git.ipfire.org Git - thirdparty/snort3.git/log

]> git.ipfire.org Git - thirdparty/snort3.git/log

projects / thirdparty / snort3.git / log

Tom Peters (thopeter) [Tue, 17 Oct 2017 19:02:03 +0000 (15:02 -0400)]

Merge pull request #1043 in SNORT/snort3 from daq_tunnel to master

Squashed commit of the following:

commit 940e83dcc968adf1ea4cd29c745a4dbff35b1993
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Oct 11 15:36:37 2017 -0400

US131276 allow DAQ to set the tunnel bypass flags

commit | commitdiff | tree

Hui Cao (huica) [Tue, 17 Oct 2017 17:52:59 +0000 (13:52 -0400)]

Merge pull request #1045 in SNORT/snort3 from missing-commit to master

Squashed commit of the following:

commit ecb69d6b1314c8cab5964f878158ebda893c1372
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date: Tue Oct 17 11:39:54 2017 -0400

logger: u2_packet.c was moved to log

commit | commitdiff | tree

Hui Cao (huica) [Tue, 17 Oct 2017 13:53:59 +0000 (09:53 -0400)]

Merge pull request #1040 in SNORT/snort3 from expose-u2_packet to master

Squashed commit of the following:

commit 2439da6fc82c8876a4fe846b19a673689fc905d2
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Mon Oct 16 13:26:24 2017 +0000

    cleanup

commit 6f8aa06a3e92190ba72613f0b61a31371322484a
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Fri Oct 13 09:23:14 2017 -0400

    Move u2_packet.cc

commit c30de3bca9f2f70dcdc43e10b8a0324976b2b16c
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Wed Oct 11 10:17:13 2017 -0400

    build: remove u2_packet.h from loggers/Makefile.am

commit 504f0e68d6d929e0991bf1a16d03347d247237fa
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Wed Oct 11 08:28:39 2017 -0400

    log: Make U2PseudoHeader a public interface

commit | commitdiff | tree

Tom Peters (thopeter) [Thu, 12 Oct 2017 14:54:53 +0000 (10:54 -0400)]

Merge pull request #1028 in SNORT/snort3 from doc_portscan_copy to master

Squashed commit of the following:

commit 49b104835f5288b70832e12277bebd8025660510
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Sep 26 15:54:31 2017 -0400

adding port scan to manual

commit | commitdiff | tree

Michael Altizer (mialtize) [Tue, 10 Oct 2017 23:06:08 +0000 (19:06 -0400)]

Merge pull request #1038 in SNORT/snort3 from unsupported_rule_opts to master

Squashed commit of the following:

commit 65bf747af341c6deb9ed4ddb3f6b9389bbb4e23f
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Oct 9 19:43:24 2017 -0400

    snort2lua: Some header cleanups

commit d783df2741b7e75287432c52a3fc18be7822de59
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Oct 9 19:42:24 2017 -0400

    snort2lua: Correctly identify ftpbounce and sameip as unsupported rule options

commit | commitdiff | tree

Hui Cao (huica) [Tue, 10 Oct 2017 20:09:10 +0000 (16:09 -0400)]

Merge pull request #1032 in SNORT/snort3 from firewall_policy1 to master

Squashed commit of the following:

commit 12ad32c9eb5c099ca86c6a149c1b4ae0e6872dfb
Author: Steve Chew <stechew@cisco.com>
Date: Wed Oct 4 02:08:55 2017 -0400

Added public APIs to set and check IPS policies based on user_id.

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 9 Oct 2017 23:41:13 +0000 (19:41 -0400)]

Merge pull request #1035 in SNORT/snort3 from binder_network to master

Squashed commit of the following:

commit 041547dffaf5917fe101a9a810e88ded96169ea6
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Oct 9 10:39:04 2017 -0400

    ftp_server: changed ftp_server usage to INSPECT

commit 856b3a7fcce40f00db1d46e0a275f5d67dc4ba1d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Oct 6 14:52:57 2017 -0400

    binder: fixed nets check falling through on failure

commit cbaa8d55b0bb4951de69b3ac09e787854719ce4c
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Oct 5 17:29:10 2017 -0400

    ModuleManager: don't let context modules be configured if a network policy does not exist

commit 23abcc667ce19e27074c2e63edf830c2652b3f7a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Oct 5 17:05:12 2017 -0400

    snort2lua: added ips-policy-pattern. config binding adds ips and network for ips policy matches.

commit a072c09b513b2674e5c40ec4263e75e85d51e410
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Oct 4 16:45:16 2017 -0400

    binder: added network policy selection

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 9 Oct 2017 15:13:21 +0000 (11:13 -0400)]

Merge pull request #1036 in SNORT/snort3 from tunnel_225582 to master

Squashed commit of the following:

commit e9cc0d0af2059cb6aa589d8818bf4cac54738620
Author: Steven Baigal <sbaigal@cisco.com>
Date:   Tue Oct 3 14:59:25 2017 -0400

    updated DAQ stats to include retry verdict  peg count

commit 37cf28a584f43f093fbeec23baa9429257427304
Author: Steven Baigal <sbaigal@cisco.com>
Date:   Mon Sep 25 15:14:23 2017 -0400

    added tunnel bypass for IP 4IN4, IP 6IN6, GRE and MPLS

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 9 Oct 2017 14:32:51 +0000 (10:32 -0400)]

Merge pull request #1037 in SNORT/snort3 from nhttp92 to master

Squashed commit of the following:

commit e4eedc6d287ad3a66e5e47f5bf2144fb417669d1
Author: Tom Peters <thopeter@cisco.com>
Date:   Wed Oct 4 14:15:14 2017 -0400

    http_inspect: add random increment to message body division points

    stream: random increment fix

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 6 Oct 2017 21:00:39 +0000 (17:00 -0400)]

Merge pull request #1031 in SNORT/snort3 from binder_zones to master

Squashed commit of the following:

commit 08bd025019ff9a61a035fc9f8faa99d48bc6f132
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Oct 6 10:46:02 2017 -0400

    fixed build issues on OSX

commit 5bb5412170ab5c01714a71fd01b762883899e71d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Oct 3 15:47:59 2017 -0400

    snort2lua: removed port dce proxy bindings to fix http_inspect conflicts

commit 54a5be5daf20ce10fc404b92d897b3a4c700dd1d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Sep 29 12:12:55 2017 -0400

    snort2lua: added nap.rules zone translation

commit c09df9d2a008f0e319f697de41dd86cc14396657
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Oct 5 08:56:05 2017 -0400

    binder: check interface on packet instead of flow

commit b6f365f960d42b97ebf7b396508699e0c2670b09
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Sep 28 15:37:13 2017 -0400

    binder: added zones

commit | commitdiff | tree

Tom Peters (thopeter) [Fri, 6 Oct 2017 16:12:59 +0000 (12:12 -0400)]

Merge pull request #1034 in SNORT/snort3 from if2assert_251800 to master

Squashed commit of the following:

commit d1f2850d339775f8277838e434ca3d2c515c2e1f
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Oct 4 12:43:25 2017 -0400

changed if(> 0) to assert(> 0) for all concurrent_sessions peg counts

commit | commitdiff | tree

Michael Altizer (mialtize) [Thu, 5 Oct 2017 19:25:18 +0000 (15:25 -0400)]

Merge pull request #1030 in SNORT/snort3 from cleanup to master

Squashed commit of the following:

commit f35eaf6b9fc5d654dd428ca0ea99a0e17eddb8b1
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 5 13:53:35 2017 -0400

    build: Add an initial clang-tidy configuration

commit 9a07c7fcdd9b3dfeffb0c34eecd870c1b073b51d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 5 14:01:10 2017 -0400

    build: Second pass of clang-tidy's modernize-use-equals-default

commit 36d9894e859ce7d7fb5ffdaebd3848d1f934f960
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Oct 4 10:45:16 2017 -0400

    build: Remove all default destructor declarations

commit e6d34a254be93625da190a5909a7d0a01c4ecabb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Oct 2 19:55:24 2017 -0400

    build: Fix linking against external libiconv with autotools

commit 1eed9487c95085deba42c18dd093f9796d6c6131
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 12:40:26 2017 -0400

    build: More redundancy cleanups

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)" -checks='-*,readability-redundant-*'
    -fix.

commit 6b73e322fba1e252770fd9dc4e4d62f5b71c0642
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 12:28:35 2017 -0400

    build: Remove redundant declarations

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)"
    -checks='-*,readability-redundant-declaration' -fix.

commit 09715d923afad0592f23dea741cca11a1a1fbf78
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 12:23:56 2017 -0400

    build: Remove redundant flow control statements

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)"
    -checks='-*,readability-redundant-control-flow' -fix.

commit 37c2e606b84aef1f765657b6bd1405ce96c124e6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 12:19:38 2017 -0400

    build: Make some more function parameters const

    Informed by un-clang-tidy.py -header-filter="$(realpath ..)"
    -checks='-*,readability-non-const-parameter'.

commit 92b7fd10c4d0ddd521df092592bfc18e9044d4d6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 11:52:38 2017 -0400

    build: Do not use size() to check containers for emptiness

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)"
    -checks='-*,readability-container-size-empty' -fix.

commit 198636c4663f59bbdae5e5624a0c802fa2b3c8db
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Oct 1 11:43:12 2017 -0400

    build: Do not use compare() for pure string equality tests

    Informed by run-clang-tidy.py -header-filter="$(realpath ..)"
    -checks='-*,misc-string-compare'.

commit 497609441dd1f626434f6f039b57730bc2a3a7b4
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 17:08:47 2017 -0400

    build: Improve macro safety with parentheses

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)" -checks='-*,misc-macro-parentheses'
    -fix.

commit a44cdadf99bcb6ee0b12641ddb16d9ab04451629
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 16:48:30 2017 -0400

    build: Fix a couple instances of undefined memset behavior

    Reported by run-clang-tidy.py -header-filter="$(realpath ..)"
    -checks='-*,bugprone-*'.

commit cae0cc697d7a4614ad24c9f253193a6cbd37f4e1
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 16:26:05 2017 -0400

    build: Some language performance cleanups suggested by Clang

    Informed by run-clang-tidy.py -header-filter="$(realpath ..)"
    -checks='-*,performance-*' -fix

commit 79c3b608e997e440de2c22e6d9ef1e1189994f8b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 16:17:30 2017 -0400

    build: Make more string arguments into const references

commit b20e1e7ed64757efde9711c2c773915f749714ec
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 15:24:57 2017 -0400

    build: Modernize code with =default for special member functions

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)" -checks='-*,modernize-use-equals-default
    -fix

commit cf3d5440d22465b26b33ef15777bc1fa9d01dbc5
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 14:27:49 2017 -0400

    build: Modernize code with boolean literals

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)" -checks='-*,modernize-use-bool-literals'
    -fix

commit 63ba30a1d8e17a8296078931a0ae6980ac09204b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 14:21:18 2017 -0400

    build: Modernize code by removing redundant void args

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)"
    -checks='-*,modernize-redundant-void-arg'

commit 8b011f9ac133492facc66223f6b9ad8b07bd7943
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 14:16:11 2017 -0400

    build: Modernize code with make_shared conversion

    Generated automatically with run-clang-tidy.py
    -header-filter="$(realpath ..)" -checks='-*,modernize-make-shared' -fix.

commit 7e20f0fa31915690207bbdff886414ca280e7e91
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 12:30:50 2017 -0400

    build: Fix many warnings reported by Clang 5

commit 32b8843706f549c911091c36a3408c913f9360a5
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 14:07:33 2017 -0400

    build: Header cleanup (feat. clang-tidy)

    Assisted by run-clang-tidy.py -header-filter="$(realpath ..)"
    -checks='-*,modernize-deprecated-headers' -fix.

commit 4f9a94abcc40f12f9424384082e4fdcc250c6152
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 12:55:40 2017 -0400

    build: Modernize code with virtual/override/final cleanups

    Generated automatically with run-clang-tidy.py -header-filter='.*'
    -checks='-*,modernize-use-override' -fix.

commit 678d1f53b78f400c5b1915d74353ded1399cd101
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sat Sep 30 12:38:56 2017 -0400

    build: Modernize code with nullptr conversion

    Generated automatically with run-clang-tidy.py -header-filter='.*'
    -checks='-*,modernize-use-nullptr' -fix.

commit | commitdiff | tree

Tom Peters (thopeter) [Wed, 4 Oct 2017 18:34:31 +0000 (14:34 -0400)]

Merge pull request #1033 in SNORT/snort3 from appid_failing_reg_tests to master

Squashed commit of the following:

commit c4acd3948029d51d4ae934b1517e1e5ab4627b7e
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Oct 2 08:32:40 2017 -0400

service applications detected by port only were not be counted, this patch adds stat increment for service detections for this scenario

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 3 Oct 2017 14:43:18 +0000 (10:43 -0400)]

Merge pull request #1029 in SNORT/snort3 from appid_ftp_fix to master

Squashed commit of the following:

commit 56913ed293e26aa97b4e2942b8797dfb214699a7
Author: snorty <mdagon@cisco.com>
Date: Thu Sep 28 12:01:11 2017 -0400

Appid ftp: create exptected flow immediately after PORT command for active mode

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 29 Sep 2017 15:53:42 +0000 (11:53 -0400)]

Merge pull request #1027 in SNORT/snort3 from snort2lua_ims to master

Squashed commit of the following:

commit 9fe6d6a02b6e82834cbfd2f0c1ebf85f04c066ab
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 13:52:59 2017 -0400

    appid: Fix performance issues reported by cppcheck

commit aafb9275f17aa4ef91250402751ee80185f41c68
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 13:49:44 2017 -0400

    memory: Align allocator metadata such that returned memory is also max_align_t-aligned

commit feca8e5d4dbd0a08854f534287d2a45b98fd3a5d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 01:13:27 2017 -0400

    build: Clean up a few ICC 2018 and GCC 7 warnings

commit 9532792af8405365856ee56b0c6416c0c231bc4d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 01:09:29 2017 -0400

    build: Add NORETURN_ASSERT to tag functions that will always assert

commit 4df0a1d9f5079474d46f757b28c3621157d8d05b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 00:29:36 2017 -0400

    uboat,fbstreamer: Fix issues reported by cppcheck

commit 2152f1ab13736173c7bd3d029fa5294a4b22edfd
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Sep 28 00:21:55 2017 -0400

    snort2lua: Fix various issues reported by cppcheck

commit d2fa14de02578809294926a981c70d9a4554f0cf
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Sep 27 15:30:37 2017 -0400

    snort2lua: Fix initialization order in Converter constructor

commit 26ae4d24ab624c4d0874ae0ab9ca97587d339cde
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Sep 20 16:29:59 2017 -0400

    log/messages: Redirect stderr to syslog as well

commit 39bd64bee437f935650af17ac39f6bbbd6c840ac
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Sep 20 12:38:00 2017 -0400

    snort2lua: Implement firewall preproc and sfunified2 output conversions

commit | commitdiff | tree

Michael Altizer (mialtize) [Wed, 27 Sep 2017 18:07:27 +0000 (14:07 -0400)]

Merge pull request #1023 in SNORT/snort3 from s2l_nap to master

Squashed commit of the following:

commit 5e656382f62b51480b5b1c363e16d53a8ed985d1
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Sep 26 08:53:33 2017 -0400

    snort2lua: refactored TableApi

commit 89e936eabcd80bb3a866b92a94aa1fb8671ec6fe
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Sep 21 17:08:30 2017 -0400

    snort2lua: fixed extra whitespace generation

commit 1d886319fb648154b5f72ac5613cb71de19c927d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Sep 20 08:52:46 2017 -0400

    snort2lua: added nap_selector support

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 26 Sep 2017 19:21:55 +0000 (15:21 -0400)]

Merge pull request #1026 in SNORT/snort3 from nhttp91 to master

Squashed commit of the following:

commit f19b7390fe12eac6f9b3525a181384e353dae217
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Sep 25 17:02:31 2017 -0400

http_inspect: test tool improvements

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 25 Sep 2017 23:38:06 +0000 (19:38 -0400)]

Merge pull request #1022 in SNORT/snort3 from snort_daq_packet_retry to master

Squashed commit of the following:

commit c5eaf9f5a8d381a829df5e159eae3fed26309171
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Thu Aug 10 15:01:28 2017 -0400

    implement snort support for DAQ_VERDICT_RETRY feature

    add reg test inspector to facilitate regression testing, initially for the daq packet retry feature

    add reg test inspector service to facilated regression testing of snort++

    limit check of chp match strings to clear to the ones that may have actually been set during chp processing

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 25 Sep 2017 19:33:35 +0000 (15:33 -0400)]

Merge pull request #1019 in SNORT/snort3 from readme_email to master

Squashed commit of the following:

commit d0b5a5444cb4f89b8d00a0335bf9d32a23f86a50
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Sep 20 15:28:36 2017 -0400

added POP, IMAP and SMTP to user manual features

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 25 Sep 2017 17:54:32 +0000 (13:54 -0400)]

Merge pull request #1025 in SNORT/snort3 from nhttp90 to master

Squashed commit of the following:

commit 43ec1af54b6fc6cacf77da97e687fc6f1877f83a
Author: Tom Peters <thopeter@cisco.com>
Date:   Thu Sep 14 13:17:29 2017 -0400

    http_inspect, stream: HTTP headers no longer avoid detection when message unexpectedly
    ends after status line or headers

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 25 Sep 2017 16:03:16 +0000 (12:03 -0400)]

Merge pull request #1017 in SNORT/snort3 from binder_direction to master

Squashed commit of the following:

commit 4cd912df8cfa19769b83058243cd227bf24a693b
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Sep 19 10:35:10 2017 -0400

Binder: allow src and dst specifications for ports and nets

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 25 Sep 2017 15:12:14 +0000 (11:12 -0400)]

Merge pull request #1024 in SNORT/snort3 from appid_rtp_test to master

Squashed commit of the following:

commit f7991c80e3f45ecac034bcf707b406f7f382e85f
Author: snorty <mdagon@cisco.com>
Date:   Fri Sep 22 13:58:54 2017 -0400

    Remove blank lines

commit be685b9241b9c77e605ee8af700752fa66ec9fd6
Author: snorty <mdagon@cisco.com>
Date:   Fri Sep 22 10:46:38 2017 -0400

    Fix typo

commit 63ae375359c37be88f31e3f39183293aa7c8e930
Author: snorty <mdagon@cisco.com>
Date:   Wed Sep 13 14:31:35 2017 -0400

    Appid RTP flow flags (changes commented out)+ small fix

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 22 Sep 2017 13:41:53 +0000 (09:41 -0400)]

Merge pull request #1021 in SNORT/snort3 from firewall_memleak1 to master

Squashed commit of the following:

commit 25d9fcb917501bd63ed0b46633803c66a0ad4c71
Author: Steve Chew <stechew@cisco.com>
Date: Thu Sep 21 15:25:33 2017 -0400

Return nullptr from ApplicationDescriptor get funcs when string is empty.

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 22 Sep 2017 13:41:28 +0000 (09:41 -0400)]

Merge pull request #1006 in SNORT/snort3 from smb_unicode_fname to master

Squashed commit of the following:

commit aec151308a6b538db68baddeec1a09b956849993
Author: snorty <mdagon@cisco.com>
Date:   Wed Sep 20 17:40:48 2017 -0400

    Missed 2 files

commit 31c622a7fba16becbf5f6b24ce490e4a36cecb78
Author: snorty <mdagon@cisco.com>
Date:   Tue Sep 19 15:19:46 2017 -0400

    Additional changes from Michael's branch - cmake changes for iconv + additional improvements

commit 3758b4d8604c1b1fafce1138942b8f8f20c58ec3
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Sep 15 14:47:57 2017 -0400

    build: Import iconv autotools logic from gnulib

commit ef23d1dabc7326091010988a6e0aa0cb936bcc5f
Author: mdagon <mdagon@cisco.com>
Date:   Mon Jul 24 10:29:15 2017 -0400

    SMB unicode filename support

    1. iconv is used for translating UTF16-LE file names to UTF8.
    2. Smb will add BOM to file name in case it is Unicode.
    3. Translation will be done in file_api during logging.
    4. Active response was updated to keep the same format of the original file name.
    5. File api was updated to use pipe-delimited hex for file names:
       printable text will show up as plain text and any 8-bit chars as hex
    6. Full file name, including path, will be logged, instead of only the file name
    7. NHI will send raw uri instead of normalized uri to file api

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 21 Sep 2017 13:54:47 +0000 (09:54 -0400)]

Merge pull request #1020 in SNORT/snort3 from typos to master

Squashed commit of the following:

commit 764e7cd1cfa055c6d0e92a0af6ed2727ec925317
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 21 08:37:40 2017 -0400

spell check: fix typos in comments

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 20 Sep 2017 18:05:41 +0000 (14:05 -0400)]

Merge pull request #1014 in SNORT/snort3 from policy_split to master

Squashed commit of the following:

commit 0770342be4f4da6ec65d0719ba97b39d6f96b464
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Sep 19 11:26:00 2017 -0400

    unified2: implemented ips, network, and inspection policy id logging

commit c2ecc2df0f84a87bc9ed76b7815096013fda8c55
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Sep 18 13:04:16 2017 -0400

    appid pop3, appid imap: fixed missing include

commit c01713fbe13151f5b9d2f7519f916a104eb5e3fd
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Sep 14 13:06:20 2017 -0400

    snort2lua: config policy_id converts to when ips_policy_id

    This is an interim support to generate loadable configs until
    proper ips / network / inspection differentiation is added.

commit 22147f8cd90ec44794aa3089fbc5308d86a20339
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Sep 14 11:35:11 2017 -0400

    Shell: force default policies for shells not from binder

commit b50ea6e9dfff279c80427fd806341d578f32feca
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Aug 30 13:50:19 2017 -0400

    Binder, Flow, PolicyMap, Shell: enabled policy splitting by type

commit | commitdiff | tree

Hui Cao (huica) [Tue, 19 Sep 2017 19:55:25 +0000 (15:55 -0400)]

Merge pull request #1016 in SNORT/snort3 from appid1 to master

Squashed commit of the following:

commit b158a2712ae7a41e8b2fac760358c209f6378a0d
Author: Steve Chew <stechew@cisco.com>
Date: Fri Sep 15 18:06:20 2017 -0400

Install the appid_api.h header to be used by FirewallInspector module.

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 19 Sep 2017 18:00:57 +0000 (14:00 -0400)]

Merge pull request #1018 in SNORT/snort3 from appid_broke_cmake to master

Squashed commit of the following:

commit 3a7c7be3c9f97243ae4c4e8e868acc6e028704c1
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Sep 19 12:14:54 2017 -0400

ad appid_peg_counts.cc to lib dependency list for appid http event unit tests

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 18 Sep 2017 14:49:44 +0000 (10:49 -0400)]

Merge pull request #1015 in SNORT/snort3 from log_id_offset to master

Squashed commit of the following:

commit c2acd9a9e3389c7ef48ac593ffebfc8b4d4b530e
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 15 12:27:05 2017 -0400

thread: Add logging directory ID offset controlled by --id-offset option

commit | commitdiff | tree

Tom Peters (thopeter) [Thu, 14 Sep 2017 20:33:10 +0000 (16:33 -0400)]

Merge pull request #1013 in SNORT/snort3 from nhttp89 to master

Squashed commit of the following:

commit 5823a745323181eea49a7accc3dce9db76a131aa
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Sep 11 17:19:02 2017 -0400

http_inspect: alphabetical ordering of rule options

commit | commitdiff | tree

Tom Peters (thopeter) [Thu, 14 Sep 2017 18:26:26 +0000 (14:26 -0400)]

Merge pull request #1008 in SNORT/snort3 from appid_enhance_stats to master

Squashed commit of the following:

commit 1c37bb2c08789f3f49c8d38bddbdfafd58cea9d2
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Sun Sep 3 16:47:04 2017 -0400

    appid: this commit implements several enhancements to AppId peg counts
    1) the entries in the appMapping.data file are used to dynamically
    generate a vector of the PegInfo and PegCounts for each application that AppId can
    detect. These dynamically generated pegs are merged with a table of
    static pegs for counts of other AppId events worth noting and the
    combined table returned to Module when it queries for PegInfo and
    PegCounts.  The application name from each entry is used as the label
    for the peg counts and to construct the help string.  For each id a
    count is maintained for service, client, user, payload, and misc
    detections.
    2) Since the dynamic table can not be built until AppId is configured
    the Module class was modified to not make the calls to collect PegInfo
    and initialize the peg count data structures as each module is added.
    Instead the call to do this is done from Snort::init after Inspectors
    have been configured.
    3) AppId now increments its detection counts in the base class method
    that is call for each type of detected app (service, client, payload,
    user, misc) and is only incremented when the id of the detected app is
    different the current setting for that type.
    4) refactor AppIdSession to create a new class ApplicationDescriptor and
    derived classes for each application id type (client and user info are
    maintained by a single class).  These classes maintain the
    id and related state for each type have the logic for updating the state
    and the detection counts when appropriate.
    5) Create new class AppIdPegCounts to manage the PegInfo and PegCounts
    tables and functions for incrementing the peg statistics

    Miscellaneous updates:
    - numerous updates to improve compliance with coding standards and
      improve readability
    - use AppId enum type for all variables and paremeters that represent an
      application id
    - appid_stats_counter.cc no longer need and has been deleted
    - numerous instances of redundant calls to set AppId session state
      information have been removed
    - update appid unit tests to work with stats enhancements
    - update appid regression tests to work with stats enhancements

    move detectors configured state variable to AppIdPegCounts class, add method to set it true when detectors are loaded

    move AppId peg count enums into AppIdPegCounts class

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 12 Sep 2017 20:10:06 +0000 (16:10 -0400)]

Merge pull request #1010 in SNORT/snort3 from sfipvar to master

Squashed commit of the following:

commit ab4b16bd7105fd064071f251dd72ee00918ec263
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Sep 8 15:50:00 2017 -0400

Made Improvements to SFIPVar list performance and added unit test cases

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 12 Sep 2017 19:58:06 +0000 (15:58 -0400)]

Merge pull request #1012 in SNORT/snort3 from file_lib_fix to master

Squashed commit of the following:

commit 7ac239558ebe5f37a6e96efa3e5ab01f39bfee7f
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Sep 12 13:35:55 2017 -0400

refix the fix on valgrind error for null terminator overwritten issue

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 11 Sep 2017 21:05:14 +0000 (17:05 -0400)]

Merge pull request #1011 in SNORT/snort3 from file_lib_fix to master

Squashed commit of the following:

commit e23f9254f747db77ad1263800810cb2cd3ae9715
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Sep 11 15:08:58 2017 -0400

Fixed a valgrind error -- null terminator overwritten when length equals 8

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 11 Sep 2017 17:15:10 +0000 (13:15 -0400)]

Merge pull request #1009 in SNORT/snort3 from nhttp88 to master

Squashed commit of the following:

commit ff9037908b697cda3c847d25a91427526a7305d6
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Sep 8 15:35:46 2017 -0400

http_inspect: added http_raw_buffer rule option

commit | commitdiff | tree

Russ Combs [Sun, 10 Sep 2017 02:36:17 +0000 (22:36 -0400)]

Squashed commit of the following:

commit 929661c23d43af57f00a98a9df5046960187d526
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Sep 9 10:04:58 2017 -0400

    build: fix noreturn and unused warnings

commit 03230ffb0c7b45800f8368a4009dbb5b82b34671
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Sep 9 15:29:47 2017 -0400

    memory: patch around allocation tracking issue

commit 9436ba425e2fa1669ef35046d4a1337b33068652
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Sep 9 10:03:27 2017 -0400

    memory: remove canary from production builds to reduce overhead

commit 7fadd3d35b6c19fb42e3809db384db4828497f7e
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Sep 4 18:28:25 2017 -0400

    memory: output basic startup heap stats

commit | commitdiff | tree

Russ Combs (rucombs) [Sat, 9 Sep 2017 15:00:00 +0000 (11:00 -0400)]

Merge pull request #1005 in SNORT/snort3 from rule_dependencies to master

Squashed commit of the following:

commit acc68fe935fed33c263f355d08320c770bb06cdb
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Aug 25 16:21:58 2017 -0400

sip: sip_method can use data from any sip inspector of any inspection policy

commit | commitdiff | tree

Tom Peters (thopeter) [Fri, 8 Sep 2017 14:27:09 +0000 (10:27 -0400)]

Merge pull request #1007 in SNORT/snort3 from nhttp87 to master

Squashed commit of the following:

commit 811c4224c6f048f55319a95efef7402a3f079b10
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Aug 30 14:26:08 2017 -0400

http_inspect support for u2 extra data logging

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 5 Sep 2017 20:25:04 +0000 (16:25 -0400)]

Merge pull request #1003 in SNORT/snort3 from appid_lua_detectors to master

Squashed commit of the following:

commit d6a01cdeb7716a02aeb45007cba39d928d223675
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Tue Aug 29 08:05:04 2017 -0400

    hard code use of 'ac_full' as search method for search engine for appid

    select 'ac_full' as search method for appid for now as it is the only one that supports 'find_all', also force enable dfa flag in search engine, improve encapsulation of appid pattern match service class

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 1 Sep 2017 17:25:44 +0000 (13:25 -0400)]

Merge pull request #1004 in SNORT/snort3 from xcode to master

Squashed commit of the following:

commit 657e650852af9bc8a0c39dc986aa94edc1364f21
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Sep 1 09:02:29 2017 -0400

    analyzer: fix possible leak upon appid info table entry dup

commit ade6ed67f5602ffca18447d0b0ac1ad67da4fcd9
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Sep 1 08:50:07 2017 -0400

    analyzer: fix possible memory leak in side channel

commit 27a9d0a40ec991b938d1f801b32e7fb9fb507ea8
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Aug 31 19:46:22 2017 -0400

    analyzer: fix missing braces around subobj initialization in flow key

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 31 Aug 2017 16:53:59 +0000 (12:53 -0400)]

Merge pull request #1002 in SNORT/snort3 from sum_stuff to master

Squashed commit of the following:

commit 322d34f0cc28f97723877caa123853b9c93929b8
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Aug 29 09:58:51 2017 -0400

    doc: add module usage and peg count type

commit fc9228831b4d5947e5f79470c5ce2aab1b178c16
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Aug 29 09:37:08 2017 -0400

    modules: add usage designating global, context, inspect, or detect policy applicability

commit 71854c80f788d5419488cd08329b12284c427a5a
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Aug 28 20:42:55 2017 -0400

    stats: use peg info to accumulate by type

commit 8ce4e18e7035c13101663aa429ae3004824bc7d5
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 27 19:16:12 2017 -0400

    pegs: add count type to info

commit 84348164529f752b20e5cad3e507454192332e4b
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 19 15:48:21 2017 -0400

    snort2lua: search_engine.split_any_any now defaults to true

commit 2b4a49c31e965c6d493c3683fc8a0f1283f45656
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 19 15:23:14 2017 -0400

    snort: -T does not compile mpse; --mem-check does

commit | commitdiff | tree

Hui Cao (huica) [Tue, 29 Aug 2017 19:49:12 +0000 (15:49 -0400)]

Merge pull request #1001 in SNORT/snort3 from unified4 to master

Squashed commit of the following:

commit b7a3b06b5d87fdbe3a920d0f96469b2131c9146a
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 29 08:50:17 2017 -0400

Install sfdaq.h and application_ids.h needed by Firewall changes.

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 29 Aug 2017 19:21:11 +0000 (15:21 -0400)]

Merge pull request #1000 in SNORT/snort3 from appid_lua_api to master

Squashed commit of the following:

commit 7b72de2271ba9a9e6d1ff5d6482a4c61911bb76c
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Aug 28 13:55:44 2017 -0400

fix memory leak in http pattern matching, minor cleanups

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 28 Aug 2017 20:38:09 +0000 (16:38 -0400)]

Merge pull request #995 in SNORT/snort3 from peg_max_conc_p2 to master

Squashed commit of the following:

commit 92c5a4145ce11a5610b88afb3120a75d3354178e
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Aug 11 15:40:19 2017 -0400

add peg count for max concurrent sessions - part2

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 28 Aug 2017 15:57:54 +0000 (11:57 -0400)]

Merge pull request #999 in SNORT/snort3 from icmp6_key to master

Squashed commit of the following:

commit e32554194296dd73fe13ed6bf9b7754d0d988d67
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Aug 22 13:23:06 2017 -0400

Updated to support associating router solicit/reply packets to a single session

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 25 Aug 2017 12:54:58 +0000 (08:54 -0400)]

Merge pull request #998 in SNORT/snort3 from nhttp86-cleanups to master

Squashed commit of the following:

commit b408bba53c50afc7f7235ea914bbac87dadb3b71
Author: Tom Peters <thopeter@cisco.com>
Date:   Thu Aug 24 14:09:05 2017 -0400

    .

commit 8ee92a53acf58c2dfc829add2c663de2ba4419a6
Author: Tom Peters <thopeter@cisco.com>
Date:   Tue Jul 25 11:37:43 2017 -0400

    NHI bug fix plus cleaned up a bunch of stuff.

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 25 Aug 2017 12:39:46 +0000 (08:39 -0400)]

Merge pull request #997 in SNORT/snort3 from port_table_cruft to master

Squashed commit of the following:

commit d52c5cac7ed64dc56f80f2b78f10e065c88d1320
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 23 15:42:04 2017 -0400

    snort: disallow invalid port range !:65535 (!any)

commit dd620176da4daaccee9a56827f00d2a0e73bcfd3
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 23 15:01:02 2017 -0400

    snort: remove port object cruft

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 21 Aug 2017 22:11:58 +0000 (18:11 -0400)]

Merge pull request #996 in SNORT/snort3 from warnings to master

Squashed commit of the following:

commit 74780ac195a4bd913c9eda6a0c6d9d14698f431d
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Aug 18 16:16:13 2017 -0400

build: Clean up some more compiler warnings and remove spurious tabs

commit | commitdiff | tree

Russ Combs [Sat, 19 Aug 2017 02:24:02 +0000 (22:24 -0400)]

Squashed commit of the following:

commit ee787c62ce89880b0dd6a0b2df06886f0e171e3b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 18 20:54:07 2017 -0400

snort2lua: fix borked build broke by binder order

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 18 Aug 2017 20:47:49 +0000 (16:47 -0400)]

Merge pull request #991 in SNORT/snort3 from binder_order to master

Squashed commit of the following:

commit 0a44cace2f0cb9798caf59a9f6aba64f21c73de3
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Aug 14 12:19:28 2017 -0400

    snort2lua: enforced ordering to bindings in binder table

commit 4d9a66aefe11ea13f20d2468fccfd140cb18df09
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Aug 10 17:56:35 2017 -0400

    snort2lua: removed dead code

commit | commitdiff | tree

Tom Peters (thopeter) [Fri, 18 Aug 2017 19:22:27 +0000 (15:22 -0400)]

Merge pull request #993 in SNORT/snort3 from nhttp85 to master

Squashed commit of the following:

commit f9f1973bb5bd6e38b5b2b974bb202396f048cb6f
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Aug 1 14:11:54 2017 -0400

http_inspect: create message sections with body data that has been dechunked and unzipped but not otherwise nortmalized.

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 18 Aug 2017 14:53:04 +0000 (10:53 -0400)]

Merge pull request #994 in SNORT/snort3 from elk to master

Squashed commit of the following:

commit 573659a4166f5e1c9583383d7bf0bddbee4472a5
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Aug 17 15:22:54 2017 -0400

    csv: updates

commit d566f6bb98497dd76baea1b88f451509a7291b96
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Aug 17 15:11:50 2017 -0400

    b64: updates

commit c25181487233e22511dcd7d5c2f06ba2ad6cf5a2
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 16 13:45:31 2017 -0400

    appid: convert appid_stats.log from u2 to csv

commit c882db6d3c1901bb3f42e38f733cb70632f3139e
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 16 11:48:23 2017 -0400

    configure: add --disable-stdlog for cases where logging alerts to file descriptor 3 is unhelpful

commit 6d3c8c3d4c365e8d99866ada71ecc1b039e2c00b
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 16 11:22:48 2017 -0400

    cleanup: remove rogue HAVE_CONFIG_H from includes

commit d302999d9e784d6a6e2fe8e18514be33b2a3d470
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 16 11:17:54 2017 -0400

    appid: tweak help for instance_id

commit 2b135326f84f4047aaef5336c7bc31948607d1d5
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Aug 14 12:56:28 2017 -0400

    stream_tcp: ensure max pdu is flushed by default splitter

commit 7f5eb5649c0f7012c518b5197c77c4b320407841
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 13 20:39:22 2017 -0400

    unified2: log buffers as cooked packets with legacy events

commit 946b93bdb7aa35d23b259cb769e2eac940254ad7
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 13 07:32:07 2017 -0400

    build: fix unused parameter warning

commit 4c7e0c61a43102c803c34ca22fe919e2998a941b
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 12 16:05:10 2017 -0400

    conf: fix default classification capitalization

commit a9ccc441b02898f6c9e6471404ced30a1f17f312
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 13 07:28:57 2017 -0400

    alert_csv: add vlan and mpls options

commit 666b46fd3a976da03840aedf93f5522a639e0de9
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 12 10:25:32 2017 -0400

    alert_csv: add b64_data, rename dgm_len to pkt_len

commit 64889ec87c4a8c953742a7a828d968334439ef48
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 12 10:24:04 2017 -0400

    loggers: add base64 encoder based on libb64 from devolve

commit dfb8e204bcc8d6232b51fdd47ef91ac5d4609f8d
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 11 22:32:17 2017 -0400

    alert_csv: add class, priority, and service options

commit c39d12177bf9a4f304a2801dca1c4edb9b3b8f18
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 11 22:32:01 2017 -0400

    loggers: use standard year/mon/day format

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 17 Aug 2017 17:59:29 +0000 (13:59 -0400)]

Merge pull request #990 in SNORT/snort3 from port_reload_performance_fixes_2 to master

Squashed commit of the following:

commit 8c1d83e9188cc38480fbfc99c363608ecd4ca93b
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Aug 17 08:58:02 2017 -0400

    snort: Use Debug::enable for runtime check

commit 1c5791908d3e286db0d25b57a1c9d556aad14883
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 16 14:36:05 2017 -0400

    snort: more review comments

commit b6c48d7096add2a9cc0df8af0b7877996b7ab470
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 16 09:20:15 2017 -0400

    snort3: update based on review comments

commit e1bd664d7cfd6766e98ddb39e715ceab2879d678
Author: Victor Roemer <viroemer@cisco.com>
Date:   Tue Aug 15 15:57:05 2017 -0400

    snort: move debug code into the ifdef DEBUG

commit 1b1350a638cac3355ba0bb80d99298e8f7fd59e6
Author: Victor Roemer <viroemer@cisco.com>
Date:   Fri Aug 11 15:45:54 2017 -0400

    search_engines: only add state to queue once

commit 16069bfce5ffe09d5a52531cf32da305cf28d8d1
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Aug 10 13:31:09 2017 -0400

    snort: remove duplicate function declaration

commit 42a2156b3b08232fd6032a7c27d3558fb29dcee2
Author: Victor Roemer <viroemer@cisco.com>
Date:   Mon Aug 7 18:21:54 2017 -0400

    snort: port the optimized port table compilation from 2.9.12

    Incomplete port of port, some things require reworking since PortObjectItem changed so much in Snort3

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 16 Aug 2017 02:07:31 +0000 (22:07 -0400)]

Merge pull request #992 in SNORT/snort3 from rm_peg_count_assert to master

Squashed commit of the following:

commit 2d9ac5528e31a1cf146d22c6b8f42cbedcfd440a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Aug 15 18:46:59 2017 -0400

changed concurrent_sessions stats assert() to if()

commit | commitdiff | tree

Tom Peters (thopeter) [Tue, 15 Aug 2017 16:30:51 +0000 (12:30 -0400)]

Merge pull request #988 in SNORT/snort3 from max_cocurr_session_peg to master

Squashed commit of the following:

commit 86a1cc3153f86bdc73d168ac16dd414f842e8010
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Aug 10 16:17:10 2017 -0400

Added peg count for max concurrent sessions to service inspectors

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 14 Aug 2017 20:28:10 +0000 (16:28 -0400)]

Merge pull request #989 in SNORT/snort3 from pause_fix to master

Squashed commit of the following:

commit 22cbf9fe707272c9549ec81125fec4fbc69d961e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Fri Aug 11 13:34:12 2017 -0400

    main: Fix pause command issued from command line to accept control commands while in paused state

commit 8519c9d98ebc9375e66234de9aa3a6d108d27fd8
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Fri Aug 11 12:46:48 2017 -0400

    main: Fix pause command issued from command line to accept control commands while in paused state

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 11 Aug 2017 16:31:22 +0000 (12:31 -0400)]

Merge pull request #975 in SNORT/snort3 from delete_inspector to master

Squashed commit of the following:

commit bc33c5a6534764063530ab181422f6a0bb6ac9d1
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 11:05:30 2017 -0400

control: delete inspector from the default inspection policy

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 11 Aug 2017 16:24:30 +0000 (12:24 -0400)]

Merge pull request #986 in SNORT/snort3 from act_u2x_len to master

Squashed commit of the following:

commit f17065bd7092acee1aa4c856b04d5cfbc2e62807
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 9 18:19:53 2017 -0400

    appid: fix match vector clearing

commit c1478fac6dd1cdf717948ef64c1db03545ce4cfd
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 9 18:21:34 2017 -0400

    unified2x: remove obsolete logger; use unified2.legacy_events = true instead

commit 377062a71f6330f26b3033d863da50b56abfb7f2
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Aug 9 10:53:12 2017 -0400

    unified2: add legacy_events bool for out-of-date barnyard2

commit 69f2dd344c991f1a56e5b93f31d8e49843dbcf6e
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Aug 8 22:02:08 2017 -0400

    u2: remove obsolete test mode unlink

commit 7277dc3e62677f704bfe9b9bad207997e70687ca
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Aug 8 07:32:26 2017 -0400

    build: remove obsolete WIN32 snippets

commit 4a64e358bf62a8601eada87e1f3158e34f0c6a9a
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Aug 7 18:05:27 2017 -0400

    build: fix mac / clang build

commit c5b37ac2fb963d9d11f532160ca6e977cabf2cd5
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Aug 7 18:05:00 2017 -0400

    spell: fix bufferlen help typo

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 10 Aug 2017 14:42:26 +0000 (10:42 -0400)]

Merge pull request #985 in SNORT/snort3 from multi_binder to master

Squashed commit of the following:

commit 03b16f35970939c4a3ad6acebaa0ed5dca7a5a31
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Aug 4 14:07:32 2017 -0400

    snort2lua: removed excessive newlines from binder output

commit a0d7c06663c85b06a85aa6830ff5b88b20289a5e
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Aug 4 10:39:14 2017 -0400

    snort2lua: bindings now merge and propagate to top level of corresponsing policy

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 8 Aug 2017 20:01:51 +0000 (16:01 -0400)]

Merge pull request #979 in SNORT/snort3 from pkt_tracer_p2 to master

Squashed commit of the following:

commit c171b98fe8535d65293d2ea0694d09cbe6a42c9a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jul 27 16:24:39 2017 -0400

add support of writing packet trace to DAQ

commit | commitdiff | tree

Russ Combs [Mon, 7 Aug 2017 02:20:21 +0000 (22:20 -0400)]

Squashed commit of the following:

commit bb852740170eedb059ad0453f80bdf069b79310b
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 6 21:14:46 2017 -0400

    snort: exit with zero from usage

commit 262814841a5060e349daf357a72146cb921eb7bc
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 6 20:27:40 2017 -0400

    snort: add --dump-msg-map

commit c7db261aea251d9c8a887f28784dea9235483d82
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 6 19:40:05 2017 -0400

    snort: fix --dump-builtin-rules to accept optional module prefix

commit b1987eb132b7bdfdc6c43a9f4f80a4e46ddb3e68
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Aug 6 09:20:02 2017 -0400

    unified2: resurrect old u2 as unified2x in extra until new u2 events are supported

commit | commitdiff | tree

Russ Combs [Sat, 5 Aug 2017 15:56:54 +0000 (11:56 -0400)]

Squashed commit of the following:

commit 3b226926b43af0665ba14c502c4a23cd8589811a
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Aug 5 10:55:06 2017 -0400

    rules: make table consistency checks debug only

commit 1f1901fecb88d2871fb4088d6f5f0955767ea5a3
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 4 14:01:13 2017 -0400

    doc: add stdlog usage example

commit f7f4dd5cef22a138582fe8ecad2d03f0b8a8e611
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 4 13:26:46 2017 -0400

    build: remove a4 from version string

commit 057220564faa84541f3882b2ea4e1d04df33557a
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 4 12:13:32 2017 -0400

    conf: convert string ranges to interval params

commit 2c997e0a969bea72bd641e519e48de4052753a16
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 4 11:03:29 2017 -0400

    conf: add explicit interval type

commit 756be7ac77ae96ef026aa92a4af268708ebf4748
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Aug 4 07:32:40 2017 -0400

    spell check: fix typo

commit fc7830bd27d6718a4bd439cde33bfc641d8363b7
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Aug 3 22:02:35 2017 -0400

    snort2lua: convert dsize:a<>b to dsize:a<=>b for consistency with other rule options

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 4 Aug 2017 16:36:21 +0000 (12:36 -0400)]

Merge pull request #953 in SNORT/snort3 from reload_inspector to master

Squashed commit of the following:

commit c5ec856a1fd022d83fddc05eac88aa5969dede2c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Thu Aug 3 23:53:09 2017 -0400

    control: dev notes updates, updates to code per review

commit 4c020ea967d22d3db38468fd46810c304bbba64e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Mon Jul 31 09:35:40 2017 -0400

    control: updates to reload_policy per review

commit a1218168afb28e65253bd0a5e4984438e0214bba
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jul 26 12:39:02 2017 -0400

    control: enforce fname argument for reload policy

commit 80a3a2d95d0738818017904920546e42738d3cd7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jul 26 12:17:29 2017 -0400

    control: renaming the stats for policy reloads

commit fa2456f55f3cd0925a227ca0e26083b87ee91c26
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jul 26 11:37:55 2017 -0400

    control: update snort_config.cc per master

commit 408f6872cda9970d940ea8623486fdb829e36024
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Sun Jul 23 16:16:49 2017 -0400

    updating unit tests

commit 249eeee92fdcff74e4fd093e4c5022451aeb484f
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Sat Jul 22 16:07:28 2017 -0400

    control: update binder with new inspector

commit cd0b2b8f38af2d1a38f4b6aedb574791ccf30512
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Mon Jul 17 21:44:41 2017 -0400

    control: Changes per code review : reinstantiate default binder when inspectors are enabled. rename command to reload_policy

commit 06e84c034ec8da7fe8daea2afb8d0ed9e26136cc
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Fri Jul 14 16:48:34 2017 -0400

    control: delete the old binder while reloading inspector

commit 9b1928c8587b878b518eb7b5339ec290c613daa5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jul 26 11:05:30 2017 -0400

    control: resolve merge conflicts

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 4 Aug 2017 13:25:26 +0000 (09:25 -0400)]

Merge pull request #970 in SNORT/snort3 from port_reload_performance_fixes to master

Squashed commit of the following:

commit def9b84906c82d9ebb5f8a85f4227e51520327f3
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Aug 3 13:37:54 2017 -0400

    dce_rpc: remove connection-oriented rules from dce_smb module

commit 324a91db775c65c34a5b0cf435768d199368c20c
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Aug 3 12:44:41 2017 -0400

    snort: keep tracking rtn after merging duplicate otns

commit b79a20e1a45d052177ff78dff1fd4778dd956b41
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 2 14:20:50 2017 -0400

    dce_rpc: Fix --enable-debug-msgs without --enable-debug

commit e901cb79cb608603e109d199cc804e8eab285e83
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Aug 2 14:20:21 2017 -0400

    snort: Fix --enable-debug-msgs

commit 733037605b804fd1a1585ff170e5da36dc39400f
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Jul 26 08:43:41 2017 -0400

    snort: optimize mSplit performance

commit f48509d9ce999a91fa1ade6009235ed32353338c
Author: Victor Roemer <viroemer@cisco.com>
Date:   Tue Jul 25 10:26:09 2017 -0400

    snort: Parse time RuleTreeNode hash table

commit 85c3cd141b1578200c89ee451382508e9d83732a
Author: Victor Roemer <viroemer@cisco.com>
Date:   Mon Jul 24 13:40:38 2017 -0400

    snort: Stop iterating over ports earlier

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 3 Aug 2017 22:16:37 +0000 (18:16 -0400)]

Merge pull request #982 in SNORT/snort3 from snort2lua_tbd to master

Squashed commit of the following:

commit d1fa8d0f7e525c7be5834598f882681e430e1132
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Aug 3 18:12:45 2017 -0400

    snort2lua: removed dead comments

commit 86f07d1a0038cfb3da576e8bacd8af9868e9a068
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Jul 28 15:24:58 2017 -0400

    snort2lua: added dynamicoutput to deleted list

commit 523ddfa51f0301c7e106c74b9745b3f35d561a6d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Jul 28 13:59:51 2017 -0400

    snort2lua: added firewall to unsupported list

commit 1021f6d10712c290986356ffc2127e24d494dd70
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Jul 28 13:36:33 2017 -0400

    snort2lua: added nap_selector to unsupported list

commit b8b058da7779c802b906813ba108cbaa10a3a11a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Jul 28 13:19:05 2017 -0400

    snort2lua: added sf_unified2 to unsupported list and matching log/alert to deleted.

commit e54a3faff40023cecc60ec8a58c502a241c94843
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Jul 27 12:44:03 2017 -0400

    snort2lua: added config protected_content to deleted list

commit e54ec4b55d4dcdcf9d4164151860de2726cc0df7
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Jul 26 12:44:42 2017 -0400

    snort2lua: added config_na_policy_mode to unsupported list

commit 88dd22b5999a6f673ea747bae36060e916321c52
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Jul 25 10:02:33 2017 -0400

    snort2lua: added XFF configuration to unsupported list

commit f38d8334ba8de1e964daed54212b8d448d1408bf
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Jul 28 09:58:40 2017 -0400

    snort2lua: added ability to add top level unsupported comments

commit f3a06388660ceb897d37b0d3527f005d1d5936b7
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Jul 24 10:29:23 2017 -0400

    snort2lua: condensed failed_conversion to one method

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 1 Aug 2017 21:30:55 +0000 (17:30 -0400)]

Merge pull request #983 in SNORT/snort3 from stdlog to master

Squashed commit of the following:

commit c8d172dc28a8157129d8426255d40fa4a3acd645
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 1 08:52:05 2017 -0400

stdlog: support snort 3> log for text alerts

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 1 Aug 2017 14:08:40 +0000 (10:08 -0400)]

Merge pull request #971 in SNORT/snort3 from bug233728 to master

Squashed commit of the following:

commit 93e0c40389cd89b42a8f98449e3b005b787694a0
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Jul 25 15:42:18 2017 -0400

utils: wrap snprintf() with safe_snprintf()

commit | commitdiff | tree

Russ Combs [Mon, 31 Jul 2017 01:10:59 +0000 (21:10 -0400)]

Squashed commit of the following:

commit c3a1640d50792c59d25736b4f7355050d8079b48
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 20:05:10 2017 -0400

    data_log: update to new http_inspect

commit 3867148695e9e3a7a78c1fd4c802b08ee18f8e54
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 13:26:37 2017 -0400

    unified2: tweak event3 prefix for consistent common prefix

commit e429a7d13b0da2f186fe32674d5f1baa17fbed63
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 11:52:04 2017 -0400

    pop: service name is pop3

commit 07cf602ec7acd43742c48b7fbbc279e624a18852
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 11:45:04 2017 -0400

    fragbits: reset on begin

commit c8cd7a0ebeadc708fb4b81fe8a481751bf03a647
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 11:44:16 2017 -0400

    normalizer: remove non-inline warning since still counting conditions

commit 56c3929ae45f8df82042981d7312b4ab05fd5498
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 30 10:29:07 2017 -0400

    conf: align default conf closer to 2.X

commit | commitdiff | tree

Russ Combs [Sat, 29 Jul 2017 23:20:03 +0000 (19:20 -0400)]

Squashed commit of the following:

commit 0166dd6c1dc4b559ef0203dedd459292fef1b1d1
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 17:09:45 2017 -0400

    alerts: add log_references to store and log rule references with alert_full

commit 4542dcc4fa7cb2e3d5b6ebaf150f0fe99cd68320
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 15:36:02 2017 -0400

    memory: use allocation / deallocation overrides where appropriate

commit 0c33d17bfac612dbf0a65e3df19c42d7dd08c080
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 10:24:22 2017 -0400

    rules: warn only once per gid:sid of no fast pattern

commit 7448d1ab5abd7ae216c9f67bf02e5429245032bc
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 09:53:40 2017 -0400

    cleanup: remove otn cruft

commit 48a3e731f039f68584dc77240b5b2738a9c0ad3b
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 09:44:42 2017 -0400

    startup: add warnings count to validate statement

commit f1a4f2575293fcd3895b91e8f767a0afa8e725cb
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 29 09:26:49 2017 -0400

    snort.lua: tweak comments

commit 5851d54ad71a18912a0fff6ebfcd2882047a500b
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 28 21:45:38 2017 -0400

    snort2lua: do not convert sameip; handle same as ftpbounce (no longer supported)

commit ded10c2e8c3539354102137de3ca90fa8d1ebbb0
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 28 21:18:46 2017 -0400

    messages: output startup warnings and errors to stderr instead of stdout

commit | commitdiff | tree

Russ Combs (rucombs) [Sat, 29 Jul 2017 17:55:27 +0000 (13:55 -0400)]

Merge pull request #981 in SNORT/snort3 from siri1 to master

Squashed commit of the following:

commit 715c0a144bfe9fb3617b3c2b6aad2e7a6a5b68d9
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jul 28 17:18:05 2017 -0400

Enable SSL certificate pattern matching for AppId.

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 28 Jul 2017 23:43:01 +0000 (19:43 -0400)]

Merge pull request #980 in SNORT/snort3 from icmp_flowkey_fix to master

Squashed commit of the following:

commit 4c5be44956af918f64b08681bce4ae5f68199205
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Jul 28 12:41:20 2017 -0400

Fixed valgaind error on ICMP session flow key

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 28 Jul 2017 21:46:12 +0000 (17:46 -0400)]

Merge pull request #978 in SNORT/snort3 from default_conf to master

Squashed commit of the following:

commit 3ba8c2e107703368af3012e89dae0e0be79e9fe1
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 27 02:30:28 2017 -0400

conf: expand default conf for completeness and clarity

commit | commitdiff | tree

Russ Combs [Fri, 28 Jul 2017 02:51:20 +0000 (22:51 -0400)]

Squashed commit of the following:

commit 8789b7d3be1a86dbdaafe3617211df9e046024f0
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 27 21:46:30 2017 -0400

sip_stat_code: fix zero initialization

commit | commitdiff | tree

Michael Altizer (mialtize) [Thu, 27 Jul 2017 23:21:04 +0000 (19:21 -0400)]

Merge pull request #977 in SNORT/snort3 from acfull_case to master

Squashed commit of the following:

commit 19ac03abda583aecef298a269f2eae3ae11ae5a9
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 27 16:25:47 2017 -0400

search_engines: Fix case sensitive ac_full DFA matching

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 27 Jul 2017 04:21:21 +0000 (00:21 -0400)]

Merge pull request #976 in SNORT/snort3 from rule_related to master

Squashed commit of the following:

commit fd08d96e5f41c24e96f5555578d15cccaf4ce5b1
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 26 22:28:48 2017 -0400

    replace: fix activation sequence

commit 6cb3374b90baffb20abe8b59e2733aea27730127
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 26 15:34:15 2017 -0400

    replace: move enable checks to runtime

commit | commitdiff | tree

Michael Altizer (mialtize) [Wed, 26 Jul 2017 22:09:00 +0000 (18:09 -0400)]

Merge pull request #973 in SNORT/snort3 from luajit2.1 to master

Squashed commit of the following:

commit f045f39c17101ba845ffa94ed2c24b6599df49c4
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jul 26 16:34:03 2017 -0400

appid: Fix build with LuaJIT 2.1

commit | commitdiff | tree

Russ Combs [Wed, 26 Jul 2017 00:18:35 +0000 (20:18 -0400)]

Squashed commit of the following:

commit e7a81fd578f78d196970fc0653f509bf6c4d488d
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 20:18:02 2017 -0400

build: 239

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 25 Jul 2017 22:19:59 +0000 (18:19 -0400)]

Merge pull request #969 in SNORT/snort3 from more_fixups to master

Squashed commit of the following:

commit 0fb55e66df5bc2e7d0460a7b68e6cc18ab065a74
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 08:18:41 2017 -0400

    wizard: fix imap spell

commit 4ce133ae28a3c9b8dee4806ec8410a18a19a79e1
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:59:30 2017 -0400

    rules: remove sample.rules; Talos will publish Snort 3 rules on snort.org

commit ab8b4cd45048844dcd50865bf1fe190cfada093c
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:56:10 2017 -0400

    logging: fix handling of out of range timeval; thanks to kamil@frankowicz.me for reporting the issue

commit c336f991319db2a0c4cda66dc4c3c8c8c25fb33f
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 25 07:35:50 2017 -0400

    wizard: fix direction issue

commit | commitdiff | tree

Russ Combs [Tue, 25 Jul 2017 02:22:07 +0000 (22:22 -0400)]

Squashed commit of the following:

commit 29b45abd4e2bd3bc92bfafb0c5b8e423b46ffa95
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 21:14:47 2017 -0400

    build 238

commit 61919ae2037a5a2cdea1fe6a03a4b69e62b2cbcc
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 20:03:27 2017 -0400

    ipv6: fix flow label access method; thanks to schrx3b6 for the patch

commit d78852a6cd2749b0deb1bd7aa42343d4fd09d6f7
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 16:36:48 2017 -0400

    doc: update rules differences

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 24 Jul 2017 21:22:52 +0000 (17:22 -0400)]

Merge pull request #968 in SNORT/snort3 from more_cleanup to master

Squashed commit of the following:

commit e40b6094dd3f8d9d13c9dc46a0b1e36ecba71be0
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 11:09:22 2017 -0400

    snort2lua: fix fast_pattern:only handling

commit 2a1c414b1eb430f746e21212a02a659839b329d4
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 10:31:06 2017 -0400

    policy: remove superfluous set(get())

commit e5e35b9f0368195eff5784bac931574d4f86cdff
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 07:37:17 2017 -0400

    conf: fix default builtin rule path

commit 8c6facee635e17a37aaa6975041bd2870457272a
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 24 07:31:47 2017 -0400

    doc: update default manuals

commit 1d608129a4458c7680043f56955c62460f048923
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 23 22:58:01 2017 -0400

    messages: remove __FILE__ and __LINE__ from non-debug messages

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 24 Jul 2017 20:00:24 +0000 (16:00 -0400)]

Merge pull request #965 in SNORT/snort3 from flow_key to master

Squashed commit of the following:

commit 9e4b59fa1cf59d646b01fc43b74831ac91921743
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Jul 17 10:32:07 2017 -0400

Add ip_proto as part of flow key

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 24 Jul 2017 14:58:44 +0000 (10:58 -0400)]

Merge pull request #967 in SNORT/snort3 from bugz_r_us to master

Squashed commit of the following:

commit be1b03e0e98f494e9019893110b0ec87853861c2
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 23 13:26:16 2017 -0400

    rules: promote metadata:service to a separate option since it is not metadata

commit 945d393f54d57cf1aa489b08e5e04141ef65532d
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 13:42:19 2017 -0400

    loggers: remove units options; all limits expressed in MB

commit e7773535fe30cde5fa146ffb063850a4fe8670d1
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 09:18:42 2017 -0400

    text logs: fix default unlimited file size

commit f2d3ff50bf34fe527b5079212e39914170ab5bd9
Author: Russ Combs <rucombs@cisco.com>
Date:   Sat Jul 22 00:19:04 2017 -0400

    doc: update differences

commit 9eb65c1f15db9d6044e7f5b2b7b8782ef5ce4820
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 20:46:39 2017 -0400

    u2: remove obsolete configurations

commit 74e3cbfcf68bcd505a3166272a060dd32bc6513c
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 20:45:23 2017 -0400

    check: update hyperscan and regex tests

commit 37bdac9cffb927e473295fc667b50f9967880968
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 14:31:00 2017 -0400

    mpse: make regex capability generic

commit fabbd5e454a53e4733699b8eeca40563dc9a5d5a
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Jul 21 13:30:08 2017 -0400

    regex: fix pass through of mpse flags to hyperscan
    mpse: only use literals for fast patterns if search_method is not hyperscan

commit | commitdiff | tree

Tom Peters (thopeter) [Fri, 21 Jul 2017 19:29:22 +0000 (15:29 -0400)]

Merge pull request #966 in SNORT/snort3 from nhttp82 to master

Squashed commit of the following:

commit 4c13fff1d7016433321abccecaa42fc9900492b5
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 13 16:08:57 2017 -0400

http_inspect: added 119:97 for lower case letters in version field

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 21 Jul 2017 15:37:09 +0000 (11:37 -0400)]

Merge pull request #961 in SNORT/snort3 from snort2lua_fnamestack to master

Squashed commit of the following:

commit 9ad1c364f5631e22d35a19f76defd88305cbeb06
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jul 18 10:29:02 2017 -0400

snort2lua: Fixed incorrect file names errors

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 20 Jul 2017 16:38:55 +0000 (12:38 -0400)]

Merge pull request #964 in SNORT/snort3 from nits_and_grits to master

Squashed commit of the following:

commit 8a9301b3318e3cd9779a520e2bdd8e52833a29d7
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Jul 20 09:04:23 2017 -0400

    snort2lua: move footprint to stream from stream_tcp

commit 0602ec6263c736d17e5eba9b13ebb3a3c18aac96
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 22:55:15 2017 -0400

    replace: remove cruft

commit 609631a398dfb05d355cc1c16739566644f965fb
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 21:43:32 2017 -0400

    spell check: fix message and comment typos

commit cdc2199a4f95ac75b11d83ce312f4a91a2393673
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 19:07:20 2017 -0400

    replace: do not trip over fast pattern only

commit 14d34229049e390f4dbf0d59706be84c93d453b6
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 18:41:51 2017 -0400

    detection: fix debug print of fast pattern only

commit 38ffacf6b1023643daed77bbaacf98987d8cc522
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 21:31:49 2017 -0400

    stream: fix user dependency on flush bucket

commit 11bd8c0da6a51e66f70184be76c3de32ab73afac
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 21:09:59 2017 -0400

    doc: tweak concepts and differences

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 20 Jul 2017 16:38:38 +0000 (12:38 -0400)]

Merge pull request #963 in SNORT/snort3 from u2 to master

Squashed commit of the following:

commit d6046ce8e164daf3b8a54e2e429d71b227db13b5
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 20:13:36 2017 -0400

    u2: support mixed IP versions

commit d0b5682dab42f3cbb67a6e71e794e4fe97533acb
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jul 19 08:19:32 2017 -0400

    u2: convert thread local buffers to heap

commit 126a9f8df065e784c1c5dc3905cb5dca1666167f
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Jul 18 10:20:25 2017 -0400

    u2: add event3 to u2spewfoo

commit f27161d1460caf7ee13c3bee0b1107eb8c640cfc
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 17 08:17:24 2017 -0400

    u2: deprecate ip4 and ip6 specific events and add a single event for both

commit c7f6d52513f0f934b9a6f6eef4c6a9abd3b19c82
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 9 22:47:38 2017 -0400

    u2: remove aliases

commit e2df358ebfbb746bace58ae83b437c3d64a1e90a
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Jul 9 22:43:11 2017 -0400

    u2: remove cruft

commit | commitdiff | tree

Tom Peters (thopeter) [Thu, 20 Jul 2017 14:24:35 +0000 (10:24 -0400)]

Merge pull request #962 in SNORT/snort3 from file_exit to master

Squashed commit of the following:

commit e98b26a5bff62e131c9a9552d70b14416006f0f5
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 18 16:26:48 2017 -0400

two fixes to file capture exit

commit | commitdiff | tree

Tom Peters (thopeter) [Wed, 19 Jul 2017 20:31:36 +0000 (16:31 -0400)]

Merge pull request #960 in SNORT/snort3 from dump_buffer to master

Squashed commit of the following:

commit 3a0feab9993894fc00bcfdebb77e11b537ca0e35
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 29 11:40:05 2017 -0400

Rule evaluation trace utility

commit | commitdiff | tree

Tom Peters (thopeter) [Mon, 17 Jul 2017 22:49:09 +0000 (18:49 -0400)]

Merge pull request #941 in SNORT/snort3 from pkt_trace to master

Squashed commit of the following:

commit dfec01c9671e3d12df4d89b4fd45c35f5cd3834a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jun 29 17:21:10 2017 -0400

add packet trace feature

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 17 Jul 2017 21:31:04 +0000 (17:31 -0400)]

Merge pull request #959 in SNORT/snort3 from fbs_base to master

Squashed commit of the following:

commit d4ea6f978fc4a295bbb32730c864f2763fbb6f84
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Jul 12 14:51:46 2017 -0400

fixed main table (perf_monitor) having same name as pegs for perfmon field

commit | commitdiff | tree

Russ Combs (rucombs) [Sat, 15 Jul 2017 20:18:50 +0000 (16:18 -0400)]

Merge pull request #958 in SNORT/snort3 from rpc to master

Squashed commit of the following:

commit d9fd7c240d7a7787eaf81239ae8e9b3719c07d13
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 15 10:32:33 2017 -0400

rpc: revert to positional params, fix tcp logic, clean up formatting

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 14 Jul 2017 21:46:12 +0000 (17:46 -0400)]

Merge pull request #957 in SNORT/snort3 from diecpm to master

Squashed commit of the following:

commit 00299b5b93b7e05a1948b57fcdd2fa0a66d28ae4
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 14 15:45:47 2017 -0400

    cpputests: Clean up some header include issues

commit abcebef25cfcfb0e42f50789a043232f0ee619cb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 14 13:47:15 2017 -0400

    search_engines: Remove Intel Soft CPM support

    In existing configurations converted by snort2lua, the search method
    will be replaced with hyperscan instead.

commit | commitdiff | tree

Tom Peters (thopeter) [Fri, 14 Jul 2017 15:51:35 +0000 (11:51 -0400)]

Merge pull request #956 in SNORT/snort3 from nhttp81 to master

Squashed commit of the following:

commit 70455188e2954b95107457eefe85937439c271b5
Author: Tom Peters <thopeter@cisco.com>
Date:   Mon Jul 10 12:26:42 2017 -0400

    http_inspect: specific alert added 119:95 for Content-Encoding chunked.
    http_inspect: alert 119:96 added for unsolicited 206 response.
    file_api: memory leak fixed

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 13 Jul 2017 22:04:00 +0000 (18:04 -0400)]

Merge pull request #955 in SNORT/snort3 from socket to master

Squashed commit of the following:

commit d17f51f98e70d8641e4bb971a820e581f661da7d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 13 10:42:14 2017 -0400

daq_socket: update to support query of pci

commit | commitdiff | tree

Russ Combs [Thu, 13 Jul 2017 11:05:40 +0000 (07:05 -0400)]

build 237

commit | commitdiff | tree

Michael Altizer (mialtize) [Wed, 12 Jul 2017 17:48:32 +0000 (13:48 -0400)]

Merge pull request #954 in SNORT/snort3 from snort2lua_fnames to master

Squashed commit of the following:

commit 3e50cb7c54a20d79b402ec424fa8195bd4078d54
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Jul 12 12:21:48 2017 -0400

    refactored line and file number to method in snort2lua

commit 7b734b33ce1d569c52d86d822a0cc8b03eceb8a5
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Jul 11 16:48:35 2017 -0400

    added line number and file name to snort2lua error output

commit | commitdiff | tree

Tom Peters (thopeter) [Wed, 12 Jul 2017 15:41:21 +0000 (11:41 -0400)]

Merge pull request #949 in SNORT/snort3 from appid_sync_feat_open_appid to master

Squashed commit of the following:

commit fae02d7b055f89b87da8370803376cdabefc5def
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Jul 5 08:38:58 2017 -0400

port features from snort 2.9.x enabled by FEAT_OPEN_APPID compile time symbol

commit | commitdiff | tree

Hui Cao (huica) [Wed, 12 Jul 2017 14:03:28 +0000 (10:03 -0400)]

Merge pull request #936 in SNORT/snort3 from snort3_flowdata2 to master

Squashed commit of the following:

commit 95ca96d339dfb178f5ed394a0e7a15c17e458a58
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 23 15:32:18 2017 -0400

Changed FlowData::get_flow_id to get_flowdata_id to avoid confusion.

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 11 Jul 2017 17:24:47 +0000 (13:24 -0400)]

Merge pull request #952 in SNORT/snort3 from fixups to master

Squashed commit of the following:

commit e6a65d1395eaa1f5da5c5f7b3f3e8e713de161c3
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 19:11:07 2017 -0400

    ip and tcp options: reformat for consistency

commit 8dd7f558b4d5c8eb890f93e0635c959b43de5a18
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 16:11:59 2017 -0400

    ip and tcp options: print the correct octets

commit e9eb69680b352445e7c0d55211e926ef7f6913b1
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 11:25:22 2017 -0400

    detect: release any helpers from an undetected PDU upon finish

commit 917e02259ad61b1fde19641acbb9d8095cc18741
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Jul 10 11:24:29 2017 -0400

    ip and tcp options: use max opts len to squelch bogus reinterpret cast overrun

commit | commitdiff | tree

Michael Altizer (mialtize) [Tue, 11 Jul 2017 16:57:07 +0000 (12:57 -0400)]

Merge pull request #948 in SNORT/snort3 from extrabuild to master

Squashed commit of the following:

commit 4d7e8a276f0d2e0e901b548d781de6af83fd9d07
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jul 7 13:56:26 2017 -0400

    build: Add support for appending EXTRABUILD to the BUILD string

    If EXTRABUILD is defined in the preprocessor flags, it will be appended
    to the BUILD string and reported in all such places that use it like
    snort -V.

    For example, if one configures with CPPFLAGS="-DEXTRABUILD=.1", the
    resulting snort -V output will look something like this:

       ,,_     -*> Snort++ <*-
      o"  )~   Version 3.0.0-a4 (Build 236.1) from 2.9.8-383
       ''''    By Martin Roesch & The Snort Team

Mirror of https://github.com/snort3/snort3.git

RSS Atom