Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Feb 5, 2013
  1. Fix a segfault in TextLog_Print() by using %d for classification ID, …

    Reed Loden authored
    …as it's a 'uint32_t'.
  2. @binf

    Fix: Possible segfault in spo_database

    binf authored
         when the decoded IP header is supposed to have a TCP/UDP packet but
         the decoded packet does not contain such information.
         A pointer validation check has been added and behavior has been
         changed for ICMP handling which was already considering this case but
         would lead to a processing fault. (DB_DEBUG information messages
         where also added).
    
    Bumped: Build to 319
Commits on Jan 18, 2013
  1. Merge pull request #61 from binf/bug-fix

    authored
    Fix: Call to memcmp in signature_reference code.
  2. Merge pull request #58 from jasonish/ish/pqping

    authored
    Test for PQping by attempting to link it.
  3. Merge pull request #56 from inliniac/sguil-timeout-fix

    authored
    sguil: fix recursive calling of SguilSensorAgentInit
Commits on Jan 12, 2013
  1. @binf

    Bumped: build to 318

    binf authored
    Fix: Call to memcmp in signature_reference code.
Commits on Dec 5, 2012
  1. @jasonish
Commits on Dec 3, 2012
  1. @inliniac

    sguil: fix recursive calling of SguilSensorAgentInit leading to stack…

    inliniac authored
    … exhaustion on connection problems
Commits on Nov 30, 2012
Commits on Nov 29, 2012
Commits on Nov 28, 2012
  1. Merge pull request #55 from binf/PQPing_TEST

    authored
    Add: Added call to PQPing in  dbConnectionStatusPOSTGRESQL().
Commits on Nov 27, 2012
Commits on Nov 21, 2012
  1. @binf

    Add: Added call to PQPing in dbConnectionStatusPOSTGRESQL().

    binf authored
         This modification can allow to detect a dead VPN tunnel
         (Requested fix)
    Fix: configure directive disable_alert_on_each_packet_in_stream, will
         work properly.
Commits on Nov 9, 2012
Commits on Nov 7, 2012
  1. @binf

    fixed: conflict when cherry picking #51

    binf authored committed
Commits on Nov 4, 2012
  1. alert_unixsock: Add a sync mode, which requires the remote end to

    Martijn van Oosterhout authored committed
    acknowledge receipt.  This means in sync mode it requires a SOCK_SEQPACKET
    type socket instead of plain SOCK_DGRAM.  It also complains about failures
    during sending.
  2. alert_unixsock: Improve some error messages so it's clear which modul…

    Martijn van Oosterhout authored committed
    …e they came from.
  3. alert_unixsock: Get rid of global alertaddr by connecting to the sock…

    Martijn van Oosterhout authored committed
    …et at
    
    startup.  This should allow multiple sockets to be used at the same time.
    This also checks the socket name, whereas previously incorrect filenames
    were simply ignored.
  4. alert_unixsock: Allow the path to be configured. Move the configurati…

    Martijn van Oosterhout authored committed
    …on into
    
    the structure created for it.
  5. @dogbert2

    Add code to check return value from unlink()

    dogbert2 authored committed
    This patch adds a check to the unlink() call made in util.c, which is
    not currently done.  If the return value isn't zero, an error in
    unlinking or removing the file has occurred.  This new code adds the
    proper check, though I don't know if you want to add a different return
    value in case unlink() fails.
  6. @bradvoth

    Update Sguil output plugin (spo_sguil.c) to pull ip information from …

    bradvoth authored committed
    …the event data if a packet does not exist for the event
  7. @froschi

    Added a .gitignore file.

    froschi authored committed
    The barnyard2 repo sources exclude all of the files which result from the
    run of autogen.sh which is necessary before compilation. As a result,
    'git status' is cluttered with automatically generated files. The included
    .gitgnore file lets git ignore all those intermediates.
    
    Signed-off-by: Thorsten Fischer <thorsten@froschi.org>
  8. @jasonish

    Fix staged installs - use DESTDIR.

    jasonish authored committed
  9. Update spec file (see Feb 2 2012 spec changelog)

    Brent Woodruff authored committed
  10. updated: platypus plugin renamed to echidna and aligned to the new co…

    authored
    …mmand and sumbmission protocols.
Commits on Oct 28, 2012
  1. @binf

    Version 2-1.11

    binf authored
    Bumped: revision to 315
    
    Fix: enable alert-on-each-packet-in-stream by default, to disable use
         --disable-alert-on-each-packet-in-stream or use
         config disable_alert_on_each_packet_in_stream
    
    Fix: spo_database.c:
          Was never resolved shared object (SO_RULE) signature message.
    
    Fix: Call to GetSigByGidSid now use event revision and generate correct
         Snort Alert [gid:sid:rev] messages.
    
    Fix: spo_syslog_full
         i)  operation_mode complete display ip in doted notation instead
             of host alligned integers for alert_ and log_
         ii) Signature will also by default be prefixed with
             [gid:sid:rev] block
         iii) missing break statement that was causing the output plugin to
              output ALERT AND LOG in complete mode.
Commits on Oct 8, 2012
  1. @binf

    Minor bugfix and improvement

    binf authored
    Bumped revision to 313
    
    Fix: Enable compilation without error with --enable-ipv6
    
    Fix to spo_syslog_full
    Fix: operation_mode parsing (strcasecmp return value)
    Fix: defined values (literals instead of 0 and 1) for clarity.
    Fix: in complete mode used a } instead of a ] at one place in a output
    literal.
    Fix: Check for input data in spo_database.c where revision is 0, we do
    not log and we print messages
    Modified: Replaced WARNING database by INFO database so people are less
    alarmed when those pop-up.
Commits on Sep 24, 2012
  1. @jsiwek

    Fixes for the Bro output plugin.

    jsiwek authored committed
    - Update event/record names for identifiers that Bro uses in its
      Barnyard2 integration scripts.
    - Fix ICMP type/code byte ordering.
    - Fix segfault when an alert has no classification.
    - Fix for Broccoli expecting 64-bit count values.
    - Support for IPv6 addresses (needs Bro > v2.0).
Commits on Aug 30, 2012
  1. @binf

    Fixed typo in spo_alert_unixsock.c (memmmove -> memmove)

    binf authored
    Bumped revision to 310
  2. @dogbert2 @binf

    changed bzero() to memset()

    dogbert2 authored binf committed
    changed bzero() to memset() as bzero is deprecated.
    
    replaced bzero() with memset()
    
    replaced calls to bzero() with memset() as bzero is deprecated.
    
    replaced bcopy() with memmove()
    
    Replaced deprecated bcopy() with memmove(), memmove is guaranteed to
    work even if memory areas overlap, where as memcpy is designed so that
    the memory areas MUST not overlap.
    
    replaced bzero() with memset()
    
    Replaced bzero() with memset() as bzero is deprecated.
    
    replaced bzero() with memset()
    
    changed bzero() which is deprecated to memset().
    
    replaced deprecated function calls
    
    replaced bzero() with memset() and
    bcopy() with memmove().
    
    changed bzero to memset
    
    changed bzero() to memset in #define, bzero deprecated.
    
    replaced bzero() with memset()
    
    replaced bzero() with memset() as bzero is deprecated.
    
    changed function prototype
    
    corrected function prototype for PlatypusAgentReceive to match actual
    function later in file.
    
    corrected function prototype and deprecated calls
    
    changed function prototype for SguilRecvAgentMsg() and changed bzero()
    to memset() as bzero() is deprecated
    
    replaced bzero() with memset()
    
    replaced bzero() with memset() since bzero() is deprecated.
  3. @binf

    -Fix: Lightened dbProcessSignatureInformation and fixed logical issue

    binf authored
    -Bumped: Build to 309
    
    Fix sguil compile issue
Commits on Aug 28, 2012
  1. @binf

    -Fix: Allowed to run with an empty classification.config file as long…

    binf authored
    … as there is data in the database
    
    -Bumped version to 208
Something went wrong with that request. Please try again.