]>
git.ipfire.org Git - thirdparty/snort3.git/log
Russ Combs (rucombs) [Fri, 1 Sep 2017 17:25:44 +0000 (13:25 -0400)]
Merge pull request #1004 in SNORT/snort3 from xcode to master
Squashed commit of the following:
commit
657e650852af9bc8a0c39dc986aa94edc1364f21
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 1 09:02:29 2017 -0400
analyzer: fix possible leak upon appid info table entry dup
commit
ade6ed67f5602ffca18447d0b0ac1ad67da4fcd9
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 1 08:50:07 2017 -0400
analyzer: fix possible memory leak in side channel
commit
27a9d0a40ec991b938d1f801b32e7fb9fb507ea8
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Aug 31 19:46:22 2017 -0400
analyzer: fix missing braces around subobj initialization in flow key
Russ Combs (rucombs) [Thu, 31 Aug 2017 16:53:59 +0000 (12:53 -0400)]
Merge pull request #1002 in SNORT/snort3 from sum_stuff to master
Squashed commit of the following:
commit
322d34f0cc28f97723877caa123853b9c93929b8
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 29 09:58:51 2017 -0400
doc: add module usage and peg count type
commit
fc9228831b4d5947e5f79470c5ce2aab1b178c16
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 29 09:37:08 2017 -0400
modules: add usage designating global, context, inspect, or detect policy applicability
commit
71854c80f788d5419488cd08329b12284c427a5a
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 28 20:42:55 2017 -0400
stats: use peg info to accumulate by type
commit
8ce4e18e7035c13101663aa429ae3004824bc7d5
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 27 19:16:12 2017 -0400
pegs: add count type to info
commit
84348164529f752b20e5cad3e507454192332e4b
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 19 15:48:21 2017 -0400
snort2lua: search_engine.split_any_any now defaults to true
commit
2b4a49c31e965c6d493c3683fc8a0f1283f45656
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 19 15:23:14 2017 -0400
snort: -T does not compile mpse; --mem-check does
Hui Cao (huica) [Tue, 29 Aug 2017 19:49:12 +0000 (15:49 -0400)]
Merge pull request #1001 in SNORT/snort3 from unified4 to master
Squashed commit of the following:
commit
b7a3b06b5d87fdbe3a920d0f96469b2131c9146a
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 29 08:50:17 2017 -0400
Install sfdaq.h and application_ids.h needed by Firewall changes.
Tom Peters (thopeter) [Tue, 29 Aug 2017 19:21:11 +0000 (15:21 -0400)]
Merge pull request #1000 in SNORT/snort3 from appid_lua_api to master
Squashed commit of the following:
commit
7b72de2271ba9a9e6d1ff5d6482a4c61911bb76c
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Aug 28 13:55:44 2017 -0400
fix memory leak in http pattern matching, minor cleanups
Tom Peters (thopeter) [Mon, 28 Aug 2017 20:38:09 +0000 (16:38 -0400)]
Merge pull request #995 in SNORT/snort3 from peg_max_conc_p2 to master
Squashed commit of the following:
commit
92c5a4145ce11a5610b88afb3120a75d3354178e
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Aug 11 15:40:19 2017 -0400
add peg count for max concurrent sessions - part2
Tom Peters (thopeter) [Mon, 28 Aug 2017 15:57:54 +0000 (11:57 -0400)]
Merge pull request #999 in SNORT/snort3 from icmp6_key to master
Squashed commit of the following:
commit
e32554194296dd73fe13ed6bf9b7754d0d988d67
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Aug 22 13:23:06 2017 -0400
Updated to support associating router solicit/reply packets to a single session
Russ Combs (rucombs) [Fri, 25 Aug 2017 12:54:58 +0000 (08:54 -0400)]
Merge pull request #998 in SNORT/snort3 from nhttp86-cleanups to master
Squashed commit of the following:
commit
b408bba53c50afc7f7235ea914bbac87dadb3b71
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Aug 24 14:09:05 2017 -0400
.
commit
8ee92a53acf58c2dfc829add2c663de2ba4419a6
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 25 11:37:43 2017 -0400
NHI bug fix plus cleaned up a bunch of stuff.
Russ Combs (rucombs) [Fri, 25 Aug 2017 12:39:46 +0000 (08:39 -0400)]
Merge pull request #997 in SNORT/snort3 from port_table_cruft to master
Squashed commit of the following:
commit
d52c5cac7ed64dc56f80f2b78f10e065c88d1320
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 23 15:42:04 2017 -0400
snort: disallow invalid port range !:65535 (!any)
commit
dd620176da4daaccee9a56827f00d2a0e73bcfd3
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 23 15:01:02 2017 -0400
snort: remove port object cruft
Michael Altizer (mialtize) [Mon, 21 Aug 2017 22:11:58 +0000 (18:11 -0400)]
Merge pull request #996 in SNORT/snort3 from warnings to master
Squashed commit of the following:
commit
74780ac195a4bd913c9eda6a0c6d9d14698f431d
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Aug 18 16:16:13 2017 -0400
build: Clean up some more compiler warnings and remove spurious tabs
Russ Combs [Sat, 19 Aug 2017 02:24:02 +0000 (22:24 -0400)]
Squashed commit of the following:
commit
ee787c62ce89880b0dd6a0b2df06886f0e171e3b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 18 20:54:07 2017 -0400
snort2lua: fix borked build broke by binder order
Michael Altizer (mialtize) [Fri, 18 Aug 2017 20:47:49 +0000 (16:47 -0400)]
Merge pull request #991 in SNORT/snort3 from binder_order to master
Squashed commit of the following:
commit
0a44cace2f0cb9798caf59a9f6aba64f21c73de3
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Aug 14 12:19:28 2017 -0400
snort2lua: enforced ordering to bindings in binder table
commit
4d9a66aefe11ea13f20d2468fccfd140cb18df09
Author: Carter Waxman <cwaxman@cisco.com>
Date: Thu Aug 10 17:56:35 2017 -0400
snort2lua: removed dead code
Tom Peters (thopeter) [Fri, 18 Aug 2017 19:22:27 +0000 (15:22 -0400)]
Merge pull request #993 in SNORT/snort3 from nhttp85 to master
Squashed commit of the following:
commit
f9f1973bb5bd6e38b5b2b974bb202396f048cb6f
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Aug 1 14:11:54 2017 -0400
http_inspect: create message sections with body data that has been dechunked and unzipped but not otherwise nortmalized.
Russ Combs (rucombs) [Fri, 18 Aug 2017 14:53:04 +0000 (10:53 -0400)]
Merge pull request #994 in SNORT/snort3 from elk to master
Squashed commit of the following:
commit
573659a4166f5e1c9583383d7bf0bddbee4472a5
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Aug 17 15:22:54 2017 -0400
csv: updates
commit
d566f6bb98497dd76baea1b88f451509a7291b96
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Aug 17 15:11:50 2017 -0400
b64: updates
commit
c25181487233e22511dcd7d5c2f06ba2ad6cf5a2
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 16 13:45:31 2017 -0400
appid: convert appid_stats.log from u2 to csv
commit
c882db6d3c1901bb3f42e38f733cb70632f3139e
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 16 11:48:23 2017 -0400
configure: add --disable-stdlog for cases where logging alerts to file descriptor 3 is unhelpful
commit
6d3c8c3d4c365e8d99866ada71ecc1b039e2c00b
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 16 11:22:48 2017 -0400
cleanup: remove rogue HAVE_CONFIG_H from includes
commit
d302999d9e784d6a6e2fe8e18514be33b2a3d470
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 16 11:17:54 2017 -0400
appid: tweak help for instance_id
commit
2b135326f84f4047aaef5336c7bc31948607d1d5
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 14 12:56:28 2017 -0400
stream_tcp: ensure max pdu is flushed by default splitter
commit
7f5eb5649c0f7012c518b5197c77c4b320407841
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 13 20:39:22 2017 -0400
unified2: log buffers as cooked packets with legacy events
commit
946b93bdb7aa35d23b259cb769e2eac940254ad7
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 13 07:32:07 2017 -0400
build: fix unused parameter warning
commit
4c7e0c61a43102c803c34ca22fe919e2998a941b
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 12 16:05:10 2017 -0400
conf: fix default classification capitalization
commit
a9ccc441b02898f6c9e6471404ced30a1f17f312
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 13 07:28:57 2017 -0400
alert_csv: add vlan and mpls options
commit
666b46fd3a976da03840aedf93f5522a639e0de9
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 12 10:25:32 2017 -0400
alert_csv: add b64_data, rename dgm_len to pkt_len
commit
64889ec87c4a8c953742a7a828d968334439ef48
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 12 10:24:04 2017 -0400
loggers: add base64 encoder based on libb64 from devolve
commit
dfb8e204bcc8d6232b51fdd47ef91ac5d4609f8d
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 11 22:32:17 2017 -0400
alert_csv: add class, priority, and service options
commit
c39d12177bf9a4f304a2801dca1c4edb9b3b8f18
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 11 22:32:01 2017 -0400
loggers: use standard year/mon/day format
Russ Combs (rucombs) [Thu, 17 Aug 2017 17:59:29 +0000 (13:59 -0400)]
Merge pull request #990 in SNORT/snort3 from port_reload_performance_fixes_2 to master
Squashed commit of the following:
commit
8c1d83e9188cc38480fbfc99c363608ecd4ca93b
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 17 08:58:02 2017 -0400
snort: Use Debug::enable for runtime check
commit
1c5791908d3e286db0d25b57a1c9d556aad14883
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 16 14:36:05 2017 -0400
snort: more review comments
commit
b6c48d7096add2a9cc0df8af0b7877996b7ab470
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 16 09:20:15 2017 -0400
snort3: update based on review comments
commit
e1bd664d7cfd6766e98ddb39e715ceab2879d678
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Aug 15 15:57:05 2017 -0400
snort: move debug code into the ifdef DEBUG
commit
1b1350a638cac3355ba0bb80d99298e8f7fd59e6
Author: Victor Roemer <viroemer@cisco.com>
Date: Fri Aug 11 15:45:54 2017 -0400
search_engines: only add state to queue once
commit
16069bfce5ffe09d5a52531cf32da305cf28d8d1
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 10 13:31:09 2017 -0400
snort: remove duplicate function declaration
commit
42a2156b3b08232fd6032a7c27d3558fb29dcee2
Author: Victor Roemer <viroemer@cisco.com>
Date: Mon Aug 7 18:21:54 2017 -0400
snort: port the optimized port table compilation from 2.9.12
Incomplete port of port, some things require reworking since PortObjectItem changed so much in Snort3
Russ Combs (rucombs) [Wed, 16 Aug 2017 02:07:31 +0000 (22:07 -0400)]
Merge pull request #992 in SNORT/snort3 from rm_peg_count_assert to master
Squashed commit of the following:
commit
2d9ac5528e31a1cf146d22c6b8f42cbedcfd440a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Aug 15 18:46:59 2017 -0400
changed concurrent_sessions stats assert() to if()
Tom Peters (thopeter) [Tue, 15 Aug 2017 16:30:51 +0000 (12:30 -0400)]
Merge pull request #988 in SNORT/snort3 from max_cocurr_session_peg to master
Squashed commit of the following:
commit
86a1cc3153f86bdc73d168ac16dd414f842e8010
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Aug 10 16:17:10 2017 -0400
Added peg count for max concurrent sessions to service inspectors
Russ Combs (rucombs) [Mon, 14 Aug 2017 20:28:10 +0000 (16:28 -0400)]
Merge pull request #989 in SNORT/snort3 from pause_fix to master
Squashed commit of the following:
commit
22cbf9fe707272c9549ec81125fec4fbc69d961e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri Aug 11 13:34:12 2017 -0400
main: Fix pause command issued from command line to accept control commands while in paused state
commit
8519c9d98ebc9375e66234de9aa3a6d108d27fd8
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri Aug 11 12:46:48 2017 -0400
main: Fix pause command issued from command line to accept control commands while in paused state
Russ Combs (rucombs) [Fri, 11 Aug 2017 16:31:22 +0000 (12:31 -0400)]
Merge pull request #975 in SNORT/snort3 from delete_inspector to master
Squashed commit of the following:
commit
bc33c5a6534764063530ab181422f6a0bb6ac9d1
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 11:05:30 2017 -0400
control: delete inspector from the default inspection policy
Russ Combs (rucombs) [Fri, 11 Aug 2017 16:24:30 +0000 (12:24 -0400)]
Merge pull request #986 in SNORT/snort3 from act_u2x_len to master
Squashed commit of the following:
commit
f17065bd7092acee1aa4c856b04d5cfbc2e62807
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 9 18:19:53 2017 -0400
appid: fix match vector clearing
commit
c1478fac6dd1cdf717948ef64c1db03545ce4cfd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 9 18:21:34 2017 -0400
unified2x: remove obsolete logger; use unified2.legacy_events = true instead
commit
377062a71f6330f26b3033d863da50b56abfb7f2
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 9 10:53:12 2017 -0400
unified2: add legacy_events bool for out-of-date barnyard2
commit
69f2dd344c991f1a56e5b93f31d8e49843dbcf6e
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 8 22:02:08 2017 -0400
u2: remove obsolete test mode unlink
commit
7277dc3e62677f704bfe9b9bad207997e70687ca
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 8 07:32:26 2017 -0400
build: remove obsolete WIN32 snippets
commit
4a64e358bf62a8601eada87e1f3158e34f0c6a9a
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 7 18:05:27 2017 -0400
build: fix mac / clang build
commit
c5b37ac2fb963d9d11f532160ca6e977cabf2cd5
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 7 18:05:00 2017 -0400
spell: fix bufferlen help typo
Russ Combs (rucombs) [Thu, 10 Aug 2017 14:42:26 +0000 (10:42 -0400)]
Merge pull request #985 in SNORT/snort3 from multi_binder to master
Squashed commit of the following:
commit
03b16f35970939c4a3ad6acebaa0ed5dca7a5a31
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Aug 4 14:07:32 2017 -0400
snort2lua: removed excessive newlines from binder output
commit
a0d7c06663c85b06a85aa6830ff5b88b20289a5e
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Aug 4 10:39:14 2017 -0400
snort2lua: bindings now merge and propagate to top level of corresponsing policy
Russ Combs (rucombs) [Tue, 8 Aug 2017 20:01:51 +0000 (16:01 -0400)]
Merge pull request #979 in SNORT/snort3 from pkt_tracer_p2 to master
Squashed commit of the following:
commit
c171b98fe8535d65293d2ea0694d09cbe6a42c9a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jul 27 16:24:39 2017 -0400
add support of writing packet trace to DAQ
Russ Combs [Mon, 7 Aug 2017 02:20:21 +0000 (22:20 -0400)]
Squashed commit of the following:
commit
bb852740170eedb059ad0453f80bdf069b79310b
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 6 21:14:46 2017 -0400
snort: exit with zero from usage
commit
262814841a5060e349daf357a72146cb921eb7bc
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 6 20:27:40 2017 -0400
snort: add --dump-msg-map
commit
c7db261aea251d9c8a887f28784dea9235483d82
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 6 19:40:05 2017 -0400
snort: fix --dump-builtin-rules to accept optional module prefix
commit
b1987eb132b7bdfdc6c43a9f4f80a4e46ddb3e68
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Aug 6 09:20:02 2017 -0400
unified2: resurrect old u2 as unified2x in extra until new u2 events are supported
Russ Combs [Sat, 5 Aug 2017 15:56:54 +0000 (11:56 -0400)]
Squashed commit of the following:
commit
3b226926b43af0665ba14c502c4a23cd8589811a
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Aug 5 10:55:06 2017 -0400
rules: make table consistency checks debug only
commit
1f1901fecb88d2871fb4088d6f5f0955767ea5a3
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 4 14:01:13 2017 -0400
doc: add stdlog usage example
commit
f7f4dd5cef22a138582fe8ecad2d03f0b8a8e611
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 4 13:26:46 2017 -0400
build: remove a4 from version string
commit
057220564faa84541f3882b2ea4e1d04df33557a
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 4 12:13:32 2017 -0400
conf: convert string ranges to interval params
commit
2c997e0a969bea72bd641e519e48de4052753a16
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 4 11:03:29 2017 -0400
conf: add explicit interval type
commit
756be7ac77ae96ef026aa92a4af268708ebf4748
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 4 07:32:40 2017 -0400
spell check: fix typo
commit
fc7830bd27d6718a4bd439cde33bfc641d8363b7
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Aug 3 22:02:35 2017 -0400
snort2lua: convert dsize:a<>b to dsize:a<=>b for consistency with other rule options
Russ Combs (rucombs) [Fri, 4 Aug 2017 16:36:21 +0000 (12:36 -0400)]
Merge pull request #953 in SNORT/snort3 from reload_inspector to master
Squashed commit of the following:
commit
c5ec856a1fd022d83fddc05eac88aa5969dede2c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Aug 3 23:53:09 2017 -0400
control: dev notes updates, updates to code per review
commit
4c020ea967d22d3db38468fd46810c304bbba64e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Jul 31 09:35:40 2017 -0400
control: updates to reload_policy per review
commit
a1218168afb28e65253bd0a5e4984438e0214bba
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 12:39:02 2017 -0400
control: enforce fname argument for reload policy
commit
80a3a2d95d0738818017904920546e42738d3cd7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 12:17:29 2017 -0400
control: renaming the stats for policy reloads
commit
fa2456f55f3cd0925a227ca0e26083b87ee91c26
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 11:37:55 2017 -0400
control: update snort_config.cc per master
commit
408f6872cda9970d940ea8623486fdb829e36024
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sun Jul 23 16:16:49 2017 -0400
updating unit tests
commit
249eeee92fdcff74e4fd093e4c5022451aeb484f
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sat Jul 22 16:07:28 2017 -0400
control: update binder with new inspector
commit
cd0b2b8f38af2d1a38f4b6aedb574791ccf30512
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Jul 17 21:44:41 2017 -0400
control: Changes per code review : reinstantiate default binder when inspectors are enabled. rename command to reload_policy
commit
06e84c034ec8da7fe8daea2afb8d0ed9e26136cc
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri Jul 14 16:48:34 2017 -0400
control: delete the old binder while reloading inspector
commit
9b1928c8587b878b518eb7b5339ec290c613daa5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Jul 26 11:05:30 2017 -0400
control: resolve merge conflicts
Russ Combs (rucombs) [Fri, 4 Aug 2017 13:25:26 +0000 (09:25 -0400)]
Merge pull request #970 in SNORT/snort3 from port_reload_performance_fixes to master
Squashed commit of the following:
commit
def9b84906c82d9ebb5f8a85f4227e51520327f3
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 3 13:37:54 2017 -0400
dce_rpc: remove connection-oriented rules from dce_smb module
commit
324a91db775c65c34a5b0cf435768d199368c20c
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 3 12:44:41 2017 -0400
snort: keep tracking rtn after merging duplicate otns
commit
b79a20e1a45d052177ff78dff1fd4778dd956b41
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 2 14:20:50 2017 -0400
dce_rpc: Fix --enable-debug-msgs without --enable-debug
commit
e901cb79cb608603e109d199cc804e8eab285e83
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Aug 2 14:20:21 2017 -0400
snort: Fix --enable-debug-msgs
commit
733037605b804fd1a1585ff170e5da36dc39400f
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Jul 26 08:43:41 2017 -0400
snort: optimize mSplit performance
commit
f48509d9ce999a91fa1ade6009235ed32353338c
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Jul 25 10:26:09 2017 -0400
snort: Parse time RuleTreeNode hash table
commit
85c3cd141b1578200c89ee451382508e9d83732a
Author: Victor Roemer <viroemer@cisco.com>
Date: Mon Jul 24 13:40:38 2017 -0400
snort: Stop iterating over ports earlier
Russ Combs (rucombs) [Thu, 3 Aug 2017 22:16:37 +0000 (18:16 -0400)]
Merge pull request #982 in SNORT/snort3 from snort2lua_tbd to master
Squashed commit of the following:
commit
d1fa8d0f7e525c7be5834598f882681e430e1132
Author: Carter Waxman <cwaxman@cisco.com>
Date: Thu Aug 3 18:12:45 2017 -0400
snort2lua: removed dead comments
commit
86f07d1a0038cfb3da576e8bacd8af9868e9a068
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Jul 28 15:24:58 2017 -0400
snort2lua: added dynamicoutput to deleted list
commit
523ddfa51f0301c7e106c74b9745b3f35d561a6d
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Jul 28 13:59:51 2017 -0400
snort2lua: added firewall to unsupported list
commit
1021f6d10712c290986356ffc2127e24d494dd70
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Jul 28 13:36:33 2017 -0400
snort2lua: added nap_selector to unsupported list
commit
b8b058da7779c802b906813ba108cbaa10a3a11a
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Jul 28 13:19:05 2017 -0400
snort2lua: added sf_unified2 to unsupported list and matching log/alert to deleted.
commit
e54a3faff40023cecc60ec8a58c502a241c94843
Author: Carter Waxman <cwaxman@cisco.com>
Date: Thu Jul 27 12:44:03 2017 -0400
snort2lua: added config protected_content to deleted list
commit
e54ec4b55d4dcdcf9d4164151860de2726cc0df7
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Jul 26 12:44:42 2017 -0400
snort2lua: added config_na_policy_mode to unsupported list
commit
88dd22b5999a6f673ea747bae36060e916321c52
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jul 25 10:02:33 2017 -0400
snort2lua: added XFF configuration to unsupported list
commit
f38d8334ba8de1e964daed54212b8d448d1408bf
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Jul 28 09:58:40 2017 -0400
snort2lua: added ability to add top level unsupported comments
commit
f3a06388660ceb897d37b0d3527f005d1d5936b7
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Jul 24 10:29:23 2017 -0400
snort2lua: condensed failed_conversion to one method
Russ Combs (rucombs) [Tue, 1 Aug 2017 21:30:55 +0000 (17:30 -0400)]
Merge pull request #983 in SNORT/snort3 from stdlog to master
Squashed commit of the following:
commit
c8d172dc28a8157129d8426255d40fa4a3acd645
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 1 08:52:05 2017 -0400
stdlog: support snort 3> log for text alerts
Russ Combs (rucombs) [Tue, 1 Aug 2017 14:08:40 +0000 (10:08 -0400)]
Merge pull request #971 in SNORT/snort3 from bug233728 to master
Squashed commit of the following:
commit
93e0c40389cd89b42a8f98449e3b005b787694a0
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Jul 25 15:42:18 2017 -0400
utils: wrap snprintf() with safe_snprintf()
Russ Combs [Mon, 31 Jul 2017 01:10:59 +0000 (21:10 -0400)]
Squashed commit of the following:
commit
c3a1640d50792c59d25736b4f7355050d8079b48
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 20:05:10 2017 -0400
data_log: update to new http_inspect
commit
3867148695e9e3a7a78c1fd4c802b08ee18f8e54
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 13:26:37 2017 -0400
unified2: tweak event3 prefix for consistent common prefix
commit
e429a7d13b0da2f186fe32674d5f1baa17fbed63
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 11:52:04 2017 -0400
pop: service name is pop3
commit
07cf602ec7acd43742c48b7fbbc279e624a18852
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 11:45:04 2017 -0400
fragbits: reset on begin
commit
c8cd7a0ebeadc708fb4b81fe8a481751bf03a647
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 11:44:16 2017 -0400
normalizer: remove non-inline warning since still counting conditions
commit
56c3929ae45f8df82042981d7312b4ab05fd5498
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 30 10:29:07 2017 -0400
conf: align default conf closer to 2.X
Russ Combs [Sat, 29 Jul 2017 23:20:03 +0000 (19:20 -0400)]
Squashed commit of the following:
commit
0166dd6c1dc4b559ef0203dedd459292fef1b1d1
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 17:09:45 2017 -0400
alerts: add log_references to store and log rule references with alert_full
commit
4542dcc4fa7cb2e3d5b6ebaf150f0fe99cd68320
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 15:36:02 2017 -0400
memory: use allocation / deallocation overrides where appropriate
commit
0c33d17bfac612dbf0a65e3df19c42d7dd08c080
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 10:24:22 2017 -0400
rules: warn only once per gid:sid of no fast pattern
commit
7448d1ab5abd7ae216c9f67bf02e5429245032bc
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 09:53:40 2017 -0400
cleanup: remove otn cruft
commit
48a3e731f039f68584dc77240b5b2738a9c0ad3b
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 09:44:42 2017 -0400
startup: add warnings count to validate statement
commit
f1a4f2575293fcd3895b91e8f767a0afa8e725cb
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 29 09:26:49 2017 -0400
snort.lua: tweak comments
commit
5851d54ad71a18912a0fff6ebfcd2882047a500b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 28 21:45:38 2017 -0400
snort2lua: do not convert sameip; handle same as ftpbounce (no longer supported)
commit
ded10c2e8c3539354102137de3ca90fa8d1ebbb0
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 28 21:18:46 2017 -0400
messages: output startup warnings and errors to stderr instead of stdout
Russ Combs (rucombs) [Sat, 29 Jul 2017 17:55:27 +0000 (13:55 -0400)]
Merge pull request #981 in SNORT/snort3 from siri1 to master
Squashed commit of the following:
commit
715c0a144bfe9fb3617b3c2b6aad2e7a6a5b68d9
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jul 28 17:18:05 2017 -0400
Enable SSL certificate pattern matching for AppId.
Russ Combs (rucombs) [Fri, 28 Jul 2017 23:43:01 +0000 (19:43 -0400)]
Merge pull request #980 in SNORT/snort3 from icmp_flowkey_fix to master
Squashed commit of the following:
commit
4c5be44956af918f64b08681bce4ae5f68199205
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Jul 28 12:41:20 2017 -0400
Fixed valgaind error on ICMP session flow key
Russ Combs (rucombs) [Fri, 28 Jul 2017 21:46:12 +0000 (17:46 -0400)]
Merge pull request #978 in SNORT/snort3 from default_conf to master
Squashed commit of the following:
commit
3ba8c2e107703368af3012e89dae0e0be79e9fe1
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 27 02:30:28 2017 -0400
conf: expand default conf for completeness and clarity
Russ Combs [Fri, 28 Jul 2017 02:51:20 +0000 (22:51 -0400)]
Squashed commit of the following:
commit
8789b7d3be1a86dbdaafe3617211df9e046024f0
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 27 21:46:30 2017 -0400
sip_stat_code: fix zero initialization
Michael Altizer (mialtize) [Thu, 27 Jul 2017 23:21:04 +0000 (19:21 -0400)]
Merge pull request #977 in SNORT/snort3 from acfull_case to master
Squashed commit of the following:
commit
19ac03abda583aecef298a269f2eae3ae11ae5a9
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 27 16:25:47 2017 -0400
search_engines: Fix case sensitive ac_full DFA matching
Russ Combs (rucombs) [Thu, 27 Jul 2017 04:21:21 +0000 (00:21 -0400)]
Merge pull request #976 in SNORT/snort3 from rule_related to master
Squashed commit of the following:
commit
fd08d96e5f41c24e96f5555578d15cccaf4ce5b1
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 26 22:28:48 2017 -0400
replace: fix activation sequence
commit
6cb3374b90baffb20abe8b59e2733aea27730127
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 26 15:34:15 2017 -0400
replace: move enable checks to runtime
Michael Altizer (mialtize) [Wed, 26 Jul 2017 22:09:00 +0000 (18:09 -0400)]
Merge pull request #973 in SNORT/snort3 from luajit2.1 to master
Squashed commit of the following:
commit
f045f39c17101ba845ffa94ed2c24b6599df49c4
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jul 26 16:34:03 2017 -0400
appid: Fix build with LuaJIT 2.1
Russ Combs [Wed, 26 Jul 2017 00:18:35 +0000 (20:18 -0400)]
Squashed commit of the following:
commit
e7a81fd578f78d196970fc0653f509bf6c4d488d
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 20:18:02 2017 -0400
build: 239
Russ Combs (rucombs) [Tue, 25 Jul 2017 22:19:59 +0000 (18:19 -0400)]
Merge pull request #969 in SNORT/snort3 from more_fixups to master
Squashed commit of the following:
commit
0fb55e66df5bc2e7d0460a7b68e6cc18ab065a74
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 08:18:41 2017 -0400
wizard: fix imap spell
commit
4ce133ae28a3c9b8dee4806ec8410a18a19a79e1
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 07:59:30 2017 -0400
rules: remove sample.rules; Talos will publish Snort 3 rules on snort.org
commit
ab8b4cd45048844dcd50865bf1fe190cfada093c
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 07:56:10 2017 -0400
logging: fix handling of out of range timeval; thanks to kamil@frankowicz.me for reporting the issue
commit
c336f991319db2a0c4cda66dc4c3c8c8c25fb33f
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 25 07:35:50 2017 -0400
wizard: fix direction issue
Russ Combs [Tue, 25 Jul 2017 02:22:07 +0000 (22:22 -0400)]
Squashed commit of the following:
commit
29b45abd4e2bd3bc92bfafb0c5b8e423b46ffa95
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 21:14:47 2017 -0400
build 238
commit
61919ae2037a5a2cdea1fe6a03a4b69e62b2cbcc
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 20:03:27 2017 -0400
ipv6: fix flow label access method; thanks to schrx3b6 for the patch
commit
d78852a6cd2749b0deb1bd7aa42343d4fd09d6f7
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 16:36:48 2017 -0400
doc: update rules differences
Russ Combs (rucombs) [Mon, 24 Jul 2017 21:22:52 +0000 (17:22 -0400)]
Merge pull request #968 in SNORT/snort3 from more_cleanup to master
Squashed commit of the following:
commit
e40b6094dd3f8d9d13c9dc46a0b1e36ecba71be0
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 11:09:22 2017 -0400
snort2lua: fix fast_pattern:only handling
commit
2a1c414b1eb430f746e21212a02a659839b329d4
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 10:31:06 2017 -0400
policy: remove superfluous set(get())
commit
e5e35b9f0368195eff5784bac931574d4f86cdff
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 07:37:17 2017 -0400
conf: fix default builtin rule path
commit
8c6facee635e17a37aaa6975041bd2870457272a
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 24 07:31:47 2017 -0400
doc: update default manuals
commit
1d608129a4458c7680043f56955c62460f048923
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 23 22:58:01 2017 -0400
messages: remove __FILE__ and __LINE__ from non-debug messages
Tom Peters (thopeter) [Mon, 24 Jul 2017 20:00:24 +0000 (16:00 -0400)]
Merge pull request #965 in SNORT/snort3 from flow_key to master
Squashed commit of the following:
commit
9e4b59fa1cf59d646b01fc43b74831ac91921743
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Jul 17 10:32:07 2017 -0400
Add ip_proto as part of flow key
Russ Combs (rucombs) [Mon, 24 Jul 2017 14:58:44 +0000 (10:58 -0400)]
Merge pull request #967 in SNORT/snort3 from bugz_r_us to master
Squashed commit of the following:
commit
be1b03e0e98f494e9019893110b0ec87853861c2
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 23 13:26:16 2017 -0400
rules: promote metadata:service to a separate option since it is not metadata
commit
945d393f54d57cf1aa489b08e5e04141ef65532d
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 22 13:42:19 2017 -0400
loggers: remove units options; all limits expressed in MB
commit
e7773535fe30cde5fa146ffb063850a4fe8670d1
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 22 09:18:42 2017 -0400
text logs: fix default unlimited file size
commit
f2d3ff50bf34fe527b5079212e39914170ab5bd9
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 22 00:19:04 2017 -0400
doc: update differences
commit
9eb65c1f15db9d6044e7f5b2b7b8782ef5ce4820
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 21 20:46:39 2017 -0400
u2: remove obsolete configurations
commit
74e3cbfcf68bcd505a3166272a060dd32bc6513c
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 21 20:45:23 2017 -0400
check: update hyperscan and regex tests
commit
37bdac9cffb927e473295fc667b50f9967880968
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 21 14:31:00 2017 -0400
mpse: make regex capability generic
commit
fabbd5e454a53e4733699b8eeca40563dc9a5d5a
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 21 13:30:08 2017 -0400
regex: fix pass through of mpse flags to hyperscan
mpse: only use literals for fast patterns if search_method is not hyperscan
Tom Peters (thopeter) [Fri, 21 Jul 2017 19:29:22 +0000 (15:29 -0400)]
Merge pull request #966 in SNORT/snort3 from nhttp82 to master
Squashed commit of the following:
commit
4c13fff1d7016433321abccecaa42fc9900492b5
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 13 16:08:57 2017 -0400
http_inspect: added 119:97 for lower case letters in version field
Michael Altizer (mialtize) [Fri, 21 Jul 2017 15:37:09 +0000 (11:37 -0400)]
Merge pull request #961 in SNORT/snort3 from snort2lua_fnamestack to master
Squashed commit of the following:
commit
9ad1c364f5631e22d35a19f76defd88305cbeb06
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jul 18 10:29:02 2017 -0400
snort2lua: Fixed incorrect file names errors
Russ Combs (rucombs) [Thu, 20 Jul 2017 16:38:55 +0000 (12:38 -0400)]
Merge pull request #964 in SNORT/snort3 from nits_and_grits to master
Squashed commit of the following:
commit
8a9301b3318e3cd9779a520e2bdd8e52833a29d7
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 20 09:04:23 2017 -0400
snort2lua: move footprint to stream from stream_tcp
commit
0602ec6263c736d17e5eba9b13ebb3a3c18aac96
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 22:55:15 2017 -0400
replace: remove cruft
commit
609631a398dfb05d355cc1c16739566644f965fb
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 21:43:32 2017 -0400
spell check: fix message and comment typos
commit
cdc2199a4f95ac75b11d83ce312f4a91a2393673
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 19:07:20 2017 -0400
replace: do not trip over fast pattern only
commit
14d34229049e390f4dbf0d59706be84c93d453b6
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 18:41:51 2017 -0400
detection: fix debug print of fast pattern only
commit
38ffacf6b1023643daed77bbaacf98987d8cc522
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 18 21:31:49 2017 -0400
stream: fix user dependency on flush bucket
commit
11bd8c0da6a51e66f70184be76c3de32ab73afac
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 18 21:09:59 2017 -0400
doc: tweak concepts and differences
Russ Combs (rucombs) [Thu, 20 Jul 2017 16:38:38 +0000 (12:38 -0400)]
Merge pull request #963 in SNORT/snort3 from u2 to master
Squashed commit of the following:
commit
d6046ce8e164daf3b8a54e2e429d71b227db13b5
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 20:13:36 2017 -0400
u2: support mixed IP versions
commit
d0b5682dab42f3cbb67a6e71e794e4fe97533acb
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 19 08:19:32 2017 -0400
u2: convert thread local buffers to heap
commit
126a9f8df065e784c1c5dc3905cb5dca1666167f
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jul 18 10:20:25 2017 -0400
u2: add event3 to u2spewfoo
commit
f27161d1460caf7ee13c3bee0b1107eb8c640cfc
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 17 08:17:24 2017 -0400
u2: deprecate ip4 and ip6 specific events and add a single event for both
commit
c7f6d52513f0f934b9a6f6eef4c6a9abd3b19c82
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 9 22:47:38 2017 -0400
u2: remove aliases
commit
e2df358ebfbb746bace58ae83b437c3d64a1e90a
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jul 9 22:43:11 2017 -0400
u2: remove cruft
Tom Peters (thopeter) [Thu, 20 Jul 2017 14:24:35 +0000 (10:24 -0400)]
Merge pull request #962 in SNORT/snort3 from file_exit to master
Squashed commit of the following:
commit
e98b26a5bff62e131c9a9552d70b14416006f0f5
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 18 16:26:48 2017 -0400
two fixes to file capture exit
Tom Peters (thopeter) [Wed, 19 Jul 2017 20:31:36 +0000 (16:31 -0400)]
Merge pull request #960 in SNORT/snort3 from dump_buffer to master
Squashed commit of the following:
commit
3a0feab9993894fc00bcfdebb77e11b537ca0e35
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 29 11:40:05 2017 -0400
Rule evaluation trace utility
Tom Peters (thopeter) [Mon, 17 Jul 2017 22:49:09 +0000 (18:49 -0400)]
Merge pull request #941 in SNORT/snort3 from pkt_trace to master
Squashed commit of the following:
commit
dfec01c9671e3d12df4d89b4fd45c35f5cd3834a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jun 29 17:21:10 2017 -0400
add packet trace feature
Michael Altizer (mialtize) [Mon, 17 Jul 2017 21:31:04 +0000 (17:31 -0400)]
Merge pull request #959 in SNORT/snort3 from fbs_base to master
Squashed commit of the following:
commit
d4ea6f978fc4a295bbb32730c864f2763fbb6f84
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Jul 12 14:51:46 2017 -0400
fixed main table (perf_monitor) having same name as pegs for perfmon field
Russ Combs (rucombs) [Sat, 15 Jul 2017 20:18:50 +0000 (16:18 -0400)]
Merge pull request #958 in SNORT/snort3 from rpc to master
Squashed commit of the following:
commit
d9fd7c240d7a7787eaf81239ae8e9b3719c07d13
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 15 10:32:33 2017 -0400
rpc: revert to positional params, fix tcp logic, clean up formatting
Michael Altizer (mialtize) [Fri, 14 Jul 2017 21:46:12 +0000 (17:46 -0400)]
Merge pull request #957 in SNORT/snort3 from diecpm to master
Squashed commit of the following:
commit
00299b5b93b7e05a1948b57fcdd2fa0a66d28ae4
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jul 14 15:45:47 2017 -0400
cpputests: Clean up some header include issues
commit
abcebef25cfcfb0e42f50789a043232f0ee619cb
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jul 14 13:47:15 2017 -0400
search_engines: Remove Intel Soft CPM support
In existing configurations converted by snort2lua, the search method
will be replaced with hyperscan instead.
Tom Peters (thopeter) [Fri, 14 Jul 2017 15:51:35 +0000 (11:51 -0400)]
Merge pull request #956 in SNORT/snort3 from nhttp81 to master
Squashed commit of the following:
commit
70455188e2954b95107457eefe85937439c271b5
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jul 10 12:26:42 2017 -0400
http_inspect: specific alert added 119:95 for Content-Encoding chunked.
http_inspect: alert 119:96 added for unsolicited 206 response.
file_api: memory leak fixed
Russ Combs (rucombs) [Thu, 13 Jul 2017 22:04:00 +0000 (18:04 -0400)]
Merge pull request #955 in SNORT/snort3 from socket to master
Squashed commit of the following:
commit
d17f51f98e70d8641e4bb971a820e581f661da7d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 13 10:42:14 2017 -0400
daq_socket: update to support query of pci
Russ Combs [Thu, 13 Jul 2017 11:05:40 +0000 (07:05 -0400)]
build 237
Michael Altizer (mialtize) [Wed, 12 Jul 2017 17:48:32 +0000 (13:48 -0400)]
Merge pull request #954 in SNORT/snort3 from snort2lua_fnames to master
Squashed commit of the following:
commit
3e50cb7c54a20d79b402ec424fa8195bd4078d54
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Jul 12 12:21:48 2017 -0400
refactored line and file number to method in snort2lua
commit
7b734b33ce1d569c52d86d822a0cc8b03eceb8a5
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jul 11 16:48:35 2017 -0400
added line number and file name to snort2lua error output
Tom Peters (thopeter) [Wed, 12 Jul 2017 15:41:21 +0000 (11:41 -0400)]
Merge pull request #949 in SNORT/snort3 from appid_sync_feat_open_appid to master
Squashed commit of the following:
commit
fae02d7b055f89b87da8370803376cdabefc5def
Author: davis mcpherson <davmcphe.cisco.com>
Date: Wed Jul 5 08:38:58 2017 -0400
port features from snort 2.9.x enabled by FEAT_OPEN_APPID compile time symbol
Hui Cao (huica) [Wed, 12 Jul 2017 14:03:28 +0000 (10:03 -0400)]
Merge pull request #936 in SNORT/snort3 from snort3_flowdata2 to master
Squashed commit of the following:
commit
95ca96d339dfb178f5ed394a0e7a15c17e458a58
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 23 15:32:18 2017 -0400
Changed FlowData::get_flow_id to get_flowdata_id to avoid confusion.
Russ Combs (rucombs) [Tue, 11 Jul 2017 17:24:47 +0000 (13:24 -0400)]
Merge pull request #952 in SNORT/snort3 from fixups to master
Squashed commit of the following:
commit
e6a65d1395eaa1f5da5c5f7b3f3e8e713de161c3
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 10 19:11:07 2017 -0400
ip and tcp options: reformat for consistency
commit
8dd7f558b4d5c8eb890f93e0635c959b43de5a18
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 10 16:11:59 2017 -0400
ip and tcp options: print the correct octets
commit
e9eb69680b352445e7c0d55211e926ef7f6913b1
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 10 11:25:22 2017 -0400
detect: release any helpers from an undetected PDU upon finish
commit
917e02259ad61b1fde19641acbb9d8095cc18741
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 10 11:24:29 2017 -0400
ip and tcp options: use max opts len to squelch bogus reinterpret cast overrun
Michael Altizer (mialtize) [Tue, 11 Jul 2017 16:57:07 +0000 (12:57 -0400)]
Merge pull request #948 in SNORT/snort3 from extrabuild to master
Squashed commit of the following:
commit
4d7e8a276f0d2e0e901b548d781de6af83fd9d07
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jul 7 13:56:26 2017 -0400
build: Add support for appending EXTRABUILD to the BUILD string
If EXTRABUILD is defined in the preprocessor flags, it will be appended
to the BUILD string and reported in all such places that use it like
snort -V.
For example, if one configures with CPPFLAGS="-DEXTRABUILD=.1", the
resulting snort -V output will look something like this:
,,_ -*> Snort++ <*-
o" )~ Version 3.0.0-a4 (Build 236.1) from 2.9.8-383
'''' By Martin Roesch & The Snort Team
Michael Altizer (mialtize) [Mon, 10 Jul 2017 19:47:23 +0000 (15:47 -0400)]
Merge pull request #951 in SNORT/snort3 from exitcodes to master
Squashed commit of the following:
commit
1e66c72c6f87efa99d3520808d6041c4669d7107
Author: Michael Altizer <mialtize@cisco.com>
Date: Sun Jul 9 21:31:52 2017 -0400
detection: Fix segfault in DetectionEngine::idle sans thread_init
Russ Combs (rucombs) [Mon, 10 Jul 2017 12:31:07 +0000 (08:31 -0400)]
Merge pull request #950 in SNORT/snort3 from spacey_rules to master
Squashed commit of the following:
commit
4dc5e316eb387d9f962140f64ebcd81d9b1db3f9
Author: Russ Combs <rucombs@cisco.com>
Date: Sat Jul 8 08:16:43 2017 -0400
rules: tolerate spaces in positional parameters
Russ Combs (rucombs) [Sun, 9 Jul 2017 19:33:28 +0000 (15:33 -0400)]
Merge pull request #947 in SNORT/snort3 from icmp6 to master
Squashed commit of the following:
commit
b44fab9650238404e622cd1dfeea84ffd3308e89
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 7 14:23:53 2017 -0400
icmp6: remove ip4 cruft from decoder
commit
f3a75c0d7e46e7f9b6ca0a42f178c3e5190c5ba4
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 6 18:56:55 2017 -0400
icmp6: reject non-ip6, raise 116:474
Russ Combs (rucombs) [Fri, 7 Jul 2017 16:16:42 +0000 (12:16 -0400)]
Merge pull request #946 in SNORT/snort3 from user_dax to master
Squashed commit of the following:
commit
6dae979e555eeec63b16f1c494cc075479119ace
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 6 21:20:04 2017 -0400
review: not sup and size check
commit
b23ad2fb260560fcd980a1a456d998c354068535
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 6 21:13:48 2017 -0400
decode: fix counts when no layers are decoded
commit
22596bc64fe69d91e0edf18db55f144ed80e784f
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 5 15:29:14 2017 -0400
daq_file: update for pci query
commit
3f3fbd6bc99ae44532080f49d995ac2e27f3fe97
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 5 14:54:11 2017 -0400
daq_hext: cleanup
commit
6692812227307ff76064fbb7f6f4c76eb9111791
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jul 5 14:49:16 2017 -0400
daq_hext, cd_user: query for pci
Tom Peters (thopeter) [Thu, 6 Jul 2017 20:48:18 +0000 (16:48 -0400)]
Merge pull request #945 in SNORT/snort3 from nhttp79 to master
Squashed commit of the following:
commit
a192d033425753f515840f82ba6413e07f035c8a
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 27 12:22:15 2017 -0400
Header normalization improvements
Michael Altizer (mialtize) [Thu, 6 Jul 2017 19:42:43 +0000 (15:42 -0400)]
Merge pull request #944 in SNORT/snort3 from warnings to master
Squashed commit of the following:
commit
8d2ef5c3a6b8061652e07e5b7609ce43fc5bfbae
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jul 5 20:50:40 2017 -0400
build: Clean up some ICC 2017 warnings
commit
d8dcbf92767750beae88263c7ce527cde8ef1a40
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jul 5 14:50:50 2017 -0400
utils: Remove inet_ntoax since it doesn't add value over ntoa anymore
commit
e930a3b3a8fc7cea965363d89b1f518c9c0d5c31
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 4 02:11:49 2017 -0400
snort2lua: Fix removal of ignore_ports in stream_tcp.small_segments
commit
2c123de0e34458cc0c8f629494ad8e13b57e3486
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 4 02:10:20 2017 -0400
file_decomp_pdf: Fix missing reset in PDF state machine transition
commit
68556c37a4824b41edddfcec5c4e7f6ce2a4d28d
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 4 02:09:32 2017 -0400
snort: Fix leaking instance memory when DAQ configure fails
commit
4a051279a65c9f5e3dfcb170ccfd740f2f6bfd73
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 4 01:13:34 2017 -0400
snort2lua: Fix heap-use-after-free for preprocessors and configs with no arguments
commit
07978c166304d72a5cacea3cb17bea934a7e7faf
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 3 20:45:17 2017 -0400
appid: Fix thread-unsafe sharing of HTTP pattern tables
commit
34dd69e6d2f6c5c141ad4ae316102ccf73dfb11d
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 3 20:43:08 2017 -0400
appid: Fix populating IP addresses in debug session ID
commit
9d5386c7467e278c46602bb564199a3b3de18258
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 3 16:10:21 2017 -0400
build: Clean up some GCC 7 warnings
commit
78e5e904cb0cbfab2dec5e11c76cf0e2ab416154
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 3 15:58:34 2017 -0400
appid/service_ssl: Compatibility update for OpenSSL 1.1.0 API
commit
d858f2386b7a3158342f2aa2524a576467bc47ee
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 3 15:57:09 2017 -0400
build: Clean up some cppcheck warnings
Russ Combs (rucombs) [Mon, 3 Jul 2017 21:22:39 +0000 (17:22 -0400)]
Merge pull request #943 in SNORT/snort3 from tweax to master
Squashed commit of the following:
commit
07b8138db8dad5fad3153345e1049fa8119e433e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 3 14:58:07 2017 -0400
doc: boast about json
commit
e51ede6c6448d24484bc410346c33a681376f057
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 3 14:57:25 2017 -0400
cppcheck: remove cruft
commit
9af73dd88bbbcbab10395c3ddfefae557adf507b
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jul 3 14:54:13 2017 -0400
cppcheck: fix warnings
Michael Altizer (mialtize) [Mon, 3 Jul 2017 19:34:47 +0000 (15:34 -0400)]
Merge pull request #942 in SNORT/snort3 from export_activeh to master
Squashed commit of the following:
commit
78bc5863731bc787296291e09bde0922526050ac
Author: Steve Chew <stechew@cisco.com>
Date: Mon Jul 3 14:01:00 2017 -0400
Export active.h that's needed for firewall port.
Tom Peters (thopeter) [Fri, 30 Jun 2017 20:51:31 +0000 (16:51 -0400)]
Merge pull request #940 in SNORT/snort3 from stream_syncup_ftpdatasplitter to master
Squashed commit of the following:
commit
443224e556c1d1f6635de850212ea321d5f3976a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu May 25 10:26:17 2017 -0400
implement FTP-Data specific splitter that subclasses the AtomSplitter and provides a custom 'finish' method that calls file processing if there is no data left to flush.
Russ Combs (rucombs) [Wed, 28 Jun 2017 14:49:16 +0000 (10:49 -0400)]
Merge pull request #939 in SNORT/snort3 from sync_or_sink to master
Squashed commit of the following:
commit
d0b8a6e33ac79e735eeecc0a1b01e8c294108963
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jun 28 08:18:59 2017 -0400
snort2lua: update for port_scan
commit
be4bc16b74e3adc0966cf6a8943195c6c7bb92fc
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jun 27 08:21:40 2017 -0400
port_scan: cleanup
commit
ab7f99a96219e4baa5bbe314f7aeabac3c7a14eb
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jun 27 07:40:16 2017 -0400
port_scan: merge global settings into main module
commit
8741d918bfcbbf0a447f4294cc47842aa4c3db7d
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 26 15:14:13 2017 -0400
port_scan: fix printing number of nodes
commit
cd86a9c410c4002d2111741d61dab7c2d916c928
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 26 15:10:48 2017 -0400
inspector manager: require explicit configuration of acquired inspectors
commit
45f0aacb6e47276a5483deda746e96d591ef76cd
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 26 15:08:30 2017 -0400
ftp: remove dead store
commit
3e1cd9164aa1cf5f1283b1114f4cbcc0f99149f7
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 26 15:07:50 2017 -0400
port_scan: port hash sizing fix from 2X
Michael Altizer (mialtize) [Tue, 27 Jun 2017 18:47:14 +0000 (14:47 -0400)]
Merge pull request #925 in SNORT/snort3 from control_coverage to master
Squashed commit of the following:
commit
1f704f85c48153704fc9a8ee4eb36514afbc55fb
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 13 23:43:46 2017 -0400
documentation updates to control channel code
Tom Peters (thopeter) [Tue, 27 Jun 2017 14:48:02 +0000 (10:48 -0400)]
Merge pull request #937 in SNORT/snort3 from nhttp77 to master
Squashed commit of the following:
commit
dd997afe9a8aa2f17dd0939f5d4942c99336e7d6
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jun 22 16:06:34 2017 -0400
Content-Transfer-Encoding
Tom Peters (thopeter) [Mon, 26 Jun 2017 19:43:13 +0000 (15:43 -0400)]
Merge pull request #938 in SNORT/snort3 from nhttp78 to master
Squashed commit of the following:
commit
19a68c6425cbeec8693789fac2f4b6e757032fcb
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jun 26 12:01:25 2017 -0400
Rename source file
Michael Altizer (mialtize) [Mon, 26 Jun 2017 16:09:49 +0000 (12:09 -0400)]
Merge pull request #932 in SNORT/snort3 from json_formatter to master
Squashed commit of the following:
commit
81a8d478028d9437122f29bbe2e8cb1c197b800b
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon May 16 11:12:56 2016 -0400
perf_monitor: Add JSON formatter
Tom Peters (thopeter) [Thu, 22 Jun 2017 17:59:26 +0000 (13:59 -0400)]
Merge pull request #935 in SNORT/snort3 from nhttp76 to master
Squashed commit of the following:
commit
2cbc9d33b58cfa241baf28697275b85a892c1b00
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 20 17:29:07 2017 -0400
Transfer-Encoding header not valid for HTTP 1.0
Tom Peters (thopeter) [Tue, 20 Jun 2017 17:42:51 +0000 (13:42 -0400)]
Merge pull request #929 in SNORT/snort3 from ssl_splitter to master
Squashed commit of the following:
commit
79d04e69161c7d6e9c5ae83546e1102ceb746148
Author: Steven Baigal <sbaigal@cisco.com>
Date: Mon Jun 12 16:32:33 2017 -0400
add ssl splitter
Tom Peters (thopeter) [Tue, 20 Jun 2017 17:38:17 +0000 (13:38 -0400)]
Merge pull request #934 in SNORT/snort3 from nhttp75 to master
Squashed commit of the following:
commit
7f4cb724e558e1138ba028a8edd4f356c626d48e
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jun 15 14:25:26 2017 -0400
NHI alerts related to 100 Continue
Tom Peters (thopeter) [Tue, 20 Jun 2017 17:36:23 +0000 (13:36 -0400)]
Merge pull request #927 in SNORT/snort3 from flow_errors to master
Squashed commit of the following:
commit
de672298786ea7070ca647594ee8d9a511ab5f9d
Author: allewi <allewi@cisco.com>
Date: Wed Jun 7 11:22:14 2017 -0400
removed unused code
Tom Peters (thopeter) [Mon, 19 Jun 2017 16:20:49 +0000 (12:20 -0400)]
Merge pull request #930 in SNORT/snort3 from speling to master
Squashed commit of the following:
commit
ab5686150760909495164bf70b3cde82ee34e512
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 19 07:00:39 2017 -0400
spell check: fix typos
Russ Combs [Fri, 16 Jun 2017 23:31:34 +0000 (19:31 -0400)]
cmg: change source::buf to source.buf and ::buf to snort.buf
Russ Combs [Sat, 17 Jun 2017 12:27:58 +0000 (08:27 -0400)]
loggers: use const event reference in alert funcs
Tom Peters (thopeter) [Fri, 16 Jun 2017 19:20:34 +0000 (15:20 -0400)]
Merge pull request #919 in SNORT/snort3 from Bug203817 to master
Squashed commit of the following:
commit
070e1a8857475b77e22809303caa66a9b3a07eba
Author: allewi <allewi@cisco.com>
Date: Thu Jun 1 12:40:04 2017 -0400
adding changes for bug203817
Russ Combs (rucombs) [Fri, 16 Jun 2017 17:07:20 +0000 (13:07 -0400)]
Merge pull request #928 in SNORT/snort3 from ps_events to master
Squashed commit of the following:
commit
3877ccf2211f0341b0cdd6d59c7ef9b41023955f
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jun 16 08:43:10 2017 -0400
port_scan: execute probes after detection and log the alt buffer if set
commit
2965452abf7ed909be0cfcb76b645f1439022c8d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 15 13:01:09 2017 -0400
port_scan: cleanup headers
commit
25c305b763019b77823bc3de0ad78c972168d72b
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 15 11:51:59 2017 -0400
port_scan: refactor alerting
commit
2c9380e50066da9b7319f134202d737e3acad7d9
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 15 10:58:18 2017 -0400
port_scan: just use normal log files
commit
5786467d359d8c59523a060a9ddee29a1963cf99
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 15 10:54:23 2017 -0400
port_scan: eliminate use of pseudo packet for events
Russ Combs [Thu, 15 Jun 2017 11:14:41 +0000 (07:14 -0400)]
build 236
Russ Combs (rucombs) [Thu, 15 Jun 2017 00:13:10 +0000 (20:13 -0400)]
Merge pull request #923 in SNORT/snort3 from ps_overhaul to master
Squashed commit of the following:
commit
1a3272ddf66ff45c0e37ad38546e0e3a14bb3937
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jun 14 15:25:56 2017 -0400
review: clean up more return values
commit
9ded9d29ca0e668c1c0ab2977f32cc4c93b56e36
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jun 14 15:00:47 2017 -0400
review: update defaults to some semi-useful average
commit
086c0235ffc31ba10f99d9195f40093a61901ef5
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 12 17:49:52 2017 -0400
port_scan: remove unused cruft
commit
df35824913f28060fe69ce045d5a09e0d0739e13
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 12 15:22:30 2017 -0400
port_scan: update snort2lua for deleted sense_level
commit
8ac604119fcb385dc860d3d1129dc5b5d1b62770
Merge:
fc66cd5 8dfcc5e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jun 12 10:30:26 2017 -0400
port_scan: fix ip6 handling
commit
fc66cd527829be3e6528dd78810e15870f5b648c
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 21:07:32 2017 -0400
port_scan: convert return values from int to bool and other cleanup
commit
3dd0b506ca32bb716fbaec00217c0196bce086b5
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 19:44:04 2017 -0400
port_scan: normalize args, cleanup comments, remove dead code
commit
d0aa139077b886f761309d9e74c5d840d35b7688
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 11:09:10 2017 -0400
port_scan: utilize expanded configuration
commit
209f535dd842f4f094b8ce99a464b2d2fcd44d25
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 8 08:08:32 2017 -0400
port_scan: add lua defaults
commit
1630d19a840f45a7f9862143b9ab3418fde93a17
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jun 9 16:53:01 2017 -0400
port_scan: alert on all packets considered scan events within window
port_scan: fix ip protocol scan detection
commit
9fbf94640debdf83a85b064d72a89f3f89d63c16
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jun 9 11:44:56 2017 -0400
port_scan: use standard event queuing
commit
8dfcc5e634867357644511e1c3d63065071857e2
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 21:07:32 2017 -0400
port_scan: convert return values from int to bool and other cleanup
commit
07a03fc5824f26ce0db88d53a86d68c0e226353c
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 19:44:04 2017 -0400
port_scan: normalize args, cleanup comments, remove dead code
commit
a122e32b803466bb6228cadd61e4aea737d70ce2
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 11 11:09:10 2017 -0400
port_scan: utilize expanded configuration
commit
8fcb52c2ddb4d6cc5122d009ce4d593e2dc4bf29
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 8 08:08:32 2017 -0400
port_scan: add lua defaults
commit
9ead40f296fb31c18b5b01ed8bf8c450f14c2edc
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jun 9 16:53:01 2017 -0400
port_scan: alert on all packets considered scan events within window
port_scan: fix ip protocol scan detection
commit
a33f60b6801624065f27d09ec8cddf9a88df55ba
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jun 9 11:44:56 2017 -0400
port_scan: use standard event queuing
Tom Peters (thopeter) [Wed, 14 Jun 2017 20:40:11 +0000 (16:40 -0400)]
Merge pull request #926 in SNORT/snort3 from nhttp74 to master
Squashed commit of the following:
commit
9634905678288bbc1efa1626100bf6d0c0d34e54
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jun 14 14:46:30 2017 -0400
Added helper methods for events and infractions
Tom Peters (thopeter) [Wed, 14 Jun 2017 20:38:15 +0000 (16:38 -0400)]
Merge pull request #924 in SNORT/snort3 from appid_bug_217500 to master
Squashed commit of the following:
commit
2835f929dcc8faa913fec6a63141f608b9b12863
Author: davis mcpherson <davmcphe.cisco.com>
Date: Fri Jun 9 16:47:57 2017 -0400
fix memory leak caused by error initializing and freeing linked list elements for matched chp patterns
Tom Peters (thopeter) [Wed, 14 Jun 2017 18:45:15 +0000 (14:45 -0400)]
Merge pull request #922 in SNORT/snort3 from nhttp73 to master
Squashed commit of the following:
commit
1983899cf047594c9089a3ef0211faf403d22220
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jun 9 13:51:18 2017 -0400
improved transfer-encoding header processing
Tom Peters (thopeter) [Tue, 13 Jun 2017 20:24:49 +0000 (16:24 -0400)]
Merge pull request #921 in SNORT/snort3 from decode_sync_up to master
Squashed commit of the following:
commit
c4029c05a4eab161ab23f483ee4320aefd6713fc
Author: mdagon <mdagon@cisco.com>
Date: Mon Jun 12 14:14:44 2017 -0400
Updated ipv6 valid next headers
Michael Altizer (mialtize) [Fri, 9 Jun 2017 20:39:22 +0000 (16:39 -0400)]
Merge pull request #897 in SNORT/snort3 from perflib_updates to master
Squashed commit of the following:
commit
53b8a945fba35c2ca6fad77c1b04eef9a9c3eb11
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed May 10 16:38:59 2017 -0400
added udp.ignore to pegs
fixed tcp.ignored_sessions (tcp.ignored)
added daq.rx_bytes
added syn and syn-ack counters to stream_tcp
added search_engine.searched_bytes
added reset and fin peg counters
Tom Peters (thopeter) [Fri, 9 Jun 2017 17:31:51 +0000 (13:31 -0400)]
Merge pull request #920 in SNORT/snort3 from nhttp72 to master
Squashed commit of the following:
commit
3a789ec873f4349c3ba4d86fc44c13b44d4da4e6
Author: Tom Peters <thopeter@cisco.com>
Date: Wed May 31 16:57:54 2017 -0400
NHI improvements to handling of badly terminated chunks
Russ Combs (rucombs) [Thu, 8 Jun 2017 13:54:10 +0000 (09:54 -0400)]
Merge pull request #918 in SNORT/snort3 from sip_buf to master
Squashed commit of the following:
commit
dc7ee447477092476f4071404673623ac58be1b3
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jun 7 15:57:48 2017 -0400
conf: set HOME_NET and EXTERNAL_NET before loading defaults
commit
72bbbf5da7c4911c01bf6366c03be5ef2e5741f1
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Jun 6 09:02:56 2017 -0400
sip: fix get body buffer
Tom Peters (thopeter) [Tue, 6 Jun 2017 16:08:32 +0000 (12:08 -0400)]
Merge pull request #911 in SNORT/snort3 from appid_stats to master
Squashed commit of the following:
commit
9e6310eba1bf2f4388b0d882e6de33e1ae2c5b67
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed May 24 17:05:33 2017 -0400
removed empty stats printing that was executed from main thread
Russ Combs (rucombs) [Tue, 6 Jun 2017 15:47:56 +0000 (11:47 -0400)]
Merge pull request #916 in SNORT/snort3 from conf_updates to master
Squashed commit of the following:
commit
647890ba3c1031f60fafa55ef606a8645466582d
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 4 09:22:51 2017 -0400
conf: refactor for clarity
commit
a75b80cb43914841fd8821d4f3e4e3dad295d195
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 4 08:49:56 2017 -0400
conf: use updated external defaults, change internal defaults to enable file_id type and signature
commit
2ec586b505cf8f3e0f9999ecf5b4279c6f10935b
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Jun 4 08:47:34 2017 -0400
conf: update defaults - remove old http cruft, add smtp defaults
Russ Combs (rucombs) [Tue, 6 Jun 2017 15:47:26 +0000 (11:47 -0400)]
Merge pull request #917 in SNORT/snort3 from RangeCheck_valid to master
Squashed commit of the following:
commit
ed402874266886db364e582e062dd4f28813a949
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Jun 1 15:47:29 2017 -0400
add validate check for range
Russ Combs (rucombs) [Mon, 5 Jun 2017 17:16:38 +0000 (13:16 -0400)]
Merge pull request #902 in SNORT/snort3 from perfcpu_tid to master
Squashed commit of the following:
commit
e9326366e304780392f0eda521a4cb8db09b1e3a
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed May 17 13:54:40 2017 -0400
update cpu tracker output to thread_*.cpu_{user,system,wall}
Russ Combs (rucombs) [Fri, 2 Jun 2017 19:02:12 +0000 (15:02 -0400)]
Merge pull request #912 in SNORT/snort3 from rangecheck_fragoffset to master
Squashed commit of the following:
commit
34618dc2536f65c8995e90a57f49d07a6dcb285c
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri May 26 09:36:02 2017 -0400
add range validation for RangeCheck class and ips fragoffset
Russ Combs (rucombs) [Fri, 2 Jun 2017 18:15:44 +0000 (14:15 -0400)]
Merge pull request #914 in SNORT/snort3 from svc_policy to master
Squashed commit of the following:
commit
ca9642e07630e88ab09398957d58b7164de0915f
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 31 20:21:44 2017 -0400
binder: remove problematic and ineffective unit test
commit
0a2d909c24cfd03746dbaa0e13126e27f9f67903
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 31 14:44:01 2017 -0400
splitters: add unit tests for generic splitters
commit
56168c90bf6c793a9626e0bcab1de7574e322574
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 31 10:28:36 2017 -0400
splitter: cleanup
commit
9fb13f4841eeb0d37ac55deb793527ac57d42196
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 31 06:36:30 2017 -0400
stream: use fixed direction flush methods
commit
f9cb1f804475e61ee5da5175412b649783264b18
Author: Russ Combs <rucombs@cisco.com>
Date: Sun May 28 15:26:28 2017 -0400
detection: avoid superfluous leaf nodes in detection option trees
commit
8853ceb93b290c4b615b7f00115a0a1d6cd19e4c
Author: Russ Combs <rucombs@cisco.com>
Date: Sun May 28 15:17:59 2017 -0400
ssl: use stop-and-wait splitter
commit
9558b366ad285b20299facd038b261f8a8264265
Author: Russ Combs <rucombs@cisco.com>
Date: Sun May 28 15:16:39 2017 -0400
stream: add stop-and-wait splitter
Russ Combs (rucombs) [Thu, 1 Jun 2017 22:22:38 +0000 (18:22 -0400)]
Merge pull request #907 in SNORT/snort3 from frag_big_lg_fix to master
Squashed commit of the following:
commit
f4af8be641026012e8a5b87a6efcbc0ebe9bab94
Author: Shashikant Lad <shaslad@cisco.com>
Date: Wed May 31 13:25:24 2017 -0400
stream_ip: fix 123:7 - DEFRAG_ANOMALY_BADSIZE_LG
projects / thirdparty / snort3.git / log
