]>
git.ipfire.org Git - thirdparty/snort3.git/log
Pull request #4430: Unwind arm fix
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:unwind_arm_fix to master
Squashed commit of the following:
commit
b1e48c94f8eae4d6b92da78d1c4164830501c272
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Aug 28 19:38:14 2024 +0300
process: skip vDSO frame on aarch64
skip vDSO frame on aarch64,
continue unwinding past unw_get_proc_info failure
Shijin Bose (shibose) [Thu, 12 Sep 2024 13:51:34 +0000 (13:51 +0000)]
Pull request #4417: ssh: added abort session in streamsplitter
Merge in SNORT/snort3 from ~SHIBOSE/snort3:ssh_fallback to master
Squashed commit of the following:
commit
c5a27bacf94fff0db24793b62ffa22ee6587ff42
Author: shibose <shibose@cisco.com>
Date: Thu Aug 8 05:37:06 2024 +0000
ssh: added abort session in streamsplitter
Akhilesh MY (amuttuva) [Wed, 11 Sep 2024 12:39:34 +0000 (12:39 +0000)]
Pull request #4435: memory: add shell commands for jemalloc heap profiling
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:jemalloc_cli to master
Squashed commit of the following:
commit
6a36e76117b05b637cebb0d17997627f9e045d6e
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 5 10:47:53 2024 -0400
memory: add shell commands for jemalloc heap profiling
Pull request #4429: stream: fix to dump all flows
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:dump_all_flows to master
Squashed commit of the following:
commit
5bdf40420c947eeb8490cab14a0632feded8905c
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Tue Aug 20 12:21:14 2024 -0400
stream: fix to dump all flows
Rishabh Choudhary (rishacho) [Tue, 10 Sep 2024 07:22:07 +0000 (07:22 +0000)]
Pull request #4427: appid: dns sinkhole support for edns
Merge in SNORT/snort3 from ~RISHACHO/snort3:dns_sinkhole to master
Squashed commit of the following:
commit
a63ed896fa9b21e1267b9c397c2104d7111c40e3
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Tue Aug 27 00:28:11 2024 +0530
appid: dns sinkhole support for edns
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Sep 2024 19:28:02 +0000 (19:28 +0000)]
Pull request #4436: build: generate and tag 3.3.6.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.6.0 to master
Squashed commit of the following:
commit
dee67015a58f06f9ea056830a3d6b8844746c9d9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 13:04:42 2024 -0400
build: generate and tag 3.3.6.0
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Sep 2024 16:21:18 +0000 (16:21 +0000)]
Pull request #4434: build: generate and tag 3.3.5.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.5.0 to master
Squashed commit of the following:
commit
3757dff650b549cfa5dfd001eb027890635d7139
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 09:16:32 2024 -0400
build: generate and tag 3.3.5.0
Steven Baigal (sbaigal) [Wed, 4 Sep 2024 14:12:42 +0000 (14:12 +0000)]
Pull request #4426: packet_tracer: add tcp window size, options and meta-ack info
Merge in SNORT/snort3 from ~SBAIGAL/snort3:meta-ack-win to master
Squashed commit of the following:
commit
7a336ceee9838076d706ba55a30d1135b2012b8a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Aug 23 14:12:22 2024 -0400
packet_tracer: add tcp window size, options and meta-ack info
Pull request #4431: JSON formatting for data logging
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_json to master
Squashed commit of the following:
commit
2bd2c95c4d5ab3b10dc1600f79e77e0c5fe2ab9e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Sep 4 09:56:08 2024 +0300
extractor: mention a field in initialization list
Despite that initialization order is defined by class fields only,
an explicit initializer in the list will add cross-validation.
commit
7eeaf9b8814aab9331a0e6d507c7e356ee8a9582
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 3 13:50:18 2024 +0300
extractor: add unit tests for enum types
commit
08928ef3bddf3f61878fe2a936d6be96f2a410e1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 3 10:49:41 2024 +0300
extractor: remove unused headers
commit
4a6f42fd87d00ce27d5b8b27add094921c85fd5e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 12:13:52 2024 +0300
extractor: add json logger
commit
b783608bc41247bd3d45e8acedfc87c5dea445c2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 12:00:25 2024 +0300
extractor: fix local variable
Declare a local variable to be static to not interfere at linking stage.
commit
077f8133e94079ec86ee5e053b96f2b45afa71de
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 11:55:23 2024 +0300
extractor: take a note of FIXIT-P in key points
commit
08ed77f484fa19a4cd384af4ee62565a5ea81976
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 11:47:49 2024 +0300
extractor: add field name to logging function
Field order is not preset for all formattings.
Thus, a caller must pass a field name for proper logging.
commit
7a81360468ffe1431c4f93d384b295f659c7b93e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Aug 27 15:21:38 2024 +0300
extractor: fix guard-macro names
Bhumika Sachdeva (bsachdev) [Fri, 30 Aug 2024 19:40:10 +0000 (19:40 +0000)]
Pull request #4424: appid: logs added around third party reload
Merge in SNORT/snort3 from ~BSACHDEV/snort3:tp_fix_logs to master
Squashed commit of the following:
commit
b113ad653effd50f9021dbb62371be1f457b2176
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Aug 13 16:32:29 2024 -0400
appid: added new logs for reload third party
Pull request #4422: file_api: filename for file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:filename_for_file_processing to master
Squashed commit of the following:
commit
c25848c0fca7d9d7f33fece004314ad88a3c8e8d
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 26 15:13:52 2024 -0400
file_api: set file name for file processing
Adrian Mamolea (admamole) [Wed, 28 Aug 2024 18:19:09 +0000 (18:19 +0000)]
Pull request #4423: http_inspect: when cutting chunks check for MAX_OCTETS too
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:max_octets to master
Squashed commit of the following:
commit
310c5907c602cc5d46f24ddfb711d0033cd50c3e
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Aug 19 14:54:13 2024 -0400
http_inspect: when cutting chunks check for MAX_OCTETS too
Priyanka Bangalore Gurudev (prbg) [Tue, 27 Aug 2024 16:21:59 +0000 (16:21 +0000)]
Pull request #4428: build: generate and tag 3.3.4.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.4.0 to master
Squashed commit of the following:
commit
745fb3e8c31cac674067037f4644198def469e50
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Aug 26 23:17:35 2024 -0400
build: generate and tag 3.3.4.0
Pull request #4369: appid: Notify binder on service change
Merge in SNORT/snort3 from ~OSTEPANO/snort3:appid_binder to master
Squashed commit of the following:
commit
b95ee6c0632260fe1a295f7eba7b90ae7be4424d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Jul 1 09:00:35 2024 -0400
appid: Notify binder on service change
Pull request #4394: AppId: CSCwk30965: AppIdSessionData causes snort3 to crash.
Merge in SNORT/snort3 from ~VIIZHYK/snort3:viizhyk_CSCwk30965_master to master
Squashed commit of the following:
commit
ce4124066c911c5cbc48f16f2393b7edafe857fa
Author: viizhyk <viizhyk@cisco.com>
Date: Mon Jul 22 19:37:51 2024 -0400
Replaced hsessions vector of raw pointers into vector of smart pointers.
Signed-off-by: viizhyk <viizhyk@cisco.com>
Pull request #4419: latency, dce, stream_ip: fix max pegs incorrectly declared sum
Merge in SNORT/snort3 from ~ANOROKH/snort3:max_sum to master
Squashed commit of the following:
commit
92a7505f2c68f505dda1f23bbbfa7a46793900cc
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 18 15:23:26 2024 -0400
latency, dce, stream_ip: fix max pegs incorrectly declared sum
Manav Soneja (msoneja) [Wed, 14 Aug 2024 13:22:20 +0000 (13:22 +0000)]
Pull request #4343: ftp: refactoring ftp_data
Merge in SNORT/snort3 from ~MSONEJA/snort3:ftps_malware to master
Squashed commit of the following:
commit
27655a50c70a8b28abd85876866a9e4176350f1d
Author: msoneja <msoneja@cisco.com>
Date: Thu Jul 4 05:35:07 2024 +0000
ftp_telnet: refactoring ftp-data
Akhilesh MY (amuttuva) [Tue, 13 Aug 2024 16:42:44 +0000 (16:42 +0000)]
Pull request #4412: telnet: avoid flush when cr or lf is between commands
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:telnet_cr_fix to master
Squashed commit of the following:
commit
c7c9dbff527ab392d276e6deae89b542b5ca13a4
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Aug 6 02:41:17 2024 -0400
telnet: avoid flush when cr or lf is between commands
Priyanka Bangalore Gurudev (prbg) [Tue, 13 Aug 2024 16:19:14 +0000 (16:19 +0000)]
Pull request #4418: build: generate and tag 3.3.3.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.3.0 to master
Squashed commit of the following:
commit
8f9c6cc9c72e719f150cfeab8ea765c81864b756
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Aug 13 00:25:59 2024 -0400
build: generate and tag 3.3.3.0
Pull request #4407: daq: add outstanding packets counter
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_counter to master
Squashed commit of the following:
commit
cf04baa02339a76fdf0f234255815f1a4349bbd7
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Aug 2 05:36:13 2024 -0400
daq: add outstanding packets counter
Juweria Ali Imran (jaliimra) [Mon, 12 Aug 2024 17:49:33 +0000 (17:49 +0000)]
Pull request #4416: stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet
Merge in SNORT/snort3 from ~JALIIMRA/snort3:meta_ack_ports_master to master
Squashed commit of the following:
commit
c707c9e73334859b9603e8d58611a087a7022a6e
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Aug 6 11:13:41 2024 -0400
stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet
Pull request #4377: src: resolve various warnings
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:thresholds_upd to master
Squashed commit of the following:
commit
6afa4c2bf6b546377f049574704faaa7b10167aa
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 4 17:35:06 2024 +0300
src: resolve various warnings
Adrian Mamolea (admamole) [Fri, 9 Aug 2024 07:21:32 +0000 (07:21 +0000)]
Pull request #4362: http_inspect: log normalized URI in extra data
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:uri_fix to master
Squashed commit of the following:
commit
a174a87c6815c3735a46322196c670513624aa25
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Jun 24 15:55:41 2024 -0400
http_inspect: log normalized URI in extra data
Pull request #4408: control: cleanup code
Merge in SNORT/snort3 from ~OSTEPANO/snort3:cleanup_control to master
Squashed commit of the following:
commit
dcccfa9baccc02c0efa32e7592834457d6e9f1a1
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Aug 2 06:28:22 2024 -0400
control: Code cleanup
Pull request #4413: filters: update dev_notes.txt with details for event_filter
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:doc_upd to master
Squashed commit of the following:
commit
3ee7d1f343c0cf487ed51b7fb10ef1d9d32d36d1
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Aug 6 11:47:52 2024 +0300
filters: update dev_notes.txt with details for event_filter
Ashik Thomas (ashiktho) [Tue, 6 Aug 2024 09:38:32 +0000 (09:38 +0000)]
Pull request #4383: file: removing unused variable in FileFlows destructor
Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master
Squashed commit of the following:
commit
57316a4dcf33c789cd0cf5161b1bba98bb3e0c5a
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Tue Jul 9 09:42:52 2024 +0530
file: remove unused variable in FileFlows destructor
Pull request #4365: extractor: add flow id
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_flow_id to master
Squashed commit of the following:
commit
295a374f5a2616be85946d029150f3e9faf04447
Author: anorokh <anorokh@cisco.com>
Date: Fri Jun 14 12:01:28 2024 +0300
extractor: add flow hash key
* updated conf parsing logic
* updated Error messages
Adrian Mamolea (admamole) [Mon, 5 Aug 2024 15:58:43 +0000 (15:58 +0000)]
Pull request #4395: ips_options: separate main thread pcre counts from packet threads stats
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:tsan_fix2 to master
Squashed commit of the following:
commit
6d5844717ca216945fb0d4983a0dc8611ef768a1
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Jul 25 10:43:31 2024 -0400
ips_options: separate main thread pcre counts from packet threads stats
Raza Shafiq (rshafiq) [Thu, 1 Aug 2024 19:54:41 +0000 (19:54 +0000)]
Pull request #4406: flow: optimize timeout handling for different packet type
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:flow_timeout to master
Squashed commit of the following:
commit
2fa8150d352ccb02e0039c19be722147957f8a74
Author: rshafiq <rshafiq@cisco.com>
Date: Tue Jul 30 19:48:11 2024 -0400
flow: optimize timeout handling for different packet type
Pull request #4405: control: handle control commands after packet treads are fully initialised
Merge in SNORT/snort3 from ~OSTEPANO/snort3:main_socket_control to master
Squashed commit of the following:
commit
9c08c5d51d32c030eea66946b6e7999a2b9f8d3f
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jul 31 07:16:04 2024 -0400
control: handle control commands after packet treads are fully initialised
Unnikrishnan M (umunnikr) [Thu, 1 Aug 2024 17:45:23 +0000 (17:45 +0000)]
Pull request #4294: file_api: set max file depth as part of snort configuration
Merge in SNORT/snort3 from ~UMUNNIKR/snort3:file_race_condition_fix to master
Squashed commit of the following:
commit
181b94d110f4736315a41c66d9979947d46022d1
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Thu Feb 15 09:48:35 2024 +0530
file_api: max depth is set as part of initial config
Akhilesh MY (amuttuva) [Wed, 31 Jul 2024 09:36:32 +0000 (09:36 +0000)]
Pull request #4384: memory: account memory for profiler only when packet thread is involved
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:mp_seg to master
Squashed commit of the following:
commit
57c9c1a52f19347c0b8c85829dbf203e70c52476
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Jul 11 05:12:15 2024 -0400
memory: account memory for profiler only when packet thread is involved
Pull request #4401: http_inspect: add peg counts for gzip, known-not-supported, and unknown
Merge in SNORT/snort3 from ~JAIMEACA/snort3:US-750344-compression_pegs to master
Squashed commit of the following:
commit
a02f4c8ea7dca6fca4fcc1495a0dc4bfdf642406
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Mon Jul 29 10:30:20 2024 -0400
http_inspect: add peg counts for gzip, known-not-supported, and unknown
Priyanka Bangalore Gurudev (prbg) [Tue, 30 Jul 2024 15:07:29 +0000 (15:07 +0000)]
Pull request #4403: build: generate and tag 3.3.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.2.0 to master
Squashed commit of the following:
commit
db1e757989f585f87ad6ab401f3d4a02c1321599
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 29 22:07:12 2024 -0400
build: generate and tag 3.3.2.0
Ron Dempster (rdempste) [Mon, 29 Jul 2024 19:57:59 +0000 (19:57 +0000)]
Pull request #4392: flow: clear deferred trust after the flow is trusted to stop repeated trusting
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:insight_active to master
Squashed commit of the following:
commit
ad008ef09d827ea88c8ab48a1b3607b633f32b17
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jul 19 16:51:57 2024 -0400
flow: clear deferred trust after the flow is trusted to stop repeated trusting
Rishabh Choudhary (rishacho) [Mon, 29 Jul 2024 05:54:00 +0000 (05:54 +0000)]
Pull request #4396: main: fix coverage for show snort cpu command
Merge in SNORT/snort3 from ~RISHACHO/snort3:cpu_usage_snort to master
Squashed commit of the following:
commit
c8dcd376b5fe4a0e6a53eb31731badfe490885b8
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed Jul 24 13:19:46 2024 +0530
main: fix coverage
Replace an impossible condition with assert statement.
Pull request #4397: Snort ML: fix verbose mode output for unlimited options
Merge in SNORT/snort3 from ~YCHALOV/snort3:snort_ml_verbose_fix to master
Squashed commit of the following:
commit
8f1f5f32107471457d4cfcbe73d1f88054bf953a
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Jul 24 16:52:52 2024 +0200
kaizen: fix verbose mode output for unlimited options
Pull request #4391: daq: added outstanding packets counter
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_pkts to master
Squashed commit of the following:
commit
8cbc87c985ef43311fcecfe6574f3655294362e6
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Wed Jul 17 19:44:23 2024 -0400
daq: added outstanding packets counter
Pull request #4240: stream_tcp: Refactor tcp overlap, segment list and reassembly classes to improve class structure and relationships
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:reassembly_rewrite_u2.0 to master
Squashed commit of the following:
commit
6e4456f7895584520a5e6bb2d3eae0458b33d516
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Feb 22 11:44:08 2024 -0500
stream_tcp: initial refactor to move alert functions to their own class
stream_tcp: refactor to move tcp overlap processing out of reassembly class
stream_tcp: merge TcpStreamSession into TcpSession
stream_tcp: refactor segment nodes to implement reassembly cursor and
eliminate tracking variables such as c_seq/c_len, etc. add helper functions
to track state
stream_tcp: improve variable and function names for overlap processing
stream_tcp: refactor TcpReassembler into a virtual base class and subclasses for each mode: ignore, IPS and IDS
stream: refactor paf logic into a c++ class
stream_tcp: integrate and streamline setting of flush policy and splitter
improve tracking of rcv_nxt state
stream_tcp: delete lws_init, it was redundant with tcp_init; delete FIXITs that are no longer relevant
stream_tcp: updates from PR review comments
Jose Cano -X (jcanogom - SOFTSERVE INC at Cisco) [Mon, 22 Jul 2024 18:35:41 +0000 (18:35 +0000)]
Pull request #4386: doc: builtin rule documentation updates
Merge in SNORT/snort3 from ~JCANOGOM/snort3:doc_builtin_updates to master
Squashed commit of the following:
commit
ce3cd8566952053e75d6a4b3481e8e43d72f5545
Author: Jose Cano <jcanogom@cisco.com>
Date: Mon Jul 15 17:14:16 2024 -0400
doc: builtin rule documentation updates
Pull request #4373: js_norm: address pdf tokenizer issues
Merge in SNORT/snort3 from ~ASERBENI/snort3:js_pdf_misses to master
Squashed commit of the following:
commit
44070c0661f54ab9fc8cfdd1bb79e887bd3d9ed3
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jun 17 12:40:40 2024 +0300
js_norm: address pdf tokenizer issues
- implement support for missed types of indirect objects
- allow stream length to be defined with a reference
- improve array nesting checks
Rishabh Choudhary (rishacho) [Mon, 22 Jul 2024 05:15:21 +0000 (05:15 +0000)]
Pull request #4374: sip: fallback functionality for sip inspector
Merge in SNORT/snort3 from ~RISHACHO/snort3:sip_fallback to master
Squashed commit of the following:
commit
99297bb4fd415533b2eb3ca527a165c0f7124510
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Thu Jul 4 22:18:00 2024 +0530
sip: fallback functionality for sip inspector
Raza Shafiq (rshafiq) [Fri, 19 Jul 2024 20:12:00 +0000 (20:12 +0000)]
Pull request #4389: flow: added compile-time option to disable tenant_id
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:notid to master
Squashed commit of the following:
commit
59cd8c9d982ced2cc170b3928c5c2a70eee1c40a
Author: rshafiq <rshafiq@cisco.com>
Date: Mon Jul 1 14:08:38 2024 -0400
flow: added compile-time option to disable tenant_id
Umang Sharma (umasharm) [Thu, 18 Jul 2024 21:41:35 +0000 (21:41 +0000)]
Pull request #4388: appid: fixing cppcheck warnings and cosmetic changes for appid cpu profiler
Merge in SNORT/snort3 from ~UMASHARM/snort3:fix_appid_cpu_profiling to master
Squashed commit of the following:
commit
308fce8ec5298d01be29061c8a83198267160aed
Author: Umang Sharma <umasharm@cisco.com>
Date: Wed Jul 17 13:27:58 2024 -0400
appid: removing trailing whitespaces
commit
83f46dc9249f9ca2a7ff0d84feb5fb14e11494ef
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue Jul 16 10:36:12 2024 -0400
appid: fixing cpp warnings and cosmetic changes for appid cpu profiler
Priyanka Bangalore Gurudev (prbg) [Tue, 16 Jul 2024 16:28:59 +0000 (16:28 +0000)]
Pull request #4385: build: generate and tag 3.3.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.1.0 to master
Squashed commit of the following:
commit
5ff7dd644837a415b4b2abd67aab1666b3e2952e
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 15 14:06:27 2024 -0400
build: generate and tag 3.3.1.0
Ashik Thomas (ashiktho) [Mon, 8 Jul 2024 10:14:38 +0000 (10:14 +0000)]
Pull request #4370: file: fixing file context reuse
Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master
Squashed commit of the following:
commit
3422d104dac341bf4c7036bd6f4b572c538c169b
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Fri Jun 28 03:12:47 2024 -0700
file: fixing file context reuse
Pull request #4376: detection: include OPT_TREE traces in release build
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fix_traces to master
Squashed commit of the following:
commit
ca98db474d16d2c4cfbdd0a1274bfaa82b20bb4e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jul 5 16:31:31 2024 +0300
detection: include OPT_TREE traces in release build
Pull request #4356: detection: update of fast pattern printing
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fp_print_upd to master
Squashed commit of the following:
commit
a1a3383f6a3b44f28bb9b7168e39c85700c8156e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:17:36 2024 +0300
detection: make print of fast pattern as a trace module
commit
544f928401ef43c87368026bec5f9e5d392d9b9f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:19:04 2024 +0300
detection: add opt_tree traces in release build
commit
ec3b9dccd4cb721be8bcace7c699840680a8f193
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:10:15 2024 +0300
detection: print only fast_pattern part of pattern
Maya Dagon (mdagon) [Wed, 3 Jul 2024 11:54:49 +0000 (11:54 +0000)]
Pull request #4347: extractor: add support for referrer, origin, trans_depth
Merge in SNORT/snort3 from ~MDAGON/snort3:fields to master
Squashed commit of the following:
commit
ffe8836418d5ae42ccf17fd6c2a96893b8ff0709
Author: maya dagon <mdagon@cisco.com>
Date: Thu Jun 6 13:11:10 2024 -0400
extractor: support trans_depth, origin and referrer fields
commit
94b3c973e63f0c6e075b38f5d1d06cd152733c96
Author: maya dagon <mdagon@cisco.com>
Date: Wed Jun 5 13:09:43 2024 -0400
http_inspect: add origin header
commit
16ba900087769c5c5e9b587ed501dfdbdd294c90
Author: maya dagon <mdagon@cisco.com>
Date: Fri May 31 14:43:41 2024 -0400
extractor: support referrer field
Pull request #4364: parser: do not skip symbols while expanding variables
Merge in SNORT/snort3 from ~YCHALOV/snort3:expand_variable_fix to master
Squashed commit of the following:
commit
6950e149cd99270d4a9c467aa102beb3944b257e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Jun 24 13:03:29 2024 +0200
parser: do not skip symbols while expanding variables
Ron Dempster (rdempste) [Thu, 27 Jun 2024 17:57:10 +0000 (17:57 +0000)]
Pull request #4363: flow: handle significant groups with unknown group value as non-group flow keys
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:expected_unknown to master
Squashed commit of the following:
commit
f2ff9af2a7393939742716c535411448fd557c27
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue May 21 17:09:24 2024 -0400
flow: clear flow stash when freeing the flow data
commit
c4282b8aa7ba3743b4413e2bbe6dc94959fb8e49
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Jun 25 11:28:27 2024 -0400
flow: handle significant groups with unknown group value as non-group flow keys
Juweria Ali Imran (jaliimra) [Tue, 25 Jun 2024 14:52:57 +0000 (14:52 +0000)]
Pull request #4360: stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState
Merge in SNORT/snort3 from ~JALIIMRA/snort3:prev_norm_tsan to master
Squashed commit of the following:
commit
ce50d84da43185c12a65649e3e559d54b3c95b07
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri Jun 21 12:46:55 2024 -0400
stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState
Ron Dempster (rdempste) [Mon, 24 Jun 2024 16:26:37 +0000 (16:26 +0000)]
Pull request #4138: appid: restructure the appid code to make it easier to follow and maintain
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:appid to master
Squashed commit of the following:
commit
1195b37a59928477641dc2efbf606eb2eaca857b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Sep 19 10:42:40 2023 -0400
appid: restructure the appid code to make it easier to follow and maintain
Umang Sharma (umasharm) [Mon, 24 Jun 2024 13:12:41 +0000 (13:12 +0000)]
Pull request #4353: appid: updating appid cpu profiler cli for ims
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_cli to master
Squashed commit of the following:
commit
6ffb9e1039fff58491e408cf2513e40a98143ec8
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Jun 14 15:00:43 2024 -0400
appid: updating appid cpu profiler cli for ims
Unnikrishnan M (umunnikr) [Fri, 21 Jun 2024 06:07:29 +0000 (06:07 +0000)]
Pull request #4320: dce_rpc: correct the session counters post the upgrade to smb v2 from v1
Merge in SNORT/snort3 from ~UMUNNIKR/snort3:smb_session_cnt_fix to master
Squashed commit of the following:
commit
c60b9aa485041567f3094223c9e21c1bdbd10068
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Fri May 10 12:20:38 2024 +0530
dce_rpc: correct the session counters post the upgrade to smb v2 from v1
Pull request #4352: stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:meta_ack_daq_msg_init to master
Squashed commit of the following:
commit
63151959aaf66c274d277bd394b735f47007837e
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Jun 17 13:34:49 2024 -0400
stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.
Pull request #4344: stream_tcp: add CDB for stream_tcp
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:cbd_stream_tcp to master
Squashed commit of the following:
commit
42be43a84ccd4c71eb690ea10d691f5c113d8e66
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Jun 7 03:43:30 2024 -0400
stream_tcp: support tracing without compilation flags
Rishabh Duggal (riduggal) [Thu, 20 Jun 2024 13:02:25 +0000 (13:02 +0000)]
Pull request #4298: flow: introducing new parameters for ip flow profiling
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:ip_attributes to master
Squashed commit of the following:
commit
39655047db64c6ccbe46145df1f985a88a982715
Author: riduggal <riduggal@cisco.com>
Date: Wed Apr 24 11:26:16 2024 +0000
perf_monitor: introducing new parameters for ip flow profiling
Jared Rittle (jrittle) [Thu, 20 Jun 2024 07:25:50 +0000 (07:25 +0000)]
Pull request #4334: Mms curse expansion
Merge in SNORT/snort3 from ~JRITTLE/snort3:mms_curse_expansion to master
Squashed commit of the following:
commit
e5e80b73e05b19ecc9ef0b4b954f4504c70de766
Author: Jared Rittle <>
Date: Tue May 28 14:24:39 2024 -0400
wizard: expand MMS curse
Priyanka Bangalore Gurudev (prbg) [Wed, 19 Jun 2024 16:32:52 +0000 (16:32 +0000)]
Pull request #4355: build: generate and tag 3.3.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.0.0 to master
Squashed commit of the following:
commit
b23a5cbbf598ec1d039383b223423cea10dfe4fb
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Jun 19 09:53:23 2024 -0400
build: generate and tag 3.3.0.0
Pull request #4342: Sub-selected buffer and fast-pattern options
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fp_sub_buffer to master
Squashed commit of the following:
commit
212506d4e8f65f62cf042585af0e89f8fcbdda4f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 22:05:51 2024 +0300
build: bump version to 3.2.0
IPS option API has changed.
commit
0a1a7e16acc3117f46b3aba467fe552b4de9f256
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 17:38:49 2024 +0300
http_inspect: set CAT_SET_SUB_SECTION for buffer with a sub-selector configured
commit
a036904c1751e21dcd8c75553e4e5e9978b553c8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 17:34:29 2024 +0300
framework: add new Cursor Action Type
Buffer-setter IPS option can be of sub-section type, picking just a part of
the targeted IPS buffer. Such buffer setter cannot make a fast-pattern-only option.
Pull request #4351: Prerequisites for FlexLexer includes
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:jsn_flex_naming to master
Squashed commit of the following:
commit
307587f13d592061cfd1bc38f36ab2e9cf5ce73c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 17 15:11:42 2024 +0300
js_norm: fix prerequisites for FlexLexer includes
Pull request #4340: Codec: add new builtin rule
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:codec_update to master
Squashed commit of the following:
commit
ce756eadfbc480164894ec2a7873c3640b61df2d
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 31 19:02:44 2024 +0300
codecs: add handling of NDP types
Added handling for all NDP types of ICMPv6,
as well as added new builtin rule to cover invalid length.
Pull request #4317: extractor: add protocol logging for HTTP
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor to master
Squashed commit of the following:
commit
2139770ad6bffa4e27f5f1ec4ca76dfcd950588d
Author: Anna Norokh <anorokh@cisco.com>
Date: Fri Apr 5 13:46:28 2024 +0300
extractor: add protocol logging for HTTP
- added module and inspector implementation;
- added logger and writer implementation for csv output to stdout;
- added new pub/sub for end of transaction event;
Pull request #4345: utils: remove duplication of definition
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:compl_fix to master
Squashed commit of the following:
commit
fa8992e8308a8ba6c759ac1ed355285a300923a6
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jun 7 12:41:04 2024 +0300
utils: remove duplication of definition
Definition is moved to src/main/process.cc.
Thanks to xxxx81 for reporting the issue.
Umang Sharma (umasharm) [Fri, 7 Jun 2024 14:56:43 +0000 (14:56 +0000)]
Pull request #4339: appid: using different api for picking appids
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_api to master
Squashed commit of the following:
commit
023c07e878b7a4668b99fd464263e022166c2ce6
Author: Umang Sharma <umasharm@cisco.com>
Date: Mon Jun 3 21:52:58 2024 -0400
appid: using different api for picking appids for appid cpu profiler
Michael Matirko (mmatirko) [Thu, 6 Jun 2024 18:52:29 +0000 (18:52 +0000)]
Pull request #4338: stream_tcp: use default size atomsplitter on fallback
Merge in SNORT/snort3 from ~MMATIRKO/snort3:atom-size to master
Squashed commit of the following:
commit
de2b23a4b0b83f060aa8f92797a32bac0d688f84
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Apr 22 15:28:50 2024 -0400
stream_tcp: use default size atomsplitter on fallback
Umang Sharma (umasharm) [Thu, 6 Jun 2024 13:04:13 +0000 (13:04 +0000)]
Pull request #4336: appid: appid cpu profiler table rows limit and totals
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_limit_rows to master
Squashed commit of the following:
commit
cd9740e5236d8ab167df5693fd03650a5822d6d0
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu May 30 08:45:47 2024 -0400
appid: display rows limit of table and totals
Rishabh Choudhary (rishacho) [Tue, 4 Jun 2024 09:18:01 +0000 (09:18 +0000)]
Pull request #4331: main: add CLI command to show snort cpu percentage
Merge in SNORT/snort3 from ~RISHACHO/snort3:snort_cpu_usage to master
Squashed commit of the following:
commit
4c09c864dc8627b02231748978457c87920b86cb
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed May 8 23:07:25 2024 +0530
main: add CLI command to show snort cpu percentage
Kaushal Bhandankar (kbhandan) [Tue, 4 Jun 2024 06:39:40 +0000 (06:39 +0000)]
Pull request #4290: dns: Set Flow timeout after getting DNS response
Merge in SNORT/snort3 from ~KBHANDAN/snort3:dns_flow_timeout to master
Squashed commit of the following:
commit
4cd584cdb71f0271d1eabbfade1b38dd8e0f6ac1
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Wed Apr 17 13:58:01 2024 +0530
dns: Set Flow timeout after getting DNS response
Priyanka Bangalore Gurudev (prbg) [Mon, 3 Jun 2024 20:06:04 +0000 (20:06 +0000)]
Pull request #4337: build: generate and tag 3.2.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.2.0 to master
Squashed commit of the following:
commit
c3d9f95dccdf26bb944b1a706186c7369d31f9c7
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jun 3 00:07:05 2024 -0400
build: generate and tag 3.2.2.0
Pull request #4333: Fix dev_notes formatting.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:doc_fixes to master
Squashed commit of the following:
commit
97b7f88a711b55a47ead3f31d4e6aede19b5d95a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 30 13:15:40 2024 +0300
doc: fix formatting in dev_notes.txt
Formatting updated for: dump_config, wizard, trace.
Indention fixed for: perf_monior, http_inspect.
Juweria Ali Imran (jaliimra) [Thu, 30 May 2024 17:46:12 +0000 (17:46 +0000)]
Pull request #4332: stream_tcp: fix infinite recursion cases
Merge in SNORT/snort3 from ~JALIIMRA/snort3:infinite_recursion_patches to master
Squashed commit of the following:
commit
5bafae8c357ce098224ad39f7c7682acf1b04850
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 1 16:43:24 2024 -0400
stream_tcp: fix infinite recursion cases
Umang Sharma (umasharm) [Wed, 29 May 2024 21:46:12 +0000 (21:46 +0000)]
Pull request #4325: appid : appid cpu profiler max columns
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_columns to master
Squashed commit of the following:
commit
27ccc30ed307c0e152794f8d6b3799b2db4ebada
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri May 24 16:51:14 2024 -0400
appid: appid cpu profiler max columns
Pull request #4319: appid: Store and retrieve only SNI in AppIdSession
Merge in SNORT/snort3 from ~OSTEPANO/snort3:tls_sni_event to master
Squashed commit of the following:
commit
6a591a048bc22e8d5fa99d6876613443dabf8352
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri May 3 11:01:52 2024 -0400
appid: Store and retrieve only SNI in AppIdSession
Steven Baigal (sbaigal) [Tue, 28 May 2024 18:13:02 +0000 (18:13 +0000)]
Pull request #4276: packet_capture: make sure packet_capture executed before detection
Merge in SNORT/snort3 from ~SBAIGAL/snort3:capture_first to master
Squashed commit of the following:
commit
641e67652632a504ea81c3b7828dd5486df81251
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Apr 5 11:26:37 2024 -0400
packet_capture: make sure packet_capture executed before detection
Pull request #4327: src: udpate to resolve new issues
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:issue_testing to master
Squashed commit of the following:
commit
43607a31ae832f04c0bbb817a4c02521ee251cf0
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon May 27 17:51:24 2024 +0300
utils: add explicit include
commit
01345fc769b93113fcd8b3e601f6aa0dc0d4190c
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon May 27 17:10:09 2024 +0300
src: remove repetitive words
Thanks @gopherorg for finding those typos
commit
18f85f347bf58f774da72063bf7bd07588e80d50
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 17 15:55:00 2024 +0300
src: udpate to resolve new issues
Kumar swamy Nagabhushana (kumhn) [Mon, 27 May 2024 06:03:25 +0000 (06:03 +0000)]
Pull request #4322: dce_smb: Do not prune from LRU cache during file tracker update
Merge in SNORT/snort3 from ~KUMHN/snort3:automation_crash to master
Squashed commit of the following:
commit
858982dde3b99249dac7191f21d08a713fbaa350
Author: kumhn <kumhn@cisco.com>
Date: Wed May 15 11:16:09 2024 +0530
dce_smb: Do not prune from LRU cache during file tracker update
Shijin Bose (shibose) [Sat, 25 May 2024 07:45:46 +0000 (07:45 +0000)]
Pull request #4307: SIP: flow clean-up based on lina configured timeout
Merge in SNORT/snort3 from ~SHIBOSE/snort3:sip_flow_clean_up to master
Squashed commit of the following:
commit
176d9a58cb20c48a968a66997df3375c73f6049a
Author: shibose <shibose@cisco.com>
Date: Tue Mar 26 13:05:17 2024 +0000
SIP: flow clean-up based on lina configured timeout
Umang Sharma (umasharm) [Fri, 24 May 2024 18:50:44 +0000 (18:50 +0000)]
Pull request #4318: appid: re-enabling appid cpu profiler and crash fix
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_fix to master
Squashed commit of the following:
commit
61e74d2982ec6495087652300c2afc33ff1a3945
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu May 9 08:39:00 2024 -0400
appid : re-enabling appid cpu profiler making it thread safe
Pull request #4304: js_norm: abort PDF norm on syntax failure
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:pdf_no_inf_tokens to master
Squashed commit of the following:
commit
abc86c1343f5f3b7ce2675b2742306e3c29289e9
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Apr 30 18:02:22 2024 +0300
js_norm: stop PDF processing on syntax error
Stop processing if buffer size is extended
to fit a token over 16k in length;
Abort further normalization after PDF
tokenizer failure;
Process last remaining JavaScript in
PDU up to normalization failure.
Juweria Ali Imran (jaliimra) [Thu, 23 May 2024 22:28:20 +0000 (22:28 +0000)]
Pull request #4330: stream_tcp: don't attempt to verify or process keep-alive probes with data
Merge in SNORT/snort3 from ~JALIIMRA/snort3:keep_alive to master
Squashed commit of the following:
commit
4282d9a3268fb8facfdb5cd20842980ee2fc6dd4
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 22 09:23:57 2024 -0400
stream_tcp: don't attempt to verify or process keep-alive probes with data
Cliff Judge (cljudge) [Wed, 22 May 2024 18:29:05 +0000 (18:29 +0000)]
Pull request #4244: appid: Updating file_magic.rules with some new file types added to the VDB.
Merge in SNORT/snort3 from ~CLJUDGE/snort3:snort3_sts_file_types to master
Squashed commit of the following:
commit
827cdb73b832c4788dc43657dde62e661dad3f59
Author: Cliff Judge <cljudge@cisco.com>
Date: Thu Mar 14 11:07:29 2024 -0400
appid: Updating file_magic.rules with some new file types added to the VDB.
Michael Matirko (mmatirko) [Tue, 21 May 2024 15:22:42 +0000 (15:22 +0000)]
Pull request #4328: flow: add the newly-created flow to p->flow to avoid segv
Merge in SNORT/snort3 from ~MMATIRKO/snort3:flowip_segv to master
Squashed commit of the following:
commit
a24e308afb9eaef51ccad16a2a269918fdf607c0
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed May 8 20:05:48 2024 -0400
flow: add the newly-created flow to p->flow to avoid segv
Pull request #4308: main: apply loaded configuration only once
Merge in SNORT/snort3 from ~YCHALOV/snort3:reload_config_fix to master
Squashed commit of the following:
commit
48cb1070b58345b33c2bdca7c3c20ea38164ad3e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Apr 24 23:17:02 2024 +0200
main: apply loaded configuration only once
Adrian Mamolea (admamole) [Mon, 20 May 2024 08:07:31 +0000 (08:07 +0000)]
Pull request #4286: service_inspectors: fix get_buf handling
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:get_buf_2 to master
Squashed commit of the following:
commit
e243f646716bfa8f66330a2a059983274cc59f82
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Apr 4 08:11:09 2024 -0400
service_inspectors: fix get_buf handling
Priyanka Bangalore Gurudev (prbg) [Fri, 17 May 2024 14:59:20 +0000 (14:59 +0000)]
Pull request #4326: build: generate and tag 3.2.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.1.0 to master
Squashed commit of the following:
commit
2ac0a91f635d06bfbc6f29e50a4a7fed1ec63feb
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu May 16 22:54:07 2024 -0400
build: generate and tag 3.2.1.0
Steve Chew (stechew) [Thu, 16 May 2024 17:38:03 +0000 (17:38 +0000)]
Pull request #4323: Os updates
Merge in SNORT/snort3 from ~STECHEW/snort3:os_updates to master
Squashed commit of the following:
commit
982c9d0057a1eaec7f4f484c24b8746981296d5a
Author: Steve Chew <stechew@cisco.com>
Date: Thu May 16 00:51:25 2024 -0400
main: updates for types used by Alpine.
Pull request #4324: Build fixes.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:platform_fixes to master
Squashed commit of the following:
commit
56f5a122452e06f4c19d36c7bdd002603a2c0b53
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 16 14:37:41 2024 +0300
framework: supply directories to system headers to plug_gen.sh
Some GCC verifies actual includes even in '-MM' mode.
commit
d401dacba1752ba0a85ef9c468b1116fc0a761fa
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 15 17:26:57 2024 +0300
memory: fix unit test
Provide a stub for non-regression-test build.
Priyanka Bangalore Gurudev (prbg) [Thu, 9 May 2024 02:50:02 +0000 (02:50 +0000)]
Pull request #4316: build: generate and tag 3.2.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.0.0 to master
Squashed commit of the following:
commit
b545ff8294b855bdd63a5b14303da3d56f9cb1bc
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed May 8 20:58:45 2024 -0400
build: generate and tag 3.2.0.0
Russ Combs (rucombs) [Wed, 8 May 2024 21:55:15 +0000 (21:55 +0000)]
Pull request #4263: Public enemy 1
Merge in SNORT/snort3 from ~RUCOMBS/snort3:public_enemy_1 to master
Squashed commit of the following:
commit
7f8f2135c33fd2de3495a8edcfd22b5f60de89fd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 8 14:22:49 2024 -0400
build: fix coverity warnings
commit
2c700829076b77e7d2773d102a2a62d4d3b531b1
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 8 13:42:06 2024 -0400
build: fix bogus cppcheck warnings
commit
eb7b28eea14ea6e8c5152945c6204cc37bad8196
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Apr 12 10:06:47 2024 -0400
framework: bump api version to 20
commit
c9a5baeeb2e3a7954b492179faac32b2696876ab
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Apr 8 13:37:48 2024 -0400
snort: remove deprecated features:
Config:
string binder[].when.zones: deprecated alias for groups
string binder[].when.src_zone: deprecated alias for src_groups
string binder[].when.dst_zone: deprecated alias for dst_groups
enum dce_smb.smb_file_inspection: deprecated (not used): file inspection controlled by smb_file_depth { 'off' | 'on' | 'only' }
int sip.max_requestName_len = 20: deprecated - use max_request_name_len instead { 0:65535 }
Builtins:
129:5 (stream_tcp) bad segment, adjusted size <= 0 (deprecated)
commit
641cad2638d6eb1bd0a57982d1354b829ee08147
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Apr 4 10:11:54 2024 -0400
pig_pen: use Module::usage directly
commit
0a6d7eccebac6e1d0d2b478094f31f296103371e
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Mar 19 10:21:58 2024 -0400
mpse: add modules for pegs and perf profiling; remove _search
commit
818d4709d70430595e73ee6301f35a376f5e8d78
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Mar 14 11:20:49 2024 -0400
framework: improve exported header comments
commit
a53c0249b7047c26328a5bbd14e0bc706df88214
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Mar 11 08:39:57 2024 -0400
plugins: add missing error messages when an so fails to load
commit
1c7fd7e717d06231565cff00a73e4a5937749638
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 6 10:44:29 2024 -0500
flow: move StreamFlowIntf to stream_flow.h
commit
b4f969f4072a45b12acd3a36808746414af707c0
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 6 09:03:10 2024 -0500
framework: generate preprocessor output for validation
commit
14e9886e9018a11a8f98ec95d88c127aed2e6f6e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Mar 4 09:56:53 2024 -0500
doc: add versioning information to the developer guide
commit
f1074aaa9c79b9e1a91616f9e0da533e872c8f2b
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Feb 28 08:46:20 2024 -0500
host_cache: do not install private header
commit
c8d50a4ba02f527efe6ca89e5ad07991c9bd18c9
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Feb 26 09:26:31 2024 -0500
api: refactor base API
commit
1c9fe59accaf77c84ba6a627be66072d02f0d87f
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Feb 15 12:08:06 2024 -0500
inspector: eval override is optional for passive inspectors
commit
48859035f007a5bcdc17b2e9be05da11742338d6
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Feb 13 16:22:08 2024 -0500
plugins: add warning for invalid plugin types
commit
ef2b94f2ba3a46efdd3455359bfeba51a4fcd87f
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jan 24 04:26:46 2024 -0500
plugins: bump base API and all plugin API version numbers
commit
4636922ef31cdf8544ee5a62bba313f9577bfd19
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 30 09:47:40 2023 -0500
detection: refactor headers
commit
b70ee339aa490d7562bab85418a4e2ab89ec6129
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Dec 12 12:37:39 2023 -0500
ips: tweak check for offload enable
commit
047ec75da346b7d1199ef9122147ad89921468da
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 27 14:56:29 2023 -0500
build: fix LTO ODR issues with anonymous namespaces
commit
eb975151c97018a8ede37115df312aa4ac29d66d
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 13 12:04:34 2023 -0500
inspector: use thread local slot for best perf on Linux
commit
0565783cbf6e2ffd65aeb0934040ec57464ce60a
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 8 14:29:34 2023 -0500
extract: move extract methods to detection/
commit
eaae3dc988df37c0312a218259ccdbb1d86a165d
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 7 11:36:20 2023 -0500
stats: change shutdown Mbits/sec from mebibits to megabits
commit
ade482affc30c629dac43626d21d92b0488cd4dc
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Oct 9 11:12:14 2023 -0400
appid: remove cruft left behind by
f49fbbef
commit
1d36b3fe208ffdee2dd997746f9b6b3c251d3305
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Oct 4 10:00:28 2023 -0400
tag: tweak enable toggle
commit
eebe7edb5f6947b81fc89604c1bf0261a0e070d1
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 26 14:09:23 2023 -0400
packet_tracer: eliminate SO_PUBLIC THREAD_LOCALs
commit
9ffcfdbebae661f6fc2c8c655996a9f37634cc26
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 5 11:43:26 2023 -0400
profiler: eliminate SO_PUBLIC THREAD_LOCALs for _WIN64
This degrades performance so it is done only for Windows where SO_PUBLIC
THREAD_LOCALs are not supported.
commit
eac23069203da078d6deab67e13bad052c8f6731
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 8 09:31:33 2023 -0400
style: remove trailing spaces
commit
2d6882a33443d50c5f66495a1b62bb75bf4b6bb6
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 20 14:45:16 2023 -0400
ssl: support dynamic build of inspector and ips options
commit
e3dcb79941b03815867bd439885850270f754616
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 19 16:16:24 2023 -0400
ips_options: fix dynamic build of some options
commit
6991df8ab3e4c8d0d07b23436fa06695c244ca17
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:50:57 2023 -0400
profiler: move implementation class to profiler_impl.h
commit
c67e74c070809c9eb9571c73637b40b71572ea62
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:50:16 2023 -0400
numa: do not install implementation (private) header
commit
ec030aa7b77ad940ea1056078555dee9499e2098
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:47:05 2023 -0400
reputation: move private defines out of installed header
commit
e3c5f4653fae5882d333dcbf12b796e3fc6f191c
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 14 09:55:34 2023 -0400
thread: move THREAD_LOCAL definition to snort_types.h
commit
2759519051f3972de590540f75c84b5ac1b5b3de
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 13 10:01:15 2023 -0400
utils: refactor out non-public code
commit
c3145c20f7ea175d046a0f676fa42533f679a469
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 12 14:29:14 2023 -0400
stats: stats.h is for internal use only, do not install
commit
92dbe63fb04b96264cf67feab80bd100370f99a2
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 12 11:47:08 2023 -0400
flow: split ExpectFlow into a separate header
commit
1366ef1571ae0cb9729ec75c3c8b81144f53c4eb
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 11 15:36:59 2023 -0400
src/: relocate packet_tracer, packet_constraints, and file_policy.
commit
7e3263c4db9f1b8dabf3c11014d124eff0a43ae9
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 11 12:44:57 2023 -0400
rna: refactor headers for better encapsulation
commit
39a74682069842d8777720a42be6592d0361aa53
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 8 13:47:01 2023 -0400
file: do not install internal headers
commit
7c532a3410df1a631fa3494360f06b4d3db008bf
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 8 10:50:01 2023 -0400
log: refactor out app implementation stuff into log_errors.h
commit
274d08bb2b2e6a8701d213d089d670345eb5d15f
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 7 15:07:56 2023 -0400
active, host_tracker, profiler, stats, stream: refactor installed headers to exclude implementation like counts and perf stats
commit
52915f8e0fc136fe52ce42570458e523beba36e9
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 6 14:44:07 2023 -0400
detection: refactor detection_util.*
Split detection_util.{h,cc} into detection_buf.h and event_trace.{h,cc}.
commit
76797daae3fcb788c7aa7e2c53a25456916c0522
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 6 11:38:36 2023 -0400
helpers/, utils/: reorganize to meet original intent
helpers/: C++ utility classes
utils/: C-style functions and defines
commit
d648be932b8d4c10cc144c5a597c3c9aab157e96
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 30 11:59:53 2023 -0400
codecs: PacketManager::max_layers is not THREAD_LOCAL
commit
4826653a3bce0fc4043ab0cd4d2e933eae718b06
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 30 11:30:31 2023 -0400
inspectors: remove redundant slot variable
commit
a08cc0edab6893917e3c6d1b2629d5a775ce4086
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 29 15:39:50 2023 -0400
build: eliminate SO_PUBLIC THREAD_LOCALs
commit
4dd23f34df05dfbd40f23016fbd57185079256ed
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 28 13:57:31 2023 -0400
event_filter, suppress: keep antiquated dynamic array support private (use std::vector instead)
commit
8f65203a02be32128af0be21590b7d69b979889e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 28 12:15:21 2023 -0400
stream: delete obsolete / unused methods
commit
bd5770d0faa26e785180278879105ea05bdee44b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 25 15:07:15 2023 -0400
tcp: move SEQ_* macros to tcp header
commit
511797508566d0d7c5da7c13afbedda531cdd49b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 25 13:22:13 2023 -0400
style: miscellaneous cleanup
... and 18 more commits
Pull request #4275: SSE: ips content update
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:sse_content_latest to master
Squashed commit of the following:
commit
d5b93ee0683a3bcebd606fc8b3a9bb10b9de5948
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 3 17:05:38 2024 +0300
framework: bump API version
commit
8633039465df577b358687a840f208a29ec15376
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Apr 9 16:19:29 2024 +0300
detection: introduce re-evaluation of ips content in next packet
Maya Dagon (mdagon) [Wed, 8 May 2024 03:39:20 +0000 (03:39 +0000)]
Pull request #4239: Handle gracefully decode error cases
Merge in SNORT/snort3 from ~MDAGON/snort3:defensive to master
Squashed commit of the following:
commit
963134b2cf090fe6bb8811dfdebe5aa590878ffa
Author: maya dagon <mdagon@cisco.com>
Date: Wed May 1 11:00:55 2024 -0400
framework: api version bump
commit
fdbfa6df53a6ad24aa4f25ebcd1a379c7ef320b0
Author: maya dagon <mdagon@cisco.com>
Date: Thu Apr 4 08:35:42 2024 -0400
framework: expand decode flags
commit
7da61b14fdf0114059f7e1a2a9a3a066afdd91b8
Author: PRATEEK MOHAN PRABHU -X (pratepra - XORIANT CORPORATION at Cisco) <pratepra@cisco.com>
Date: Tue Jan 16 16:32:22 2024 +0530
protocols: defensive fix for malformed packets, discard log
Pull request #4201: actions: Add action counters and aggregate them under ips_actions.
Merge in SNORT/snort3 from ~VTRON/snort3:action_counter_logs to master
Squashed commit of the following:
commit
0430f3a6f7250523fdb8029ed1a195a813736de5
Author: Steve Chew <stechew@cisco.com>
Date: Wed Jan 31 13:03:00 2024 -0500
actions: Add action counters and aggregate them under ips_actions.
Priyanka Bangalore Gurudev (prbg) [Wed, 8 May 2024 01:32:13 +0000 (01:32 +0000)]
Pull request #4309: build: generate and tag 3.1.85.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.85.0 to master
Squashed commit of the following:
commit
ab0da173702879f47dacb75432271916a5fb7468
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon May 6 22:52:42 2024 -0400
build: generate and tag 3.1.85.0
Umang Sharma (umasharm) [Wed, 8 May 2024 01:29:42 +0000 (01:29 +0000)]
Pull request #4313: appid : disable appid cpu profiler
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_cpu_profiler_disable to master
Squashed commit of the following:
commit
f523a8fc876ba154d0597274c76a132fd2514192
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue May 7 13:22:20 2024 -0400
appid : disable appid cpu profiler
Juweria Ali Imran (jaliimra) [Mon, 6 May 2024 14:43:25 +0000 (14:43 +0000)]
Pull request #4306: stream_tcp: change drop reason issuer to stream to accommodate asp drop enums
Merge in SNORT/snort3 from ~JALIIMRA/snort3:asp_drop_reason to master
Squashed commit of the following:
commit
aa67776a468a3b60a264c7610cb44a445776609a
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri May 3 09:38:05 2024 -0400
stream_tcp: change drop reason issuer to stream to accommodate asp drop enums
Umang Sharma (umasharm) [Fri, 3 May 2024 17:30:45 +0000 (17:30 +0000)]
Pull request #4288: appid : Appid CPU Profiler Table and CLI
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_cpu_profiling to master
Squashed commit of the following:
commit
9dfca5d8512eb3a899baaa397bab37dae320e004
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Mar 29 15:31:08 2024 -0400
appid : Appid CPU Profiler Table and CLI
Juweria Ali Imran (jaliimra) [Fri, 3 May 2024 00:21:16 +0000 (00:21 +0000)]
Pull request #4305: stream_tcp: add reassembler class for missed_3whs
Merge in SNORT/snort3 from ~JALIIMRA/snort3:asymmetric_option to master
Squashed commit of the following:
commit
2d3af8d9b89b9424974ec9a710e33e9b2d47e87a
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Thu May 2 16:31:16 2024 -0400
stream_tcp: add reassembler class for missed_3whs
Pull request #4297: flow: Connection profiling feature
Merge in SNORT/snort3 from ~OSTEPANO/snort3:connection_profiling to master
Squashed commit of the following:
commit
defdedb08111c9d4358e2a7b8f153d50bf38ad15
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Mar 15 14:51:44 2024 -0400
flow: Connection profiling feature
projects / thirdparty / snort3.git / log
