]>
git.ipfire.org Git - thirdparty/snort3.git/log
Pull request #4607: copyright: update year to 2025
Merge in SNORT/snort3 from ~OFATIEIE/snort3:update_copyright_year to master
Squashed commit of the following:
commit
e25503302223b72e2cb5924d6fcb53fb8fcc9454
Author: Oleksandr Fatieiev <ofatieie@cisco.com>
Date: Thu Feb 6 10:51:00 2025 +0200
copyright: update year to 2025
Brandon Stultz (brastult) [Tue, 11 Feb 2025 09:28:46 +0000 (09:28 +0000)]
Pull request #4595: snort_ml: build models into a BinaryClassifierSet
Merge in SNORT/snort3 from ~BRASTULT/snort3:snort_ml to master
Squashed commit of the following:
commit
e4f35d63b7bc2fa38176408466afe8576d0f77f0
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jan 31 02:43:25 2025 -0500
snort_ml: build models into a BinaryClassifierSet
commit
7ac7827b65192d6319893498585b48e0c7809e1b
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jan 31 01:16:00 2025 -0500
utils: add is_directory_path
commit
e3897fe6bf08d2fba2406f612b4bf3b31e07cfea
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Jan 30 11:57:53 2025 -0500
network_inspectors: rename kaizen to snort_ml
Pull request #4604: file_api, http_inspect: add info about partial download to FileInfo
Merge in SNORT/snort3 from ~OTORUBAR/snort3:partial_download to master
Squashed commit of the following:
commit
db3bf9c938d28a59851e9a74969cb580a78fcf78
Author: otorubar <otorubar@cisco.com>
Date: Fri Jan 31 10:20:46 2025 -0800
file_api, http_inspect: add info about partial download to FileInfo
Adrian Mamolea (admamole) [Sat, 8 Feb 2025 13:34:46 +0000 (13:34 +0000)]
Pull request #4537: http_inspect: save mime filenames in transaction
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:file_name to master
Squashed commit of the following:
commit
5dd25eff54a4eae0be022c27c6b64156ddc62774
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Dec 4 16:57:33 2024 -0500
extractor: add support for file name and type for mime
Pull request #4585: main: snort --create-pidfile cmd parameter update
Merge in SNORT/snort3 from ~VSHPYRKA/snort3:snort_pid_file_mgmt to master
Squashed commit of the following:
commit
1ca28acfc46ed38d28f702cfada9e6450b0dc159
Author: Volodymyr Shpyrka <vshpyrka@cisco.com>
Date: Fri Jan 24 06:44:09 2025 -0500
main: snort --create-pidfile cmd line parameter update and support for --max-peers commaand line parameter implemented
Bhumika Sachdeva (bsachdev) [Fri, 7 Feb 2025 14:21:49 +0000 (14:21 +0000)]
Pull request #4571: appid: Adding general AppID design to support shadow traffic and Encrypted DNS Support
Merge in SNORT/snort3 from ~BSACHDEV/snort3:shadow_traffic_encrypted_dns to master
Squashed commit of the following:
commit
e1e9f557a7fb265f71b210c5d35a7653260b744f
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Dec 10 10:02:46 2024 -0500
appid: Adding general appid support and encrypted dns
Pull request #4589: extractor: print null for fields that require missing packet context
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_no_pkt to master
Squashed commit of the following:
commit
b190f237b7b9c5bb65fcd48e02f70d6ba20db0e1
Author: vhorbato <vhorbato@cisco.com>
Date: Tue Jan 28 18:24:14 2025 +0200
extractor: print null for fields that require missing packet context
Priyanka Bangalore Gurudev (prbg) [Wed, 5 Feb 2025 14:08:13 +0000 (14:08 +0000)]
Pull request #4606: build: generate and tag 3.7.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build__3.7.0.0 to master
Squashed commit of the following:
commit
f664321fe8b841c7e0597a88efec8083dc4a11c9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Feb 4 17:28:46 2025 -0500
build: generate and tag 3.7.0.0
Pull request #4534: ips_options: allow to repeat same option in applicable cases
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:max_use_ips_opts to master
Squashed commit of the following:
commit
1d8be1756fd38036f57da52f03da931d7540e3a3
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jan 20 10:52:27 2025 +0200
framework: bump base API version
commit
c7df294a0bb9e5fae4f031569c4465ec112412f5
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Jan 15 16:39:07 2025 +0200
framework: bump ips option version
commit
621ab44a5b237e5a08a47b69e19bab5ba33b5acf
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Dec 2 12:04:08 2024 +0200
ips_options: warn about excessive detection options
commit
96ebf9b723fcb6c15ab751f70d7d84ff33e5ca1a
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Dec 13 18:24:17 2024 +0200
framework: add interface to warn about reaching limit of ips opt re-usage
Pull request #4587: Data log filtering
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:data_log_filtering to master
Squashed commit of the following:
commit
5d73e7676db2bb678860ba07607cb840ea6ab516
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Jan 31 15:12:28 2025 +0200
extractor: rework parsing messages
commit
653b4570e28aff6a62fb71dc4d83bc11f881a7c3
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Jan 31 12:07:38 2025 +0200
extractor: fix subscription to be global
As the inspector itself is global, it ought to get events from all policies.
commit
d60c29383e5c0841f09659dc226dc57e29fe56a8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jan 28 14:51:23 2025 +0200
extractor: add default filter
commit
450ba51ae1f3833b7c8f80a38fcf633a768dd319
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jan 23 14:41:57 2025 +0200
extractor: export service types
Exported ServiceType value renamed to make it more clear for an external module.
commit
be29879348a0ed24cad06618fe6ec59d62c53bcf
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Nov 18 15:42:46 2024 +0200
extractor: add logging constraints
Being a part of logging filtering Tenant ID is not cached.
In absence of native filters the extractor sets filtering unconditionally.
Priyanka Bangalore Gurudev (prbg) [Tue, 4 Feb 2025 21:07:47 +0000 (21:07 +0000)]
Pull request #4599: build: generate and tag 3.6.3.0
Merge in SNORT/snort3 from ~PRBG/snort3:build__3.6.3.0 to master
Squashed commit of the following:
commit
4aaa7b6507d312917138f91ea7df986827240d33
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Feb 3 23:31:51 2025 -0500
build: generate and tag 3.6.3.0
Ron Dempster (rdempste) [Tue, 4 Feb 2025 16:28:47 +0000 (16:28 +0000)]
Pull request #4602: perf_monitor: update flow state value reset
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:flow_ip_tracker to master
Squashed commit of the following:
commit
11c222dd8db3a6addba6240b6d4c6769cd3a5ddb
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Feb 4 07:59:18 2025 -0500
perf_monitor: update flow state value reset
Ron Dempster (rdempste) [Thu, 30 Jan 2025 18:16:11 +0000 (18:16 +0000)]
Pull request #4591: Inspector slot
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:inspector_slot to master
Squashed commit of the following:
commit
c4e59a334e1e81abd3219f4b288589cc2825b83c
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jan 30 10:15:12 2025 -0500
perf_monitor: update structure clearing to c++ method
commit
7157fa425c4002f5a394da3fe65f158cf8c1270b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jan 30 10:14:29 2025 -0500
framework: remove inspector slot and use get_instance_id instead
Priyansh Jaseja (pjaseja) [Thu, 30 Jan 2025 08:12:38 +0000 (08:12 +0000)]
Pull request #4572: mercury: telemetry file changes for multiprocess snort
Merge in SNORT/snort3 from ~PJASEJA/snort3:mercury_telemetry_files to master
Squashed commit of the following:
commit
1f8f3ba43e12e9e153fb72df119d47ebe8c78096
Author: Priyansh Jaseja <pjaseja@b18-vms-vm0114.cisco.com>
Date: Thu Jan 23 11:17:01 2025 +0530
mercury: telemetry file changes for multiprocess snort
Pull request #4588: main: move tsc clock scale init to Snort::setup
Merge in SNORT/snort3 from ~OSTEPANO/snort3:perf_fix to master
Squashed commit of the following:
commit
8f69882b0b0abb840aa005ec07d28fca9c8b238b
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 29 05:26:44 2025 -0500
main: move tsc clock scale init to Snort::setup
Pull request #4586: packet_io: check the DAQ_Msg_h parameter on api calls and return an error code when it is a null pointer
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:add_daq_api_parameter_checks to master
Squashed commit of the following:
commit
bbc8506425b0e322a327284b0d682d7ace3e18a6
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Jan 28 09:09:13 2025 -0500
ftp_telnet: only add expected flows when the daq_msg fieldin the control packet is not null.
commit
58d45bda1ee4118c50d35987582807b02be075fe
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jan 24 15:20:27 2025 -0500
packet_io: check the DAQ_Msg_h parameter on api calls and return an error code when it is a null pointer
Maya Dagon (mdagon) [Tue, 28 Jan 2025 17:49:41 +0000 (17:49 +0000)]
Pull request #4557: extractor: conn.log support
Merge in SNORT/snort3 from ~MDAGON/snort3:conn_sub to master
Squashed commit of the following:
commit
d6d6945d5c52d77ff401201b6e6112348002dc57
Author: maya dagon <mdagon@cisco.com>
Date: Fri Nov 8 13:50:25 2024 -0500
extractor: support connection logs
Shilpa Nagpal (shinagpa) [Mon, 27 Jan 2025 14:25:40 +0000 (14:25 +0000)]
Pull request #4580: file: Added support for retry when file cache is full and verdict is pending
Merge in SNORT/snort3 from ~SHINAGPA/snort3:file_cache_fix to master
Squashed commit of the following:
commit
b49347d1e727792ee23301b5cb9dd03d4671c3d1
Author: Shilpa Nagpal <shinagpa@cisco.com>
Date: Tue Jan 21 22:31:15 2025 +0530
file: retrying the packet when file cache is full
Pull request #4583: main: Add thread_id in instance_mapping output file
Merge in SNORT/snort3 from ~NIRMVENK/snort3:instance_thread_id_master to master
Squashed commit of the following:
commit
33420792595efbdfb901fb9cc2a20a2f49b4afae
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Wed Jan 22 12:28:03 2025 -0500
main: Add thread_id in instance_mapping output file
Manav Soneja (msoneja) [Fri, 24 Jan 2025 05:23:15 +0000 (05:23 +0000)]
Pull request #4582: file: malware and file events when action changed from block malware to cloud malware lookup event
Merge in SNORT/snort3 from ~MSONEJA/snort3:block_cloud_lookup_eventing to master
Squashed commit of the following:
commit
629d79ba2528b6fa776a2a0cad960e03e5bc37b1
Author: msoneja <msoneja@cisco.com>
Date: Wed Jan 22 15:33:57 2025 +0000
file: malware and file events when action changed from block malware to cloud malware lookup event
Pull request #4566: Add summary of flows
Merge in SNORT/snort3 from ~DZIKRATY/snort3:add_summary_of_flows to master
Squashed commit of the following:
commit
d03bc68913f2fc84b562a7ed97d89fea0e133afe
Author: Denys Zikratyi <dzikraty@cisco.com>
Date: Tue Jan 7 06:10:58 2025 -0500
flow: add command that dumps only flow summaries
Pull request #4581: appid: added check for brute force manager presence
Merge in SNORT/snort3 from ~OSTEPANO/snort3:brute_force_check to master
Squashed commit of the following:
commit
7cf6fc77529bf4c9ff7fd7bda65cd6eba5367803
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 22 06:21:43 2025 -0500
appid: added check for brute force manager presence
Pull request #4575: dump_config: add --gen-dump-config option
Merge in SNORT/snort3 from ~YCHALOV/snort3:gen_config_dump_implementation to master
Squashed commit of the following:
commit
62e3fb3c6998ca0d71ff543bfb826fa83f68a22d
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Jan 13 13:17:29 2025 +0100
dump_config: implement dump config generation in a file
Pull request #4578: extractor: add handling for connector creation failure
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_def_conn to master
Squashed commit of the following:
commit
d92481c95a95629cbef6d4f289fb7ab7aeb7a148
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Jan 17 17:47:52 2025 +0200
extractor: add handling for connector creation failure
Pull request #4574: hosts: added check to verify ip protocol match on hosts lookup
Merge in SNORT/snort3 from ~OSTEPANO/snort3:hosts_proto to master
Squashed commit of the following:
commit
d329f6a7046edf562aafb24e99235669ce54c84f
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 15 10:38:45 2025 -0500
hosts: added check to verify ip protocol match on hosts lookup
Pull request #4579: main: acquire TSC time scale at the startup
Merge in SNORT/snort3 from ~OSTEPANO/snort3:tsc_clock_fix to master
Squashed commit of the following:
commit
a81dca2f2738af9abb57fcaa69a1ea5508274594
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Jan 20 10:49:01 2025 -0500
main: aquire TSC time scale at the startup
Priyanka Bangalore Gurudev (prbg) [Tue, 21 Jan 2025 17:13:59 +0000 (17:13 +0000)]
Pull request #4577: build: generate and tag 3.6.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.6.2.0 to master
Squashed commit of the following:
commit
b03b2fd9dca749e2b22148614eb0a40452232c5a
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Jan 19 23:10:35 2025 -0500
build: generate and tag 3.6.2.0
Akhilesh MY (amuttuva) [Sat, 18 Jan 2025 06:07:15 +0000 (06:07 +0000)]
Pull request #4567: cmake: modification to search custom jemalloc first
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:jem_master to master
Squashed commit of the following:
commit
624a042434687d051f3f53aa76e954486567b1b1
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Mon Jan 13 02:22:01 2025 -0500
cmake: modification to search custom jemalloc first
Wei Wang (weiwa) [Fri, 17 Jan 2025 23:10:55 +0000 (23:10 +0000)]
Pull request #4564: pcap: Filter Geneve encapsulated packets using inner headers
Merge in SNORT/snort3 from ~WEIWA/snort3:weiwa-master-pcap-inner-pkt-filter to master
Squashed commit of the following:
commit
beb09752e94427d25e5e0e548f32a03e87400a47
Author: Wei Wang <weiwa@cisco.com>
Date: Fri Jan 17 00:49:23 2025 +0530
pcap: Filter Geneve encapsulated packets using inner headers
Bhumika Sachdeva (bsachdev) [Fri, 17 Jan 2025 18:56:09 +0000 (18:56 +0000)]
Pull request #4545: Optimisation of appid logs and trace message
Merge in SNORT/snort3 from ~BSACHDEV/snort3:optimised_trace to master
Squashed commit of the following:
commit
5b14ff256e76a688485e5c0467989aa0cbbeecdc
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Jul 17 12:18:46 2024 -0400
appid: optimised appid logs and trace
Pull request #4573: ssl: added length check for cert data processing
Merge in SNORT/snort3 from ~OSTEPANO/snort3:ssl_mem_check to master
Squashed commit of the following:
commit
54e8a224e2c7cc8aa32eb64f6a3a6e59e8a779ea
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 15 07:05:04 2025 -0500
ssl: added length check for cert data processing
Pull request #4556: appid: adding thresholds to brute-force detection
Merge in SNORT/snort3 from ~OSTEPANO/snort3:brute_force_limits to master
Squashed commit of the following:
commit
8d5dd47ef76e699b6db9900599c2a9227710721d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Dec 19 09:34:57 2024 -0500
appid: adding thresholds to brute-force detection
Chris Morrison (chmorri2) [Fri, 17 Jan 2025 08:22:09 +0000 (08:22 +0000)]
Pull request #4538: add content width and endian parameters
Merge in SNORT/snort3 from ~CHMORRI2/snort3:ips-option-content-wide to master
Squashed commit of the following:
commit
48b9e666c90626117be90c3218e4c08f1d482dcc
Author: Chris Morrison <chmorri2@cisco.com>
Date: Tue Jan 14 13:42:03 2025 -0500
ips_options: ips_content.cc given width and endian parameters for simpler multi-byte char matches
Pull request #4569: flow: Use timeout set on flow rather than using configured timeout
Merge in SNORT/snort3 from ~NIRMVENK/snort3:flow_tmout_master to master
Squashed commit of the following:
commit
13f9d7786694a8ac58ce50ac65769993e03635b3
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Wed Jan 8 15:55:23 2025 -0500
flow: Use timeout set on flow rather than using configured timeout
Pull request #4568: file_api: add pending expire time reset for FileInfo
Merge in SNORT/snort3 from ~OTORUBAR/snort3:handle_timeouts to master
Squashed commit of the following:
commit
4309f844ebfae650ff15bb310948d25dcb9ce449
Author: otorubar <otorubar@cisco.com>
Date: Mon Jan 13 09:14:43 2025 -0800
file_api: add pending expire time reset for FileInfo
Pull request #4570: framework: revert API bump
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:revert_api_dump to master
Squashed commit of the following:
commit
d095f417e72498667869b927763659749c72b98a
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jan 14 15:51:48 2025 +0200
framework: revert API bump
Michael Matirko (mmatirko) [Tue, 14 Jan 2025 20:09:43 +0000 (20:09 +0000)]
Pull request #4506: [PCRE2] ips: pcre2
Merge in SNORT/snort3 from ~MMATIRKO/snort3:pcre2 to master
Squashed commit of the following:
commit
c385698cabdd01447d01456922f2e5cae451caa6
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jan 3 15:40:11 2025 -0500
utils: add new header/wrapper for pcre2 code unit width
commit
92eab6e926465e51d5c47c67204759a8b87df581
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jan 3 15:39:31 2025 -0500
doc: stylize dependency names in README.md
commit
3c395d5cd0d8ba8d4dc2572f5753d8fcb813756f
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Mar 7 13:51:08 2024 -0500
ips: update pcre to pcre2
Michael Matirko (mmatirko) [Mon, 13 Jan 2025 22:26:20 +0000 (22:26 +0000)]
Pull request #4558: main: support an instance ID dump for multiprocess
Merge in SNORT/snort3 from ~MMATIRKO/snort3:instance_id to master
Squashed commit of the following:
commit
e6fd2fbf34761266266520c3a470285d3fad4673
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Dec 19 15:48:00 2024 -0500
main: support an instance ID dump per-thread
Ashutosh Gupta (ashugup3) [Fri, 10 Jan 2025 08:27:57 +0000 (08:27 +0000)]
Pull request #4553: shadowtraffic_aggregator: Implemented header definitions
Merge in SNORT/snort3 from ~ASHUGUP3/snort3:shadow_traffic_master to master
Squashed commit of the following:
commit
e0a2ec29595b80164609c63f313e46bbff819ae5
Author: ashutosh <ashugup3@cisco.com>
Date: Wed Dec 18 14:14:04 2024 +0530
shadowtraffic_aggregator: Implemented header defintions
Juweria Ali Imran (jaliimra) [Tue, 7 Jan 2025 21:29:22 +0000 (21:29 +0000)]
Pull request #4548: stream_tcp: initialize 3whs normalizer for peer tracker separately
Merge in SNORT/snort3 from ~JALIIMRA/snort3:init_peer_tracker_norm to master
Squashed commit of the following:
commit
330edd264c0d87c0f04e2e913e28c6bcd8de3903
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Mon Dec 16 16:44:33 2024 -0500
stream_tcp: initialize 3whs normalizer for peer tracker separately
Pull request #4552: stream_tcp: evaluate flush policy on asymmetric connections when the connection closes or the tcp session is cleared
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_asymmetric_ids_tweaks to master
Squashed commit of the following:
commit
9f263828231d4721e508406852f0d3292c0d6075
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Nov 21 13:57:05 2024 -0500
stream_tcp: evaluate flush policy on asymmetric connections when the connection closes or the tcp session is cleared
check for asymmetric connection when doing a final flush
Russ Combs (rucombs) [Tue, 7 Jan 2025 14:49:39 +0000 (14:49 +0000)]
Pull request #4561: Tsanity1
Merge in SNORT/snort3 from ~RUCOMBS/snort3:tsanity1 to master
Squashed commit of the following:
commit
ddec702eca36358fe5238fa2cee3664bc20d0f9d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Dec 19 09:47:37 2024 -0500
data_bus: fix publisher registration data races
commit
da6d5590d82cd4d123029f00e4b18d4de46bf72d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Dec 19 07:42:03 2024 -0500
hyperscan: fix debug log tsan issue
Pull request #4555: js_norm: fix int code overflow
Merge in SNORT/snort3 from ~ANOROKH/snort3:js_norm_int_code_overflow to master
Squashed commit of the following:
commit
fa6d223a340d7c5dae2f35327ec87d6fead07aa3
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Nov 27 18:50:18 2024 +0200
js_norm: add stoi out of range exception handling
Russ Combs (rucombs) [Mon, 6 Jan 2025 17:11:35 +0000 (17:11 +0000)]
Pull request #4551: Api Tweaks
Merge in SNORT/snort3 from ~RUCOMBS/snort3:api_tweaks to master
Squashed commit of the following:
commit
50b83b5e26510b702a5c896fe02198a09f024f53
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:24:58 2024 -0500
tcp_pdu: rename to tlv_pdu
commit
325cbe349a3c4065244d82d391bad748d40e6d6f
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:13:33 2024 -0500
data_bus: remove unsubscribe methods
commit
f37fc721d0417d20ef6679ad7871c8b06b187bf2
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:13:06 2024 -0500
ips: add access to Event references
Priyanka Bangalore Gurudev (prbg) [Mon, 23 Dec 2024 16:25:38 +0000 (16:25 +0000)]
Pull request #4559: build: generate and tag 3.6.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.6.1.0 to master
Squashed commit of the following:
commit
56bf8a27d2efecab8c123e0a775bc6f2b1348f51
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Dec 22 20:12:57 2024 -0500
build: generate and tag 3.6.1.0
Rishabh Duggal (riduggal) [Wed, 18 Dec 2024 11:41:51 +0000 (11:41 +0000)]
Pull request #4476: dns: adding fallback functionality
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:dns_fallback to master
Squashed commit of the following:
commit
9ef5c14e1f1ebc5d2b62e23326bc10c6de931b29
Author: riduggal <riduggal@cisco.com>
Date: Tue Oct 8 10:29:36 2024 +0000
dns: adding fallback functionality
Pull request #4539: main: Improve logging reload_config arguments
Merge in SNORT/snort3 from ~JAIMEACA/snort3:improve_logging_reload_config_arguments to master
Squashed commit of the following:
commit
1f109f003269d60a986b7dcb7b640a2ec8340c0f
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Tue Dec 10 15:16:06 2024 -0500
main: improve logging reload_config arguments
Pull request #4481: Include FP detection time in ConnProfiling
Merge in SNORT/snort3 from ~VIIZHYK/snort3:fp_detection to master
Squashed commit of the following:
commit
fb421c5addc2cc9b687155e735b88cffaddbd63c
Author: viizhyk <viizhyk@cisco.com>
Date: Mon Dec 16 13:14:31 2024 -0500
inspector_manager: Refactored instrumentation code of connection profiling.
Pull request #4525: stream_tcp: refactor tcp reasseabler class structure and init to avoid thread data race scenarios
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_ignore_tsan_fix to master
Squashed commit of the following:
commit
25a35b3442f010d4d242b27e18fde5d9e2ac61f3
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Nov 19 14:49:46 2024 -0500
stream_tcp: refactor tcp reasseabler class structure and init to avoid thread data race scenarios
Andres Avila Segura (aavilase) [Fri, 13 Dec 2024 20:01:54 +0000 (20:01 +0000)]
Pull request #4517: pop: adding wrong bytes threshold to determine if pop splitter should fallback
Merge in SNORT/snort3 from ~AAVILASE/snort3:pop_inspector_fallback_functionality to master
Squashed commit of the following:
commit
38022a1ce200493ee3f61d72674c505c4f0b4687
Author: Andres Avila <aavilase@cisco.com>
Date: Thu Nov 7 11:51:21 2024 -0500
pop: adding wrong bytes threshold to determine if pop splitter should fallback
Andres Avila Segura (aavilase) [Fri, 13 Dec 2024 19:27:49 +0000 (19:27 +0000)]
Pull request #4526: smtp: smtp inspector fallback functionality for invalid commands and responses
Merge in SNORT/snort3 from ~AAVILASE/snort3:smtp_inspector_fallback_functionality to master
Squashed commit of the following:
commit
a6a911df8240625796685f3b43f23cd3a00cd5bd
Author: Andres Avila <aavilase@cisco.com>
Date: Tue Nov 19 08:32:53 2024 -0500
smtp: smtp inspector fallback functionality for invalid commands and responses
Pull request #4544: appid: Extended error log in controlcon.
Merge in SNORT/snort3 from ~VIIZHYK/snort3:controlcon_log to master
Squashed commit of the following:
commit
8fde0b7a2381b41adc6b07b9b8378be7b342d227
Author: viizhyk <viizhyk@cisco.com>
Date: Fri Dec 13 04:39:48 2024 -0500
appid: Enhanced control error message with additional info.
Pull request #4542: Enable parse warning for plugin loading
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fix_static_build to master
Squashed commit of the following:
commit
cc436080f672ff6ed30899493d3fd340d1c1963f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Dec 10 10:02:05 2024 +0200
log: print all warnings before command line is parsed
commit
f8d595f5517c2990037a0a59ac47fb16c564cdd2
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Dec 9 17:02:24 2024 +0200
build: include/exclude snort_ml module conditionally
Pull request #4541: file_api: three files evaluation fix
Merge in SNORT/snort3 from ~OTORUBAR/snort3:three_files_evaluation_fix to master
Squashed commit of the following:
commit
a84f98875d465b61f2ced2e58080b6e18804fe7e
Author: otorubar <otorubar@cisco.com>
Date: Mon Dec 9 03:19:28 2024 -0800
file_api: add re_eval flag to fileinfo
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Dec 2024 02:06:35 +0000 (02:06 +0000)]
Pull request #4535: build: generate and tag 3.6.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.6.0.0 to master
Squashed commit of the following:
commit
8e251139bb57e5f6edcfaeaa96a48d70a169b0a1
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Dec 3 21:44:27 2024 -0500
build: generate and tag 3.6.0.0
Pull request #4522: http_inspect, mime: add hostname and url for http/mime file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:mime_file_processing to master
Squashed commit of the following:
commit
5f58cc4b19b587bc101ae21d9dd22543cc037f88
Author: otorubar <otorubar@cisco.com>
Date: Fri Nov 1 12:02:18 2024 -0700
http_inspect, mime: add hostname and url for http with mime
Pull request #4531: bufferlen: reset "relative" flag in module::begin method
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:bufferlen_reinit to master
Squashed commit of the following:
commit
f86e73e67019cc5d99758284b68ebf89ce5b8182
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 27 12:48:19 2024 +0200
bufferlen: reset "relative" flag in module::begin method
commit
256ee2c838d7b44f77e7afaee64a12b86f5ad43f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 27 14:35:52 2024 +0200
ips_options: update module::begin and other in several ips options
Pull request #4532: connectors: suppress cppcheck warning in std_connector test
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_conn_fix to master
Squashed commit of the following:
commit
ad96b5a1d67122607075d6883f862f4ef54eb765
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Nov 27 15:40:42 2024 +0200
connectors: fix cppcheck warning in std_connector test
Rishabh Choudhary (rishacho) [Wed, 27 Nov 2024 03:02:25 +0000 (03:02 +0000)]
Pull request #4524: main: remove mutex from snort command to show snort cpu
Merge in SNORT/snort3 from ~RISHACHO/snort3:snort_cpu_fix to master
Squashed commit of the following:
commit
18b3cc1bddd7ee90e287dd8c08c1aa5c3388897e
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed Nov 20 19:02:22 2024 +0530
main: remove mutex from snort command to show snort cpu
Pull request #4514: extractor: replace Writer with Connector
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_conn to master
Squashed commit of the following:
commit
471be3fed9f5dd10ed724fdb10d338a5d6a9466e
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Nov 20 18:41:45 2024 +0200
extractor: update thread initialization
commit
3e87e761431d77f39abd4c1ea6183a49f3c0b18b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Nov 7 17:13:43 2024 +0200
build: update docs about the bump of C++ compiler supported feature set requirement
commit
1cc99e4e1d7784beb046449697b33324c0ba622d
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 13 11:56:40 2024 +0200
connectors: update config transition
commit
190e9bb3ce86ee9cdc43414ab2e592b334d83c2e
Author: vhorbato <vhorbato@cisco.com>
Date: Tue Nov 5 19:08:51 2024 +0200
connectors: add metadata support to Connector API
commit
3df7a97195f51463bd881b6decd378d6a32b18b6
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 30 14:44:24 2024 +0200
connectors: add std I/O connector
commit
e5aa4bf71a73cc42824b37448f7a62eca2abea52
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 30 14:40:57 2024 +0200
extractor: replace writer with connector
commit
4a43a077933c59c88677cdb827a72ab77919b7a9
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 28 18:03:45 2024 +0200
extractor: make csv formatter call writer only once
commit
b2c5a3e2075af951c3554b09e8d087b0979f557e
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 23 14:07:58 2024 +0300
extractor: make logger thread_local
Adrian Mamolea (admamole) [Tue, 26 Nov 2024 12:09:54 +0000 (12:09 +0000)]
Pull request #4523: analyzer: add logging for resource tuning progress
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:reload_tuner2 to master
Squashed commit of the following:
commit
8d93eee846ae6a585cf86db11b5316f35ca5fe27
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Nov 19 11:15:03 2024 -0500
analyzer: add logging for resource tuning progress
Brandon Stultz (brastult) [Mon, 25 Nov 2024 12:54:06 +0000 (12:54 +0000)]
Pull request #4516: http_inspect: remove semicolon http_param delimiter
Merge in SNORT/snort3 from ~BRASTULT/snort3:http_param_delim to master
Squashed commit of the following:
commit
bc450cd810193622688ffd750c6feda501215f8d
Author: Brandon Stultz <brastult@cisco.com>
Date: Mon Nov 11 13:58:30 2024 -0500
http_inspect: remove semicolon http_param delimiter
Maya Dagon (mdagon) [Mon, 25 Nov 2024 12:00:34 +0000 (12:00 +0000)]
Pull request #4509: Publish end of flow
Merge in SNORT/snort3 from ~MDAGON/snort3:conn_event to master
Squashed commit of the following:
commit
bf95668b7ea4fc66c9afcebcf658ae3fa1f78949
Author: maya dagon <mdagon@cisco.com>
Date: Fri Oct 25 14:13:30 2024 -0400
flow: publish flow end event
Andres Avila Segura (aavilase) [Thu, 21 Nov 2024 13:44:24 +0000 (13:44 +0000)]
Pull request #4493: appid: adding full path to read list of lua detectors
Merge in SNORT/snort3 from ~AAVILASE/snort3:reduce_appid_test_load_time to master
Squashed commit of the following:
commit
fe548a9e96f666fe57435bf404faac94d58a85bf
Author: Andres Avila Segura <aavilase@cisco.com>
Date: Wed Oct 23 12:39:40 2024 -0400
appid: adding full path to read list of lua detectors
Pull request #4519: file_api: add unit-tests to cover new FileInfo methods
Merge in SNORT/snort3 from ~OTORUBAR/snort3:suppress_unused_functions_errors to master
Squashed commit of the following:
commit
2ae7fbbf689f31d1e374d70da5779b7627e295e7
Author: otorubar <otorubar@cisco.com>
Date: Fri Nov 15 07:59:17 2024 -0800
file_api: add unit tests for fileinfo methods
Priyanka Bangalore Gurudev (prbg) [Wed, 20 Nov 2024 02:52:37 +0000 (02:52 +0000)]
Pull request #4521: build: generate and tag 3.5.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.2.0 to master
Squashed commit of the following:
commit
c223b85dcf4ad5c6bd8690c36b2f5452b0ba84fc
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Nov 18 20:50:28 2024 -0500
build: generate and tag 3.5.2.0
Pull request #4510: stream_tcp: initialize the daq_instance field in the meta-ack pseudo-packet
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:meta_ack_init_daq_instance to master
Squashed commit of the following:
commit
c46a154c9f67df88376fb9ac999b6602c9fa5e72
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Nov 6 11:19:17 2024 -0500
stream_tcp: initialize the daq_instance field in the Packet instance allocated for a meta-ack to the value from the wire packet
Pull request #4518: extractor: fix platforms run
Merge in SNORT/snort3 from ~ANOROKH/snort3:extr_fix_platform to master
Squashed commit of the following:
commit
d816b984d5c458e30b9df6dd5ab156b063af6e15
Author: anorokh <anorokh@cisco.com>
Date: Thu Nov 14 11:41:36 2024 +0200
extractor: include type support header explicitly
Pull request #4515: file_api: add helper methods to unset a FileInfo::is_filename_set flag and reset FileInfo::sha256 for file re-evaluation
Merge in SNORT/snort3 from ~OTORUBAR/snort3:file_cache_fix to master
Squashed commit of the following:
commit
b3d0034c497eab42dd06bcb41f2746f7357e937f
Author: otorubar <otorubar@cisco.com>
Date: Thu Nov 7 13:59:03 2024 -0800
file_api: add helper methods to unset filename and reset sha
Shijin Bose (shibose) [Wed, 13 Nov 2024 16:57:41 +0000 (16:57 +0000)]
Pull request #4445: sip: Parse all the sip method defined
Merge in SNORT/snort3 from ~SHIBOSE/snort3:sip_parse to master
Squashed commit of the following:
commit
9ad19022df7840a0b44c28b300d65217f7fe603a
Author: shibose <shibose@cisco.com>
Date: Thu Sep 12 05:40:57 2024 +0000
sip: parse all the SIP methods defined
Brandon Stultz (brastult) [Wed, 13 Nov 2024 09:09:46 +0000 (09:09 +0000)]
Pull request #4513: decompress: handle ZIP central directory and invalid local file headers
Merge in SNORT/snort3 from ~BRASTULT/snort3:zip_central_dir to master
Squashed commit of the following:
commit
18fa67b9dee2dc3effc41138788a12824265bdaf
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Nov 5 16:17:57 2024 -0500
decompress: handle ZIP central directory
Michael Matirko (mmatirko) [Tue, 12 Nov 2024 18:14:46 +0000 (18:14 +0000)]
Pull request #4508: [Multiprocess] thread: get_relative_instance_number now zero-based
Merge in SNORT/snort3 from ~MMATIRKO/snort3:mp_id to master
Squashed commit of the following:
commit
4ac2befd5591bd5526f84b8d2d483e16d98de1e9
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Nov 1 20:42:56 2024 -0400
thread: get_relative_instance_number now zero-based
Pull request #4505: extractor: add ftp logging
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_ftp to master
Squashed commit of the following:
commit
56210e0e89a4ab1cafb2fa6f03f5ec8d5a4105c9
Author: anorokh <anorokh@cisco.com>
Date: Thu Oct 31 12:27:46 2024 -0400
extractor: address review comments
commit
11c34c621d2d08318c663dd049c3e6823fb47db6
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Oct 31 14:08:31 2024 +0200
extractor: move internal stuff out of snort namespace
commit
6b9bc7780c3badafb317158e1f0f27cbff1a3da5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Oct 31 12:00:58 2024 +0200
extractor: fix memory management
The inspector owns service/event extractor instances.
Data handlers are split from instances and managed by data bus only.
Flow data bumps the inspector's reference count.
commit
ae80500b23ba88b835e0560c1ccbf8e99c7c041f
Author: anorokh <anorokh@cisco.com>
Date: Tue Oct 29 08:13:53 2024 -0400
ftp: reset cmd_size when reset cmd_str
commit
9ceac98772e6bb86404976162f3ca8ea6dcdf67e
Author: anorokh <anorokh@cisco.com>
Date: Mon Oct 28 11:58:00 2024 -0400
extractor: log on last response
commit
4b21cebdd076b810b4c11f1606cf47fd163f045c
Author: anorokh <anorokh@cisco.com>
Date: Thu Oct 24 05:14:09 2024 -0400
extractor: refactor code
* rename field types
* keep flow data intact to log multiple responses
* reorder list of commands for more effective search
commit
b279b45af550dcf7f671fdc88817f5476376afc5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 17:43:52 2024 +0300
extractor: enable logging for FTP aggregated event
commit
e025bf510a92e4eca3da7cdd69cb520373a6c43d
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 17:19:48 2024 +0300
extractor: delete unused headers
commit
5578678ba65ddadb06ef8ec2229318635fbdee2a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 14:07:34 2024 +0300
extractor: event handlers subscribe by themselves
Flow data augmented with a callback to dump data whenever the flow gets deleted.
commit
a67039d4d80d81e60f9d3c3e50b68756e9f83e61
Author: anorokh <anorokh@cisco.com>
Date: Tue Oct 15 06:07:49 2024 -0400
extractor: add user field
commit
ade23b33e79dc1489b3e1c66c328b895584ef3cf
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 15:00:59 2024 +0300
extractor: add imaginary transaction event to FTP
commit
ea5869b7ff24e5426b7a0e0b97fc52f8e489fba0
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 10:49:02 2024 -0400
extractor: update dev_notes.txt
commit
c342f3d43fec88f1969128f52468664ba5707da9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Oct 23 18:00:50 2024 +0300
doc: add a page about data logging feature
commit
349a85e29ed832050aa4e7661e66929e06f07fc5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 11:14:22 2024 +0300
extractor: rearrange source files
commit
b17b1e5720e4843b2b4137a529dc1291f8282dbd
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Oct 11 12:30:28 2024 +0300
extractor: introduce flow data
Move enums to common place.
commit
7892d2a5c53166e29fbf4f373855085d8cdbf43f
Author: anorokh <anorokh@cisco.com>
Date: Wed Oct 9 14:29:00 2024 -0400
extractor: add ftp service implementation
Priyanka Bangalore Gurudev (prbg) [Thu, 7 Nov 2024 15:54:48 +0000 (15:54 +0000)]
Pull request #4511: build: generate and tag 3.5.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.1.0 to master
Squashed commit of the following:
commit
ad0968bb1e19953ef2a3483355ad08d0ca99e053
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Nov 6 12:32:14 2024 -0500
build: generate and tag 3.5.1.0
Pull request #4497: stream_tcp: fix core cause by seglist with nullptr value in TcpReassemblerIgnore
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_core_fix2 to master
Squashed commit of the following:
commit
136be196a094fb3b909b5a5e79b0ae2ba70f8556
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Oct 29 17:09:49 2024 -0400
stream_tcp: pass tracker and seglist to TcpReassembler* as refs, define dummy tracker & seglist for use by TcpReassemblerIgnore
Pull request #4496: doc: add details regarding RTN evaluation
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:ips_eval_doc_upd to master
Squashed commit of the following:
commit
d2945e9cf99f3b171cbe8d90e2d3393291128b02
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Oct 29 17:42:37 2024 +0200
doc: add details regarding RTN evaluation
Shijin Bose (shibose) [Thu, 31 Oct 2024 13:09:47 +0000 (13:09 +0000)]
Pull request #4499: appid: unit-test added for is_service_over_quic
Merge in SNORT/snort3 from ~SHIBOSE/snort3:quic_white_list_mock to master
Squashed commit of the following:
commit
4188e83312d24a55eaefd8495f8f2f8da3e7830b
Author: shibose <shibose@cisco.com>
Date: Wed Oct 30 12:54:38 2024 +0000
appid: unit-test added for is_service_over_quic
Cliff Judge (cljudge) [Tue, 29 Oct 2024 19:57:31 +0000 (19:57 +0000)]
Pull request #4468: appid: implement an API that allows users to specify values for data items used in lua detectors.
Merge in SNORT/snort3 from ~CLJUDGE/snort3:appid_user_data_map to master
Squashed commit of the following:
commit
e6ce02952acc21c70876dcc3a74f628cf90da339
Author: Cliff Judge <cljudge@cisco.com>
Date: Thu Sep 5 23:38:42 2024 -0400
appid: implement an API that allows users to specify values for data items used in lua detectors.
Pull request #4492: stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ids_asymmetric_tweaks to master
Squashed commit of the following:
commit
3ea41ca77b1fc9f6f1bb775eb01ed784fdc71ad9
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Oct 22 12:10:15 2024 -0400
stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing
Raza Shafiq (rshafiq) [Tue, 29 Oct 2024 15:22:31 +0000 (15:22 +0000)]
Pull request #4483: flow: new allowlist LRU
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:whitelist_cache to master
Squashed commit of the following:
commit
a1647130533346a651396d00c1d251c294094416
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Oct 2 19:08:52 2024 -0400
flow: new allowlist LRU
Shijin Bose (shibose) [Tue, 29 Oct 2024 11:05:19 +0000 (11:05 +0000)]
Pull request #4495: appid: add new api to check if service is over quic
Merge in SNORT/snort3 from ~SHIBOSE/snort3:quic_white_list to master
Squashed commit of the following:
commit
92bcf5b8b1199b4a135ffa8d664d8603c7fd92f1
Author: shibose <shibose@cisco.com>
Date: Fri Oct 25 08:13:08 2024 +0000
appid: add new api to check if service is over quic
Pull request #4475: http2_inspect: HTTP/2 handle multiple cookie headers
Merge in SNORT/snort3 from ~JAIMEACA/snort3:http2_handle_multiple_cookie to master
Squashed commit of the following:
commit
856c312ef84bee12338f759883bac06d5cc70983
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Tue Oct 8 12:52:29 2024 -0400
http2_inspect: handle multiple cookie header fields
Pull request #4312: appid: add tls_version captured in appid_session
Merge in SNORT/snort3 from ~OPOLUIAN/snort3:appid_navl_opoluian_ssl_version to master
Squashed commit of the following:
commit
d3328cd520f27cf01735a851b48e9fbac29f488f
Author: Oleh Poluianskyi <opoluian@cisco.com>
Date: Thu May 2 03:27:15 2024 +0300
appid: add tls_version capture in appid_session
Bhumika Sachdeva (bsachdev) [Tue, 22 Oct 2024 21:36:28 +0000 (21:36 +0000)]
Pull request #4466: smtp: Fixing the processing of SMTP response in case of encrypted traffic
Merge in SNORT/snort3 from ~BSACHDEV/snort3:smtp_alert_fix to master
Squashed commit of the following:
commit
615507541e02cf81c25c210449f82d37bd41b9e6
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Oct 2 16:12:52 2024 -0400
smtp: Fixing the processing of SMTP response in case of encrypted traffic
Pull request #4486: Add thread instance number to dump_flows control command output
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:add_instance_number to master
Squashed commit of the following:
commit
52fa22e84bfcb080b6f94c95f1401d0778b1ee2a
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Mon Oct 14 18:00:22 2024 -0400
stream: add thread instance number to dump_flows control command output
Pull request #4488: side_channel: fix compiler warning in side channel formatting test
Merge in SNORT/snort3 from ~VHORBATO/snort3:sc_format_warn_fix to master
Squashed commit of the following:
commit
63b51eb539f5eeebc9c5f5897657a8e60fd829a8
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 21 12:05:44 2024 +0300
side_channel: fix compiler warning in side channel formatting test
Pull request #4482: js_norm: add cross-PDU PDF token reassembly
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:js_pdf_token_split to master
Squashed commit of the following:
commit
9bb663ecbe181eec9401428277a80d0068a10801
Author: dkyrylov <dkyrylov@cisco.com>
Date: Thu Oct 10 13:39:45 2024 +0300
js_norm: add cross-PDU PDF token reassembly
Priyanka Bangalore Gurudev (prbg) [Mon, 21 Oct 2024 19:34:27 +0000 (19:34 +0000)]
Pull request #4489: build: generate and tag 3.5.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.0.0 to master
Squashed commit of the following:
commit
fcf5ce4eecfe007c2a4ad820ffc78ca26e318d92
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Oct 21 08:01:50 2024 -0400
build: generate and tag 3.5.0.0
Pull request #4462: Connectors API update
Merge in SNORT/snort3 from ~VHORBATO/snort3:connector_upd to master
Squashed commit of the following:
commit
9acdf2c1e2657ff86cdd96ebcadd4af28ac30107
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Oct 8 16:21:02 2024 +0300
connectors: make config object as reference
commit
0e8976d37222ad400feb5529ec336679b52d8b2f
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 2 16:30:52 2024 +0300
managers: update connector manager
- use instance_id instead of a thread_id to access thread connectors
- fix vector corruption in case of a thread restart
commit
c8c1851b046b49f681b1a9f5cff240c18555cef0
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 7 14:00:49 2024 +0300
connectors: fix tsan warning in tcp conector
commit
6904058a46cb899949b6aee45cce0b3335f1de6b
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 2 16:31:56 2024 +0300
connectors: add connector reinitialization functionality
commit
0019e46ea3ecd3fa19129ca45437bedf8a5cb5de
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:15:26 2024 +0300
framework: update Connector interface
* make ConnectorMsg fields const and accessible thru getters
* make ConnectorMsg data lifetime control configurable
* connectors: move message text formatting to SideChannel
* connectors: change transmit_message overloads
commit
ac8bd110f70287ce9c1f03cf84a4ab8f972c2e4b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:24:24 2024 +0300
connectors: fill tcp_connector port number from user-configured list
: fill port number from user-configured list
commit
c6352512967c81d2f31c52da80a7708612079b3b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:23:19 2024 +0300
main: move Connectors initialization from SideChannel
commit
8e6923fcf6c00a3204cf8d40f929b9bb9c0fdea1
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:06:53 2024 +0300
connectors: remove MessageHandle abstraction
Michael Matirko (mmatirko) [Tue, 15 Oct 2024 14:59:09 +0000 (14:59 +0000)]
Pull request #4484: main: implement function to grab relative process id
Merge in SNORT/snort3 from ~MMATIRKO/snort3:proc_id to master
Squashed commit of the following:
commit
52dac29650af818dd6d336100f3fb46b468fd854
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Oct 11 12:45:56 2024 -0400
main: implement function to grab relative process id
Ron Dempster (rdempste) [Mon, 14 Oct 2024 17:51:58 +0000 (17:51 +0000)]
Pull request #4479: packet_io: set the flow state to block when forcing the session block
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:block_flow_state to master
Squashed commit of the following:
commit
fc47b9301b9d235d493929d0eb746cab06eef574
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Oct 8 11:38:49 2024 -0400
packet_io: set the flow state to block when forcing the session block
Pull request #4470: add filename for ftp file process
Merge in SNORT/snort3 from ~SVLASIUK/snort3:ftp_download to master
Squashed commit of the following:
commit
756cb0d29045470f3d0510b35192c12da2b83f25
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Sep 10 14:16:02 2024 +0300
ftp_telnet: add filename for ftp file processing
Pull request #4400: stream_tcp: fix snort crash when processing held packet on flow when reassembly policy is IGNORE
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_rewrite_u3.0 to master
Squashed commit of the following:
commit
4aeb81a4548c117b0d5595b03f5d3a4860ee8c0d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jul 26 12:37:12 2024 -0400
stream_tcp: streamline allocation and release of reassemblers, tweak ips flush_on_data process
stream_tcp: implement ignore flush policy reassembler as a singleton to improve performance,
implement all TcpReassembler base class public methods as virtual methods and override each in
the ignore flush policy subclass to do nothing
Maya Dagon (mdagon) [Fri, 11 Oct 2024 11:28:41 +0000 (11:28 +0000)]
Pull request #4477: Extractor - HTTP fields support: add support for body length, info_code/msg, filename, proxied
Merge in SNORT/snort3 from ~MDAGON/snort3:http_fields to master
Squashed commit of the following:
commit
1fc153936a564191ae716130d477859198d12e2a
Author: maya dagon <mdagon@cisco.com>
Date: Tue Jul 2 11:02:28 2024 -0400
extractor: add support for body length, info_code/msg, filename, proxied
Akhilesh MY (amuttuva) [Fri, 11 Oct 2024 06:59:54 +0000 (06:59 +0000)]
Pull request #4478: main: suppress cppcheck issue
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:supp_lat to master
Squashed commit of the following:
commit
22ffa72119179a38a4bedf9fc32a72db7f0f321a
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Oct 8 09:02:33 2024 -0400
main: suppress cppcheck issue
Umang Sharma (umasharm) [Thu, 10 Oct 2024 21:04:36 +0000 (21:04 +0000)]
Pull request #4471: appid: Reading only required lua detectors for regtests
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_load_time to master
Squashed commit of the following:
commit
722f0b294738e25d3a62ffff1f71cc9673b4b925
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue Oct 1 04:17:46 2024 -0400
appid: Reading and loading only required lua detectors for regtests
Pull request #4454: file_api, http_inspect: set uri for file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:set_uri_for_file_processing to master
Squashed commit of the following:
commit
02350f3bcb2b5d023bed4f74cb707b7ebc7cf3c1
Author: otorubar <otorubar@cisco.com>
Date: Thu Sep 19 04:44:33 2024 -0700
file_api,http_inspect: extract and set hostname for file processing
Akhilesh MY (amuttuva) [Mon, 7 Oct 2024 11:34:23 +0000 (11:34 +0000)]
Pull request #4446: Avoid data race when latency is enabled during flow ip profiling
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:latency_fix to master
Squashed commit of the following:
commit
6539c68b6d81b515cc74bd98d251805a141a47e3
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 12 02:29:55 2024 -0400
perf_monitor,latency: avoid data race when latency is enabled during flow ip profiling
Russ Combs (rucombs) [Fri, 4 Oct 2024 21:28:46 +0000 (21:28 +0000)]
Pull request #4464: snort, search_engine: remove --dump-rule-databases
Merge in SNORT/snort3 from ~RUCOMBS/snort3:rule_db_dir to master
Squashed commit of the following:
commit
453e493024c93e33af63800afa5322e7b47c6013
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 4 07:58:10 2024 -0400
snort: bump minor version for MPSE API change
commit
e2a836a2dcaafd000edebaf275244bd8f5e7424c
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 12 12:28:39 2024 -0400
snort, search_engine: remove --dump-rule-databases
Rules are now automatically dumped to search_engine.rule_db_dir if not
loaded. Combine with snort --mem-check to get equivalent functionality
to --dump-rule-databases.
Russ Combs (rucombs) [Fri, 4 Oct 2024 15:55:59 +0000 (15:55 +0000)]
Pull request #4465: tcp_pdu: new inspector for simple length based flushing
Merge in SNORT/snort3 from ~RUCOMBS/snort3:tcp_pdu to master
Squashed commit of the following:
commit
58b1bc69c07c863d04c446207eb317d99ed1e7fd
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 16 14:06:01 2024 -0400
tcp_pdu: new inspector for simple length based flushing
tcp_pdu provides a generic protocol-aware-flushing capability for PDUs
that contain a length field. The field may be at a configurable offset
from the start of the PDU, it has a configurable length, and may specify
the total length of the PDU or the number of bytes following the length
field.
projects / thirdparty / snort3.git / log
