
-
-#define IPFW_SOCKET_POLL_MSEC 300
-
-#ifndef IP_MAXPACKET
-#define IP_MAXPACKET 65535
-#endif
-
#ifndef IPFW
/* Handle the case if --enable-ipfw was not used
*
#include "action-globals.h"
+#define IPFW_ACCEPT 0
+#define IPFW_DROP 1
+
+#define IPFW_SOCKET_POLL_MSEC 300
+
extern uint16_t max_pending_packets;
/**
SCMutexUnlock(&nq->socket_lock);
}
+#ifndef IP_MAXPACKET
+#define IP_MAXPACKET 65535
+#endif
+
TmEcode ReceiveIPFWLoop(ThreadVars *tv, void *data, void *slot)
{
SCEnter();
return 0;
}
-// arbitrary value
-#define ALPROTO_MAXTX 4096
-
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
Flow * f;
#!/bin/sh
-./configure --disable-shared --enable-fuzztargets --disable-gccmarch-native --enable-debug-validation
+./configure --enable-warnings --disable-shared --enable-fuzztargets --disable-gccmarch-native --enable-debug-validation
*/
#include "suricata-common.h"
-#define _FILE_OFFSET_BITS 64
#include "util-coredump-config.h"
#include "conf.h"
#ifdef HAVE_SYS_RESOURCE_H
#define COLON 58
#define DASH 45
#define PRINTABLE_START 33
-#define PRINTABLE_END 126
-#define UC_START 65
-#define UC_END 90
-#define LC_START 97
-#define LC_END 122
-#define UC_LC_DIFF 32
+#define PRINTABLE_END 126
#define EOL_LEN 2
/* Base-64 constants */
* \author Lukas Sismis <lukas.sismis@gmail.com>
*/
-#ifndef UTIL_DPDK_BONDING_C
-#define UTIL_DPDK_BONDING_C
-
#include "suricata-common.h"
#include "util-dpdk-bonding.h"
}
#endif /* HAVE_DPDK */
-
-#endif /* UTIL_DPDK_BONDING_C */
*
*/
-#define PCAP_DONT_INCLUDE_PCAP_BPF_H 1
#define SC_PCAP_DONT_INCLUDE_PCAP_H 1
#include "suricata-common.h"
# define HASH_BIG_ENDIAN 0
#endif
-#define hashsize(n) ((uint32_t)1<<(n))
-#define hashmask(n) (hashsize(n)-1)
#define rot(x,k) (((x)<<(k)) | ((x)>>(32-(k))))
/*
return;
}
-#ifndef s6_addr16
-# define s6_addr16 __u6_addr.__u6_addr16
-#endif
-
static const char *PrintInetIPv6(const void *src, char *dst, socklen_t size)
{
char s_part[6];
#include "util-sysfs.h"
-#define SYSFS_MAX_FILENAME_LEN (SYSFS_MAX_FILENAME_SIZE + 5)
-
TmEcode SysFsWriteValue(const char *path, int64_t value)
{
#if defined(__linux__)
+#define SYSFS_MAX_FILENAME_LEN (SYSFS_MAX_FILENAME_SIZE + 5)
char fname[SYSFS_MAX_FILENAME_LEN] = "/sys/";
char sentence[64];
projects / thirdparty / suricata.git / commitdiff
