Felipe Zimmerle
c7a78926ee
actions: Compute the rule association during rules load
2020-08-06 23:00:57 -03:00
Felipe Zimmerle
9dcedd498f
tests: Romoves unused header from a test case
2020-08-06 21:58:05 -03:00
Felipe Zimmerle
bd7e26d0c3
tests: Prints test number on segfault
2020-08-06 21:36:37 -03:00
Felipe Zimmerle
726f0b2b15
Replaces lower case implementation
2020-08-06 21:36:35 -03:00
Felipe Zimmerle
32e776daa9
Makes operator to use string_view
2020-08-06 21:36:11 -03:00
Felipe Zimmerle
ca26aee1ce
Improves rules dump for better testing
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
8976e374f9
Better error handling when loading configurations
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
7286395f45
Adds method getVariableNames to variables
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
14260df49f
Cosmetics: Defining a type for RuleId
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
5d2cdd2964
Moves rule* headers to src/
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
3d27eff7cc
Cleanup on Action class
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
710e2a7f30
Removes RuleMessage from action execute signature
2020-08-06 21:34:49 -03:00
Felipe Zimmerle
dd3801eba5
Refactoring: Makes transformations to work with new execute signature
2020-08-06 21:34:48 -03:00
nikolas
ef139d0d4f
Move travis to use a new version of Ubuntu
2020-08-06 21:34:48 -03:00
Felipe Zimmerle
04deed0662
Cosmetics: fix some cppcheck complains
2020-08-06 21:34:45 -03:00
Felipe Zimmerle
b29cb45df0
Refactoring: rename evaluate to execute on actions
2020-08-06 21:33:12 -03:00
Felipe Zimmerle
23710f9bfb
Refactoring in the Rule class to make it more elegant
2020-08-06 21:33:11 -03:00
Felipe Zimmerle
8d6e6e246a
Rule: isMarker is no longer necessary
2020-08-06 21:33:11 -03:00
Felipe Zimmerle
e0dc84cba5
Adds new method for rule merge
...
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
2020-08-06 21:33:08 -03:00
Felipe Zimmerle
9bd88ade84
parser: using GNU Bison 3.6.4
2020-08-06 21:31:37 -03:00
Felipe Zimmerle
5dd7860f95
Moves default actions to be part of the rules
2020-08-06 21:31:35 -03:00
Felipe Zimmerle
ae3ad5eaa7
cosmetics: Address some cppcheck complains
2020-08-06 19:02:00 -03:00
Felipe Zimmerle
51d06d7a8e
CHANGES: Adds info about #2378
2020-07-30 13:51:33 -03:00
Andrei Belov
fe12385148
GeoIP: switch to GEOIP_MEMORY_CACHE from GEOIP_INDEX_CACHE
...
Using GEOIP_INDEX_CACHE on some older versions of libGeoIP (e.g. 1.5.0
which is the default version on CentOS 7) leads to "Error reading file"
error while opening completely valid GeoIP.dat:
# cat test.c
#include <stdio.h>
#include "GeoIP.h"
int main(void) {
GeoIP *g;
g = GeoIP_open("/tmp/GeoIP.dat", GEOIP_INDEX_CACHE);
if (g == NULL) {
printf("error!\n");
}
GeoIP_delete(g);
exit(0);
}
# cc -lGeoIP -o test test.c
# ./test
Error reading file /tmp/GeoIP.dat
error!
# sed -i -e 's,GEOIP_INDEX_CACHE,GEOIP_MEMORY_CACHE,' test.c
# cc -lGeoIP -o test test.c
# ./test
# geoiplookup -f /tmp/GeoIP.dat -v 8.8.8.8
GeoIP Country Edition: GEO-106FREE 20180327 Build 1 Copyright (c) 2018 MaxMind Inc All Rights Reserved
Also tested with recent GeoLite databases converted from new format
into legacy format, distributed here:
https://mailfud.org/geoip-legacy/
2020-07-30 13:48:40 -03:00
martinhsv
0eb3c123f4
Merge pull request #2348 from martinhsv/v3/master
...
rx:exit after full match; fix TX population after unused group
2020-07-06 07:54:44 -04:00
martinhsv
b9620c26a0
rx:exit after full match; fix TX population after unused group
2020-06-29 06:13:45 -07:00
martinhsv
a1a8c0fda7
Merge pull request #2342 from martinhsv/v3/master
...
Correct CHANGES file entry for #2234
2020-06-18 10:27:52 -04:00
martinhsv
07ce43cceb
Correct CHANGES file entry for #2234
2020-06-18 07:12:25 -07:00
Rajesh Rajendran
a2be19d8e5
Fixing Typo
2020-05-21 14:34:10 -03:00
Felipe Zimmerle
f0f1c2b1a1
Merge pull request #2317 from nikolas/patch-3
...
Fix typo in readme: GtiHub -> GitHub
2020-05-21 14:30:38 -03:00
Felipe Zimmerle
feda5b758b
Merge pull request #2321 from nikolas/patch-4
...
readme update: Packing -> Packaging
2020-05-21 14:29:37 -03:00
nikolas
45dec2068c
readme update: Packing -> Packaging
2020-05-21 10:02:15 -04:00
nikolas
ba1ae16fc9
Fix typo in readme: GtiHub -> GitHub
2020-05-20 20:51:47 -04:00
Felipe Zimmerle
3b1de9567a
Merge pull request #2315 from nikolas/patch-1
...
fix typo in readme: rearchitechted -> rearchitected
2020-05-20 18:46:00 -03:00
nikolas
7330739989
fix typo in readme: rearchitechted -> rearchitected
2020-05-20 14:43:13 -04:00
Felipe Zimmerle
7e0bc26917
Using performLogging function
2020-03-31 15:20:15 -03:00
martinhsv
a1547eaa32
Regression tests: audit log compare support and test cases
2020-03-31 15:01:26 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional
...
Makes RuleScript child of RuleWithActions instead of Operator
2020-03-31 14:44:19 -03:00
Felipe Zimmerle
f63bd1a45d
Moves Rule[WithActions|WithOperator] to their own files
2020-03-31 13:33:38 -03:00
Felipe Zimmerle
8274be066a
Refactoring: Having RuleMarker in a separated file
2020-03-31 12:45:46 -03:00
Felipe Zimmerle
bdedfd2463
Refactoring: Renames RuleBase to Rule
2020-03-31 12:26:13 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator
2020-03-31 10:00:08 -03:00
Felipe Zimmerle
8eb7b8fe6c
Refactoring: Splits Rule into Rule and RuleWithActions
2020-03-30 20:22:37 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker
2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule
2020-03-30 15:38:51 -03:00
Felipe Zimmerle
b66224853b
Refactoring in Rule: Meaningful structures name
2020-03-27 17:43:43 -03:00
Felipe Zimmerle
96849c07de
Makes action name a shared pointer
2020-03-27 16:13:15 -03:00
Felipe Zimmerle
9c526b3647
Avoids copy on the transformation operation
2020-03-27 16:12:55 -03:00
Felipe Zimmerle
8cfb289cea
Lets reserve some memory for rule message
2020-03-27 15:49:02 -03:00
Felipe Zimmerle
a609249d64
Makes m_id a shared pointer
2020-03-27 15:48:11 -03:00
