git.ipfire.org Git - thirdparty/snort3.git/log

Pull request #4468: appid: implement an API that allows users to specify values for data items used in lua detectors.

Merge in SNORT/snort3 from ~CLJUDGE/snort3:appid_user_data_map to master

Squashed commit of the following:

commit e6ce02952acc21c70876dcc3a74f628cf90da339
Author: Cliff Judge <cljudge@cisco.com>
Date: Thu Sep 5 23:38:42 2024 -0400

appid: implement an API that allows users to specify values for data items used in lua detectors.

Pull request #4492: stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ids_asymmetric_tweaks to master

Squashed commit of the following:

commit 3ea41ca77b1fc9f6f1bb775eb01ed784fdc71ad9
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Oct 22 12:10:15 2024 -0400

stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing

Pull request #4483: flow: new allowlist LRU

Merge in SNORT/snort3 from ~RSHAFIQ/snort3:whitelist_cache to master

Squashed commit of the following:

commit a1647130533346a651396d00c1d251c294094416
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Oct 2 19:08:52 2024 -0400

flow: new allowlist LRU

Pull request #4495: appid: add new api to check if service is over quic

Merge in SNORT/snort3 from ~SHIBOSE/snort3:quic_white_list to master

Squashed commit of the following:

commit 92bcf5b8b1199b4a135ffa8d664d8603c7fd92f1
Author: shibose <shibose@cisco.com>
Date: Fri Oct 25 08:13:08 2024 +0000

appid: add new api to check if service is over quic

Pull request #4475: http2_inspect: HTTP/2 handle multiple cookie headers

Merge in SNORT/snort3 from ~JAIMEACA/snort3:http2_handle_multiple_cookie to master

Squashed commit of the following:

commit 856c312ef84bee12338f759883bac06d5cc70983
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Tue Oct 8 12:52:29 2024 -0400

http2_inspect: handle multiple cookie header fields

Pull request #4312: appid: add tls_version captured in appid_session

Merge in SNORT/snort3 from ~OPOLUIAN/snort3:appid_navl_opoluian_ssl_version to master

Squashed commit of the following:

commit d3328cd520f27cf01735a851b48e9fbac29f488f
Author: Oleh Poluianskyi <opoluian@cisco.com>
Date: Thu May 2 03:27:15 2024 +0300

appid: add tls_version capture in appid_session

Pull request #4466: smtp: Fixing the processing of SMTP response in case of encrypted traffic

Merge in SNORT/snort3 from ~BSACHDEV/snort3:smtp_alert_fix to master

Squashed commit of the following:

commit 615507541e02cf81c25c210449f82d37bd41b9e6
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Oct 2 16:12:52 2024 -0400

smtp: Fixing the processing of SMTP response in case of encrypted traffic

Pull request #4486: Add thread instance number to dump_flows control command output

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:add_instance_number to master

Squashed commit of the following:

commit 52fa22e84bfcb080b6f94c95f1401d0778b1ee2a
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Mon Oct 14 18:00:22 2024 -0400

stream: add thread instance number to dump_flows control command output

Pull request #4488: side_channel: fix compiler warning in side channel formatting test

Merge in SNORT/snort3 from ~VHORBATO/snort3:sc_format_warn_fix to master

Squashed commit of the following:

commit 63b51eb539f5eeebc9c5f5897657a8e60fd829a8
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 21 12:05:44 2024 +0300

side_channel: fix compiler warning in side channel formatting test

Pull request #4482: js_norm: add cross-PDU PDF token reassembly

Merge in SNORT/snort3 from ~DKYRYLOV/snort3:js_pdf_token_split to master

Squashed commit of the following:

commit 9bb663ecbe181eec9401428277a80d0068a10801
Author: dkyrylov <dkyrylov@cisco.com>
Date: Thu Oct 10 13:39:45 2024 +0300

js_norm: add cross-PDU PDF token reassembly

Pull request #4489: build: generate and tag 3.5.0.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.0.0 to master

Squashed commit of the following:

commit fcf5ce4eecfe007c2a4ad820ffc78ca26e318d92
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Oct 21 08:01:50 2024 -0400

build: generate and tag 3.5.0.0

Pull request #4462: Connectors API update

Merge in SNORT/snort3 from ~VHORBATO/snort3:connector_upd to master

Squashed commit of the following:

commit 9acdf2c1e2657ff86cdd96ebcadd4af28ac30107
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Oct 8 16:21:02 2024 +0300

    connectors: make config object as reference

commit 0e8976d37222ad400feb5529ec336679b52d8b2f
Author: vhorbato <vhorbato@cisco.com>
Date:   Wed Oct 2 16:30:52 2024 +0300

    managers: update connector manager

    - use instance_id instead of a thread_id to access thread connectors
    - fix vector corruption in case of a thread restart

commit c8c1851b046b49f681b1a9f5cff240c18555cef0
Author: vhorbato <vhorbato@cisco.com>
Date:   Mon Oct 7 14:00:49 2024 +0300

    connectors: fix tsan warning in tcp conector

commit 6904058a46cb899949b6aee45cce0b3335f1de6b
Author: vhorbato <vhorbato@cisco.com>
Date:   Wed Oct 2 16:31:56 2024 +0300

    connectors: add connector reinitialization functionality

commit 0019e46ea3ecd3fa19129ca45437bedf8a5cb5de
Author: vhorbato <vhorbato@cisco.com>
Date:   Thu Sep 26 19:15:26 2024 +0300

    framework: update Connector interface

    * make ConnectorMsg fields const and accessible thru getters
    * make ConnectorMsg data lifetime control configurable
    * connectors: move message text formatting to SideChannel
    * connectors: change transmit_message overloads

commit ac8bd110f70287ce9c1f03cf84a4ab8f972c2e4b
Author: vhorbato <vhorbato@cisco.com>
Date:   Thu Sep 26 19:24:24 2024 +0300

    connectors: fill tcp_connector port number from user-configured list

    : fill port number from user-configured list

commit c6352512967c81d2f31c52da80a7708612079b3b
Author: vhorbato <vhorbato@cisco.com>
Date:   Thu Sep 26 19:23:19 2024 +0300

    main: move Connectors initialization from SideChannel

commit 8e6923fcf6c00a3204cf8d40f929b9bb9c0fdea1
Author: vhorbato <vhorbato@cisco.com>
Date:   Thu Sep 26 19:06:53 2024 +0300

    connectors: remove MessageHandle abstraction

Pull request #4484: main: implement function to grab relative process id

Merge in SNORT/snort3 from ~MMATIRKO/snort3:proc_id to master

Squashed commit of the following:

commit 52dac29650af818dd6d336100f3fb46b468fd854
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Oct 11 12:45:56 2024 -0400

main: implement function to grab relative process id

Pull request #4479: packet_io: set the flow state to block when forcing the session block

Merge in SNORT/snort3 from ~RDEMPSTE/snort3:block_flow_state to master

Squashed commit of the following:

commit fc47b9301b9d235d493929d0eb746cab06eef574
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Oct 8 11:38:49 2024 -0400

packet_io: set the flow state to block when forcing the session block

Pull request #4470: add filename for ftp file process

Merge in SNORT/snort3 from ~SVLASIUK/snort3:ftp_download to master

Squashed commit of the following:

commit 756cb0d29045470f3d0510b35192c12da2b83f25
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Sep 10 14:16:02 2024 +0300

ftp_telnet: add filename for ftp file processing

Pull request #4400: stream_tcp: fix snort crash when processing held packet on flow when reassembly policy is IGNORE

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_rewrite_u3.0 to master

Squashed commit of the following:

commit 4aeb81a4548c117b0d5595b03f5d3a4860ee8c0d
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Fri Jul 26 12:37:12 2024 -0400

    stream_tcp: streamline allocation and release of reassemblers, tweak ips flush_on_data process

    stream_tcp: implement ignore flush policy reassembler as a singleton to improve performance,
    implement all TcpReassembler base class public methods as virtual methods and override each in
    the ignore flush policy subclass to do nothing

Pull request #4477: Extractor - HTTP fields support: add support for body length, info_code/msg, filename, proxied

Merge in SNORT/snort3 from ~MDAGON/snort3:http_fields to master

Squashed commit of the following:

commit 1fc153936a564191ae716130d477859198d12e2a
Author: maya dagon <mdagon@cisco.com>
Date: Tue Jul 2 11:02:28 2024 -0400

extractor: add support for body length, info_code/msg, filename, proxied

Pull request #4478: main: suppress cppcheck issue

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:supp_lat to master

Squashed commit of the following:

commit 22ffa72119179a38a4bedf9fc32a72db7f0f321a
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Oct 8 09:02:33 2024 -0400

main: suppress cppcheck issue

Pull request #4471: appid: Reading only required lua detectors for regtests

Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_load_time to master

Squashed commit of the following:

commit 722f0b294738e25d3a62ffff1f71cc9673b4b925
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue Oct 1 04:17:46 2024 -0400

appid: Reading and loading only required lua detectors for regtests

Pull request #4454: file_api, http_inspect: set uri for file processing

Merge in SNORT/snort3 from ~OTORUBAR/snort3:set_uri_for_file_processing to master

Squashed commit of the following:

commit 02350f3bcb2b5d023bed4f74cb707b7ebc7cf3c1
Author: otorubar <otorubar@cisco.com>
Date: Thu Sep 19 04:44:33 2024 -0700

file_api,http_inspect: extract and set hostname for file processing

Pull request #4446: Avoid data race when latency is enabled during flow ip profiling

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:latency_fix to master

Squashed commit of the following:

commit 6539c68b6d81b515cc74bd98d251805a141a47e3
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 12 02:29:55 2024 -0400

perf_monitor,latency: avoid data race when latency is enabled during flow ip profiling

Pull request #4464: snort, search_engine: remove --dump-rule-databases

Merge in SNORT/snort3 from ~RUCOMBS/snort3:rule_db_dir to master

Squashed commit of the following:

commit 453e493024c93e33af63800afa5322e7b47c6013
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Oct 4 07:58:10 2024 -0400

    snort: bump minor version for MPSE API change

commit e2a836a2dcaafd000edebaf275244bd8f5e7424c
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Sep 12 12:28:39 2024 -0400

    snort, search_engine: remove --dump-rule-databases

    Rules are now automatically dumped to search_engine.rule_db_dir if not
    loaded. Combine with snort --mem-check to get equivalent functionality
    to --dump-rule-databases.

Pull request #4465: tcp_pdu: new inspector for simple length based flushing

Merge in SNORT/snort3 from ~RUCOMBS/snort3:tcp_pdu to master

Squashed commit of the following:

commit 58b1bc69c07c863d04c446207eb317d99ed1e7fd
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Sep 16 14:06:01 2024 -0400

    tcp_pdu: new inspector for simple length based flushing

    tcp_pdu provides a generic protocol-aware-flushing capability for PDUs
    that contain a length field. The field may be at a configurable offset
    from the start of the PDU, it has a configurable length, and may specify
    the total length of the PDU or the number of bytes following the length
    field.

Pull request #4467: ips: ignore proto when service supersedes ports

Merge in SNORT/snort3 from ~RUCOMBS/snort3:svc_proto to master

Squashed commit of the following:

commit 63858fa7c98027773703bf38a6df9015b62ab238
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Oct 1 10:03:47 2024 -0400

ips: ignore proto when service supersedes ports

Pull request #4439: Require 3whs

Merge in SNORT/snort3 from ~RUCOMBS/snort3:require_3whs to master

Squashed commit of the following:

commit 1fe3d9094bceea1d0f512c5b71c4da92b662407a
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Sep 4 11:56:27 2024 -0400

    stream: recheck flow eligibility if session times out

commit c2456283071ce2a9df50eff31bb7207f85eb0830
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Aug 22 15:44:01 2024 -0400

    stream_tcp: move require_3whs to stream to avoid undesired flow creation

Pull request #4463: stream_tcp: implement flush on asymmetric flows in IDS mode when queued bytes exceeds configured threshold

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ids_asymmetric_support to master

Squashed commit of the following:

commit 97bdb1f6e267a42f2f83dc62444a9c0bf97170ad
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Sep 5 09:30:58 2024 -0400

stream_tcp: implement flush on asymmetric flows in IDS mode when queued bytes exceeds configure threshold

Pull request #4447: main: change help command to print in alphabetical order.

Merge in SNORT/snort3 from ~MMYKHAIL/snort3:help_commands to master

Squashed commit of the following:

commit 8a8144228ce38a2395be33cf5509b6a2847aeae9
Author: Maksym Mykhailov <mmykhail@cisco.com>
Date: Thu Sep 12 09:31:58 2024 -0400

main: change help command to print in alphabetical order.

Pull request #4450: js_norm: allow processing complex nested PDF objects

Merge in SNORT/snort3 from ~YCHALOV/snort3:pdf_tokenizer_improve to master

Squashed commit of the following:

commit a8a63adb802cc2dc3fa7d3c0eb112993e1845f11
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Sep 9 17:02:21 2024 +0200

js_norm: allow processing complex nested PDF objects

Pull request #4449: pub_sub: add request and response events

Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_ftp_event to master

Squashed commit of the following:

commit 45a8734430fa07e7e0898180e82508531efe0cdd
Author: anorokh <anorokh@cisco.com>
Date: Mon Sep 16 16:19:15 2024 +0300

pub_sub: add request and response FTP events

Pull request #4458: build: generate and tag 3.3.7.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.7.0 to master

Squashed commit of the following:

commit f9cd360311cda662584c9d570aa103a26776bd94
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Sep 24 22:06:31 2024 -0400

build: generate and tag 3.3.7.0

Pull request #4451: binder: change binding to have single service

Merge in SNORT/snort3 from ~OSTEPANO/snort3:binder_service to master

Squashed commit of the following:

commit 14207b6c9c45c1eac1494a04589a3891195d3a3d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Sep 18 13:04:28 2024 -0400

binder: change binding to have single service

Pull request #4433: stream_tcp: Do not set global normalizer policy config when proxy mode is enabled

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:start_proxy_config_fix to master

Squashed commit of the following:

commit 7568e72e147ef564ed2ac545f700e25f86823a98
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Tue Sep 10 08:40:34 2024 -0400

    stream_tcp: Do not overwrite global normalizer policy config option when proxy mode is enabled

    stream_tcp: add assert to verify configured normalizer policy is valid

Pull request #4457: Extractor: flush data

Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_flush to master

Squashed commit of the following:

commit f454e0e1f24ebffafc4a62b00d906c7bc4511f98
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 24 11:58:19 2024 +0300

extractor: flush data on unlocking a writer

Pull request #4442: appid: Early SSH detection brute-force fix

Merge in SNORT/snort3 from ~VIIZHYK/snort3:viizhyk_CSCwm05155_master to master

Squashed commit of the following:

commit 1ce5264a30bcbf5ff4ac3068b489599521e8c255
Author: viizhyk <viizhyk@cisco.com>
Date: Wed Sep 11 08:44:12 2024 -0400

appid: Early SSH detection brute-force fix

Pull request #4441: Extractor Refactoring

Merge in SNORT/snort3 from ~OSHUMEIK/snort3:ext_hare to master

Squashed commit of the following:

commit 21382cc49cc74bfd0f9c375eca7904bc221fbfe1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Sep 10 16:51:00 2024 +0300

    extractor: notify handler whether it is a fixed-width formatting

commit a6bc7ff8501415b727fa09f4c5e62eadb232519b
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Sep 10 16:18:44 2024 +0300

    extractor: update logger with an internal set of fields for logging

commit 6b8452f585d60ef6cf2215f6c7e3696894db392e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Fri Sep 6 13:47:27 2024 +0300

    extractor: refactor data pipe between an inspector and extractor's logger

Pull request #4432: ftp_telnet: adding fallback functionality

Merge in SNORT/snort3 from ~MSONEJA/snort3:ftp_telnet_fallback to master

Squashed commit of the following:

commit b64420ab2fa645d2c38aa874d26a2a3525c8a6a8
Author: msoneja <msoneja@cisco.com>
Date: Mon Aug 26 06:56:49 2024 +0000

ftp_telnet: adding fallback functionality for ftp

Pull request #4448: extractor: rewrite std writer to use text_log utility

Merge in SNORT/snort3 from ~ASERBENI/snort3:log_perf_ci to master

Squashed commit of the following:

commit 11c5aa69552e778d782dc74bce964d8e2e34378e
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date:   Fri Sep 6 10:13:34 2024 +0300

    extractor: rewrite std writer to use text_log utility

    This way its output will be written to the same descriptor as ips events. In most of the cases it's stdout, but it can also be descriptor 3 if snort was build with --enable-stdlog

Pull request #4425: http2_inspect: add IPS options for frame header and data

Merge in SNORT/snort3 from ~ADMAMOLE/snort3:http2_header_len to master

Squashed commit of the following:

commit 98609c16c63feb3e8249d4d9f7b2e87456389ef0
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Aug 15 14:46:45 2024 -0400

http2_inspect: add IPS options for frame header and data

Pull request #4387: appid: fixes for one definiton rule violation

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:lto_enable to master

Squashed commit of the following:

commit 480bc87f6d76b4ec66ee85cb19438e12eb9e707e
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Jul 16 05:03:46 2024 -0400

appid: fixes for one definiton rule violation

Pull request #4430: Unwind arm fix

Merge in SNORT/snort3 from ~DKYRYLOV/snort3:unwind_arm_fix to master

Squashed commit of the following:

commit b1e48c94f8eae4d6b92da78d1c4164830501c272
Author: dkyrylov <dkyrylov@cisco.com>
Date:   Wed Aug 28 19:38:14 2024 +0300

    process: skip vDSO frame on aarch64

        skip vDSO frame on aarch64,
        continue unwinding past unw_get_proc_info failure

Pull request #4417: ssh: added abort session in streamsplitter

Merge in SNORT/snort3 from ~SHIBOSE/snort3:ssh_fallback to master

Squashed commit of the following:

commit c5a27bacf94fff0db24793b62ffa22ee6587ff42
Author: shibose <shibose@cisco.com>
Date: Thu Aug 8 05:37:06 2024 +0000

ssh: added abort session in streamsplitter

Pull request #4435: memory: add shell commands for jemalloc heap profiling

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:jemalloc_cli to master

Squashed commit of the following:

commit 6a36e76117b05b637cebb0d17997627f9e045d6e
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 5 10:47:53 2024 -0400

memory: add shell commands for jemalloc heap profiling

Pull request #4429: stream: fix to dump all flows

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:dump_all_flows to master

Squashed commit of the following:

commit 5bdf40420c947eeb8490cab14a0632feded8905c
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Tue Aug 20 12:21:14 2024 -0400

stream: fix to dump all flows

Pull request #4427: appid: dns sinkhole support for edns

Merge in SNORT/snort3 from ~RISHACHO/snort3:dns_sinkhole to master

Squashed commit of the following:

commit a63ed896fa9b21e1267b9c397c2104d7111c40e3
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Tue Aug 27 00:28:11 2024 +0530

appid: dns sinkhole support for edns

Pull request #4436: build: generate and tag 3.3.6.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.6.0 to master

Squashed commit of the following:

commit dee67015a58f06f9ea056830a3d6b8844746c9d9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 13:04:42 2024 -0400

build: generate and tag 3.3.6.0

Pull request #4434: build: generate and tag 3.3.5.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.5.0 to master

Squashed commit of the following:

commit 3757dff650b549cfa5dfd001eb027890635d7139
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 09:16:32 2024 -0400

build: generate and tag 3.3.5.0

Pull request #4426: packet_tracer: add tcp window size, options and meta-ack info

Merge in SNORT/snort3 from ~SBAIGAL/snort3:meta-ack-win to master

Squashed commit of the following:

commit 7a336ceee9838076d706ba55a30d1135b2012b8a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Aug 23 14:12:22 2024 -0400

packet_tracer: add tcp window size, options and meta-ack info

Pull request #4431: JSON formatting for data logging

Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_json to master

Squashed commit of the following:

commit 2bd2c95c4d5ab3b10dc1600f79e77e0c5fe2ab9e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Sep 4 09:56:08 2024 +0300

    extractor: mention a field in initialization list

    Despite that initialization order is defined by class fields only,
    an explicit initializer in the list will add cross-validation.

commit 7eeaf9b8814aab9331a0e6d507c7e356ee8a9582
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Sep 3 13:50:18 2024 +0300

    extractor: add unit tests for enum types

commit 08928ef3bddf3f61878fe2a936d6be96f2a410e1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Sep 3 10:49:41 2024 +0300

    extractor: remove unused headers

commit 4a6f42fd87d00ce27d5b8b27add094921c85fd5e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Aug 28 12:13:52 2024 +0300

    extractor: add json logger

commit b783608bc41247bd3d45e8acedfc87c5dea445c2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Aug 28 12:00:25 2024 +0300

    extractor: fix local variable

    Declare a local variable to be static to not interfere at linking stage.

commit 077f8133e94079ec86ee5e053b96f2b45afa71de
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Aug 28 11:55:23 2024 +0300

    extractor: take a note of FIXIT-P in key points

commit 08ed77f484fa19a4cd384af4ee62565a5ea81976
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Aug 28 11:47:49 2024 +0300

    extractor: add field name to logging function

    Field order is not preset for all formattings.
    Thus, a caller must pass a field name for proper logging.

commit 7a81360468ffe1431c4f93d384b295f659c7b93e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Aug 27 15:21:38 2024 +0300

    extractor: fix guard-macro names

Pull request #4424: appid: logs added around third party reload

Merge in SNORT/snort3 from ~BSACHDEV/snort3:tp_fix_logs to master

Squashed commit of the following:

commit b113ad653effd50f9021dbb62371be1f457b2176
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Aug 13 16:32:29 2024 -0400

appid: added new logs for reload third party

Pull request #4422: file_api: filename for file processing

Merge in SNORT/snort3 from ~OTORUBAR/snort3:filename_for_file_processing to master

Squashed commit of the following:

commit c25848c0fca7d9d7f33fece004314ad88a3c8e8d
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 26 15:13:52 2024 -0400

file_api: set file name for file processing

Pull request #4423: http_inspect: when cutting chunks check for MAX_OCTETS too

Merge in SNORT/snort3 from ~ADMAMOLE/snort3:max_octets to master

Squashed commit of the following:

commit 310c5907c602cc5d46f24ddfb711d0033cd50c3e
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Aug 19 14:54:13 2024 -0400

http_inspect: when cutting chunks check for MAX_OCTETS too

Pull request #4428: build: generate and tag 3.3.4.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.4.0 to master

Squashed commit of the following:

commit 745fb3e8c31cac674067037f4644198def469e50
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Aug 26 23:17:35 2024 -0400

build: generate and tag 3.3.4.0

Pull request #4369: appid: Notify binder on service change

Merge in SNORT/snort3 from ~OSTEPANO/snort3:appid_binder to master

Squashed commit of the following:

commit b95ee6c0632260fe1a295f7eba7b90ae7be4424d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Jul 1 09:00:35 2024 -0400

appid: Notify binder on service change

Pull request #4394: AppId: CSCwk30965: AppIdSessionData causes snort3 to crash.

Merge in SNORT/snort3 from ~VIIZHYK/snort3:viizhyk_CSCwk30965_master to master

Squashed commit of the following:

commit ce4124066c911c5cbc48f16f2393b7edafe857fa
Author: viizhyk <viizhyk@cisco.com>
Date: Mon Jul 22 19:37:51 2024 -0400

Replaced hsessions vector of raw pointers into vector of smart pointers.

Signed-off-by: viizhyk <viizhyk@cisco.com>

Pull request #4419: latency, dce, stream_ip: fix max pegs incorrectly declared sum

Merge in SNORT/snort3 from ~ANOROKH/snort3:max_sum to master

Squashed commit of the following:

commit 92a7505f2c68f505dda1f23bbbfa7a46793900cc
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 18 15:23:26 2024 -0400

latency, dce, stream_ip: fix max pegs incorrectly declared sum

Pull request #4343: ftp: refactoring ftp_data

Merge in SNORT/snort3 from ~MSONEJA/snort3:ftps_malware to master

Squashed commit of the following:

commit 27655a50c70a8b28abd85876866a9e4176350f1d
Author: msoneja <msoneja@cisco.com>
Date: Thu Jul 4 05:35:07 2024 +0000

ftp_telnet: refactoring ftp-data

Pull request #4412: telnet: avoid flush when cr or lf is between commands

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:telnet_cr_fix to master

Squashed commit of the following:

commit c7c9dbff527ab392d276e6deae89b542b5ca13a4
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Aug 6 02:41:17 2024 -0400

telnet: avoid flush when cr or lf is between commands

Pull request #4418: build: generate and tag 3.3.3.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.3.0 to master

Squashed commit of the following:

commit 8f9c6cc9c72e719f150cfeab8ea765c81864b756
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Aug 13 00:25:59 2024 -0400

build: generate and tag 3.3.3.0

Pull request #4407: daq: add outstanding packets counter

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_counter to master

Squashed commit of the following:

commit cf04baa02339a76fdf0f234255815f1a4349bbd7
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Aug 2 05:36:13 2024 -0400

daq: add outstanding packets counter

Pull request #4416: stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet

Merge in SNORT/snort3 from ~JALIIMRA/snort3:meta_ack_ports_master to master

Squashed commit of the following:

commit c707c9e73334859b9603e8d58611a087a7022a6e
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Aug 6 11:13:41 2024 -0400

stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet

Pull request #4377: src: resolve various warnings

Merge in SNORT/snort3 from ~YVELYKOZ/snort3:thresholds_upd to master

Squashed commit of the following:

commit 6afa4c2bf6b546377f049574704faaa7b10167aa
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 4 17:35:06 2024 +0300

src: resolve various warnings

Pull request #4362: http_inspect: log normalized URI in extra data

Merge in SNORT/snort3 from ~ADMAMOLE/snort3:uri_fix to master

Squashed commit of the following:

commit a174a87c6815c3735a46322196c670513624aa25
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Jun 24 15:55:41 2024 -0400

http_inspect: log normalized URI in extra data

Pull request #4408: control: cleanup code

Merge in SNORT/snort3 from ~OSTEPANO/snort3:cleanup_control to master

Squashed commit of the following:

commit dcccfa9baccc02c0efa32e7592834457d6e9f1a1
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Aug 2 06:28:22 2024 -0400

control: Code cleanup

Pull request #4413: filters: update dev_notes.txt with details for event_filter

Merge in SNORT/snort3 from ~YVELYKOZ/snort3:doc_upd to master

Squashed commit of the following:

commit 3ee7d1f343c0cf487ed51b7fb10ef1d9d32d36d1
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Aug 6 11:47:52 2024 +0300

filters: update dev_notes.txt with details for event_filter

Pull request #4383: file: removing unused variable in FileFlows destructor

Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master

Squashed commit of the following:

commit 57316a4dcf33c789cd0cf5161b1bba98bb3e0c5a
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Tue Jul 9 09:42:52 2024 +0530

file: remove unused variable in FileFlows destructor

Pull request #4365: extractor: add flow id

Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_flow_id to master

Squashed commit of the following:

commit 295a374f5a2616be85946d029150f3e9faf04447
Author: anorokh <anorokh@cisco.com>
Date:   Fri Jun 14 12:01:28 2024 +0300

    extractor: add flow hash key

      * updated conf parsing logic
      * updated Error messages

Pull request #4395: ips_options: separate main thread pcre counts from packet threads stats

Merge in SNORT/snort3 from ~ADMAMOLE/snort3:tsan_fix2 to master

Squashed commit of the following:

commit 6d5844717ca216945fb0d4983a0dc8611ef768a1
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Jul 25 10:43:31 2024 -0400

ips_options: separate main thread pcre counts from packet threads stats

Pull request #4406: flow: optimize timeout handling for different packet type

Merge in SNORT/snort3 from ~RSHAFIQ/snort3:flow_timeout to master

Squashed commit of the following:

commit 2fa8150d352ccb02e0039c19be722147957f8a74
Author: rshafiq <rshafiq@cisco.com>
Date: Tue Jul 30 19:48:11 2024 -0400

flow: optimize timeout handling for different packet type

Pull request #4405: control: handle control commands after packet treads are fully initialised

Merge in SNORT/snort3 from ~OSTEPANO/snort3:main_socket_control to master

Squashed commit of the following:

commit 9c08c5d51d32c030eea66946b6e7999a2b9f8d3f
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jul 31 07:16:04 2024 -0400

control: handle control commands after packet treads are fully initialised

Pull request #4294: file_api: set max file depth as part of snort configuration

Merge in SNORT/snort3 from ~UMUNNIKR/snort3:file_race_condition_fix to master

Squashed commit of the following:

commit 181b94d110f4736315a41c66d9979947d46022d1
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Thu Feb 15 09:48:35 2024 +0530

file_api: max depth is set as part of initial config

Pull request #4384: memory: account memory for profiler only when packet thread is involved

Merge in SNORT/snort3 from ~AMUTTUVA/snort3:mp_seg to master

Squashed commit of the following:

commit 57c9c1a52f19347c0b8c85829dbf203e70c52476
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Jul 11 05:12:15 2024 -0400

memory: account memory for profiler only when packet thread is involved

Pull request #4401: http_inspect: add peg counts for gzip, known-not-supported, and unknown

Merge in SNORT/snort3 from ~JAIMEACA/snort3:US-750344-compression_pegs to master

Squashed commit of the following:

commit a02f4c8ea7dca6fca4fcc1495a0dc4bfdf642406
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Mon Jul 29 10:30:20 2024 -0400

http_inspect: add peg counts for gzip, known-not-supported, and unknown

Pull request #4403: build: generate and tag 3.3.2.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.2.0 to master

Squashed commit of the following:

commit db1e757989f585f87ad6ab401f3d4a02c1321599
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 29 22:07:12 2024 -0400

build: generate and tag 3.3.2.0

Pull request #4392: flow: clear deferred trust after the flow is trusted to stop repeated trusting

Merge in SNORT/snort3 from ~RDEMPSTE/snort3:insight_active to master

Squashed commit of the following:

commit ad008ef09d827ea88c8ab48a1b3607b633f32b17
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jul 19 16:51:57 2024 -0400

flow: clear deferred trust after the flow is trusted to stop repeated trusting

Pull request #4396: main: fix coverage for show snort cpu command

Merge in SNORT/snort3 from ~RISHACHO/snort3:cpu_usage_snort to master

Squashed commit of the following:

commit c8dcd376b5fe4a0e6a53eb31731badfe490885b8
Author: Rishabh Choudhary <rishacho@cisco.com>
Date:   Wed Jul 24 13:19:46 2024 +0530

    main: fix coverage
    Replace an impossible condition with assert statement.

Pull request #4397: Snort ML: fix verbose mode output for unlimited options

Merge in SNORT/snort3 from ~YCHALOV/snort3:snort_ml_verbose_fix to master

Squashed commit of the following:

commit 8f1f5f32107471457d4cfcbe73d1f88054bf953a
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Jul 24 16:52:52 2024 +0200

kaizen: fix verbose mode output for unlimited options

Pull request #4391: daq: added outstanding packets counter

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_pkts to master

Squashed commit of the following:

commit 8cbc87c985ef43311fcecfe6574f3655294362e6
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Wed Jul 17 19:44:23 2024 -0400

daq: added outstanding packets counter

Pull request #4240: stream_tcp: Refactor tcp overlap, segment list and reassembly classes to improve class structure and relationships

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:reassembly_rewrite_u2.0 to master

Squashed commit of the following:

commit 6e4456f7895584520a5e6bb2d3eae0458b33d516
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Thu Feb 22 11:44:08 2024 -0500

    stream_tcp: initial refactor to move alert functions to their own class

    stream_tcp: refactor to move tcp overlap processing out of reassembly class

    stream_tcp: merge TcpStreamSession into TcpSession

    stream_tcp: refactor segment nodes to implement reassembly cursor and
    eliminate tracking variables such as c_seq/c_len, etc. add helper functions
    to track state

    stream_tcp: improve variable and function names for overlap processing

    stream_tcp: refactor TcpReassembler into a virtual base class and subclasses for each mode: ignore, IPS and IDS

    stream: refactor paf logic into a c++ class

    stream_tcp: integrate and streamline setting of flush policy and splitter
                improve tracking of rcv_nxt state

    stream_tcp: delete lws_init, it was redundant with tcp_init; delete FIXITs that are no longer relevant
    stream_tcp: updates from PR review comments

Pull request #4386: doc: builtin rule documentation updates

Merge in SNORT/snort3 from ~JCANOGOM/snort3:doc_builtin_updates to master

Squashed commit of the following:

commit ce3cd8566952053e75d6a4b3481e8e43d72f5545
Author: Jose Cano <jcanogom@cisco.com>
Date: Mon Jul 15 17:14:16 2024 -0400

doc: builtin rule documentation updates

Pull request #4373: js_norm: address pdf tokenizer issues

Merge in SNORT/snort3 from ~ASERBENI/snort3:js_pdf_misses to master

Squashed commit of the following:

commit 44070c0661f54ab9fc8cfdd1bb79e887bd3d9ed3
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date:   Mon Jun 17 12:40:40 2024 +0300

    js_norm: address pdf tokenizer issues

    - implement support for missed types of indirect objects
    - allow stream length to be defined with a reference
    - improve array nesting checks

Pull request #4374: sip: fallback functionality for sip inspector

Merge in SNORT/snort3 from ~RISHACHO/snort3:sip_fallback to master

Squashed commit of the following:

commit 99297bb4fd415533b2eb3ca527a165c0f7124510
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Thu Jul 4 22:18:00 2024 +0530

sip: fallback functionality for sip inspector

Pull request #4389: flow: added compile-time option to disable tenant_id

Merge in SNORT/snort3 from ~RSHAFIQ/snort3:notid to master

Squashed commit of the following:

commit 59cd8c9d982ced2cc170b3928c5c2a70eee1c40a
Author: rshafiq <rshafiq@cisco.com>
Date: Mon Jul 1 14:08:38 2024 -0400

flow: added compile-time option to disable tenant_id

Pull request #4388: appid: fixing cppcheck warnings and cosmetic changes for appid cpu profiler

Merge in SNORT/snort3 from ~UMASHARM/snort3:fix_appid_cpu_profiling to master

Squashed commit of the following:

commit 308fce8ec5298d01be29061c8a83198267160aed
Author: Umang Sharma <umasharm@cisco.com>
Date:   Wed Jul 17 13:27:58 2024 -0400

    appid: removing trailing whitespaces

commit 83f46dc9249f9ca2a7ff0d84feb5fb14e11494ef
Author: Umang Sharma <umasharm@cisco.com>
Date:   Tue Jul 16 10:36:12 2024 -0400

    appid: fixing cpp warnings and cosmetic changes for appid cpu profiler

Pull request #4385: build: generate and tag 3.3.1.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.1.0 to master

Squashed commit of the following:

commit 5ff7dd644837a415b4b2abd67aab1666b3e2952e
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 15 14:06:27 2024 -0400

build: generate and tag 3.3.1.0

Pull request #4370: file: fixing file context reuse

Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master

Squashed commit of the following:

commit 3422d104dac341bf4c7036bd6f4b572c538c169b
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Fri Jun 28 03:12:47 2024 -0700

file: fixing file context reuse

Pull request #4376: detection: include OPT_TREE traces in release build

Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fix_traces to master

Squashed commit of the following:

commit ca98db474d16d2c4cfbdd0a1274bfaa82b20bb4e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jul 5 16:31:31 2024 +0300

detection: include OPT_TREE traces in release build

Pull request #4356: detection: update of fast pattern printing

Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fp_print_upd to master

Squashed commit of the following:

commit a1a3383f6a3b44f28bb9b7168e39c85700c8156e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date:   Tue Jun 18 15:17:36 2024 +0300

    detection: make print of fast pattern as a trace module

commit 544f928401ef43c87368026bec5f9e5d392d9b9f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date:   Tue Jun 18 15:19:04 2024 +0300

    detection: add opt_tree traces in release build

commit ec3b9dccd4cb721be8bcace7c699840680a8f193
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date:   Tue Jun 18 15:10:15 2024 +0300

    detection: print only fast_pattern part of pattern

Pull request #4347: extractor: add support for referrer, origin, trans_depth

Merge in SNORT/snort3 from ~MDAGON/snort3:fields to master

Squashed commit of the following:

commit ffe8836418d5ae42ccf17fd6c2a96893b8ff0709
Author: maya dagon <mdagon@cisco.com>
Date:   Thu Jun 6 13:11:10 2024 -0400

    extractor: support trans_depth, origin and referrer fields

commit 94b3c973e63f0c6e075b38f5d1d06cd152733c96
Author: maya dagon <mdagon@cisco.com>
Date:   Wed Jun 5 13:09:43 2024 -0400

    http_inspect: add origin header

commit 16ba900087769c5c5e9b587ed501dfdbdd294c90
Author: maya dagon <mdagon@cisco.com>
Date:   Fri May 31 14:43:41 2024 -0400

    extractor: support referrer field

Pull request #4364: parser: do not skip symbols while expanding variables

Merge in SNORT/snort3 from ~YCHALOV/snort3:expand_variable_fix to master

Squashed commit of the following:

commit 6950e149cd99270d4a9c467aa102beb3944b257e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Jun 24 13:03:29 2024 +0200

parser: do not skip symbols while expanding variables

Pull request #4363: flow: handle significant groups with unknown group value as non-group flow keys

Merge in SNORT/snort3 from ~RDEMPSTE/snort3:expected_unknown to master

Squashed commit of the following:

commit f2ff9af2a7393939742716c535411448fd557c27
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Tue May 21 17:09:24 2024 -0400

    flow: clear flow stash when freeing the flow data

commit c4282b8aa7ba3743b4413e2bbe6dc94959fb8e49
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Tue Jun 25 11:28:27 2024 -0400

    flow: handle significant groups with unknown group value as non-group flow keys

Pull request #4360: stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState

Merge in SNORT/snort3 from ~JALIIMRA/snort3:prev_norm_tsan to master

Squashed commit of the following:

commit ce50d84da43185c12a65649e3e559d54b3c95b07
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri Jun 21 12:46:55 2024 -0400

stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState

Pull request #4138: appid: restructure the appid code to make it easier to follow and maintain

Merge in SNORT/snort3 from ~RDEMPSTE/snort3:appid to master

Squashed commit of the following:

commit 1195b37a59928477641dc2efbf606eb2eaca857b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Sep 19 10:42:40 2023 -0400

appid: restructure the appid code to make it easier to follow and maintain

Pull request #4353: appid: updating appid cpu profiler cli for ims

Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_cli to master

Squashed commit of the following:

commit 6ffb9e1039fff58491e408cf2513e40a98143ec8
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Jun 14 15:00:43 2024 -0400

appid: updating appid cpu profiler cli for ims

Pull request #4320: dce_rpc: correct the session counters post the upgrade to smb v2 from v1

Merge in SNORT/snort3 from ~UMUNNIKR/snort3:smb_session_cnt_fix to master

Squashed commit of the following:

commit c60b9aa485041567f3094223c9e21c1bdbd10068
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Fri May 10 12:20:38 2024 +0530

dce_rpc: correct the session counters post the upgrade to smb v2 from v1

Pull request #4352: stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.

Merge in SNORT/snort3 from ~DAVMCPHE/snort3:meta_ack_daq_msg_init to master

Squashed commit of the following:

commit 63151959aaf66c274d277bd394b735f47007837e
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Jun 17 13:34:49 2024 -0400

stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.

Pull request #4344: stream_tcp: add CDB for stream_tcp

Merge in SNORT/snort3 from ~AKAYAMBU/snort3:cbd_stream_tcp to master

Squashed commit of the following:

commit 42be43a84ccd4c71eb690ea10d691f5c113d8e66
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Jun 7 03:43:30 2024 -0400

stream_tcp: support tracing without compilation flags

Pull request #4298: flow: introducing new parameters for ip flow profiling

Merge in SNORT/snort3 from ~RIDUGGAL/snort3:ip_attributes to master

Squashed commit of the following:

commit 39655047db64c6ccbe46145df1f985a88a982715
Author: riduggal <riduggal@cisco.com>
Date: Wed Apr 24 11:26:16 2024 +0000

perf_monitor: introducing new parameters for ip flow profiling

Pull request #4334: Mms curse expansion

Merge in SNORT/snort3 from ~JRITTLE/snort3:mms_curse_expansion to master

Squashed commit of the following:

commit e5e80b73e05b19ecc9ef0b4b954f4504c70de766
Author: Jared Rittle <>
Date: Tue May 28 14:24:39 2024 -0400

wizard: expand MMS curse

Pull request #4355: build: generate and tag 3.3.0.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.0.0 to master

Squashed commit of the following:

commit b23a5cbbf598ec1d039383b223423cea10dfe4fb
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Jun 19 09:53:23 2024 -0400

build: generate and tag 3.3.0.0

Pull request #4342: Sub-selected buffer and fast-pattern options

Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fp_sub_buffer to master

Squashed commit of the following:

commit 212506d4e8f65f62cf042585af0e89f8fcbdda4f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Jun 4 22:05:51 2024 +0300

    build: bump version to 3.2.0

    IPS option API has changed.

commit 0a1a7e16acc3117f46b3aba467fe552b4de9f256
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Jun 4 17:38:49 2024 +0300

    http_inspect: set CAT_SET_SUB_SECTION for buffer with a sub-selector configured

commit a036904c1751e21dcd8c75553e4e5e9978b553c8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Jun 4 17:34:29 2024 +0300

    framework: add new Cursor Action Type

    Buffer-setter IPS option can be of sub-section type, picking just a part of
    the targeted IPS buffer. Such buffer setter cannot make a fast-pattern-only option.