]>
git.ipfire.org Git - thirdparty/snort3.git/log
Mike Stepanek (mstepane) [Wed, 12 Feb 2020 15:22:24 +0000 (15:22 +0000)]
Merge pull request #1995 in SNORT/snort3 from ~MASHASAN/snort3:fix_reload_tests to master
Squashed commit of the following:
commit
c3ae82898a061d84054fe286738848186b25dd1b
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Feb 10 22:04:34 2020 -0500
host_tracker: Checking lock in a separate thread in unit-test
Mike Stepanek (mstepane) [Wed, 12 Feb 2020 15:09:12 +0000 (15:09 +0000)]
Merge pull request #1969 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_3 to master
Squashed commit of the following:
commit
dd1d2a4f13e9f73f8406fa6530b1f9ab5dcc4acc
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jan 28 22:18:16 2020 -0500
appid: move dns, sip, ssl and http pattern matchers to odp context; move client discovery manager to odp context
Shravan Rangarajuvenkata (shrarang) [Fri, 7 Feb 2020 21:54:01 +0000 (21:54 +0000)]
Merge pull request #1993 in SNORT/snort3 from ~PGUPTE/snort3:flic to master
Squashed commit of the following:
commit
82bdd3a425074d76e5a4655f6f11b97685976df7
Author: Payal Gupte <pgupte@cisco.com>
Date: Fri Feb 7 15:49:34 2020 -0500
file-magic: Added missing file magic pattern for FLIC
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 18:45:00 +0000 (18:45 +0000)]
Merge pull request #1982 in SNORT/snort3 from ~KATHARVE/snort3:h2i_dynamic_size to master
Squashed commit of the following:
commit
a1bbb525ea89620dfcfc6d3985ba6ccb7fe86ba2
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jan 23 16:48:27 2020 -0500
http2_inspect: support HPACK dynamic table size updates
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 17:53:42 +0000 (17:53 +0000)]
Merge pull request #1979 in SNORT/snort3 from ~MASHASAN/snort3:reload_host_cache to master
Squashed commit of the following:
commit
11e7d21da60752a0281cd6e74485c5ce2cebe140
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Jan 30 14:24:14 2020 -0500
host_tracker: Support host_cache reload with RRT when memcap changes
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 15:53:19 +0000 (15:53 +0000)]
Merge pull request #1987 in SNORT/snort3 from ~THOPETER/snort3:nhttp132 to master
Squashed commit of the following:
commit
fcc1bd432f77302b8e39012725841b813abb7ca1
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Feb 4 15:50:27 2020 -0500
http_inspect: gzip splitting fix
Shravan Rangarajuvenkata (shrarang) [Thu, 6 Feb 2020 16:48:57 +0000 (16:48 +0000)]
Merge pull request #1945 in SNORT/snort3 from ~SATHIRKA/snort3:appid_ssl_decryption to master
Squashed commit of the following:
commit
9b25ac57051282d79daab57cc67858e7b43de526
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jan 8 10:44:55 2020 -0500
appid: Adding support for appid detection on decrypted SSL sessions
Mike Stepanek (mstepane) [Thu, 6 Feb 2020 16:45:32 +0000 (16:45 +0000)]
Merge pull request #1960 in SNORT/snort3 from ~MASHASAN/snort3:memory_cap_per_thread to master
Squashed commit of the following:
commit
466a7cfba777b9d1693c3da0321d5b05852603a4
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Jan 21 22:40:53 2020 -0500
memory: Treating config value memory.cap as per thread instead of global
Steve Chew (stechew) [Wed, 5 Feb 2020 16:06:46 +0000 (16:06 +0000)]
Merge pull request #1963 in SNORT/snort3 from ~SBAIGAL/snort3:so_reload to master
Squashed commit of the following:
commit
97637d76fb074ffa778a317b586c7e0446fd720d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Dec 18 16:02:02 2019 -0500
reload: make so_rule plugins reloadable
Russ Combs (rucombs) [Tue, 4 Feb 2020 11:40:41 +0000 (11:40 +0000)]
Merge pull request #1970 in SNORT/snort3 from ~SELYSENK/snort3:update_copyright to master
Squashed commit of the following:
commit
2c566a2e52955a699529ddc84ca04097f27111ea
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Tue Feb 4 10:41:57 2020 +0200
copyright: update year to 2020
Russ Combs (rucombs) [Tue, 4 Feb 2020 01:28:00 +0000 (01:28 +0000)]
Merge pull request #1967 in SNORT/snort3 from ~RUCOMBS/snort3:crc_miscellany to master
Squashed commit of the following:
commit
bc841270df5017e7d2e4c14290269d97eae7896e
Author: russ <rucombs@cisco.com>
Date: Fri Jan 31 12:06:57 2020 -0500
stream_tcp: ensure that flows with mss and timestamps are picked up on syn
commit
a40f9e06dcd6209b050b89578234bb19346a3af7
Author: russ <rucombs@cisco.com>
Date: Thu Jan 30 07:46:03 2020 -0500
tweaks: set reasonable stream_ip.min_fragment_length values
commit
1ca008ec891eb29786878cb5e73b21dd7bb37423
Author: russ <rucombs@cisco.com>
Date: Thu Jan 30 07:43:27 2020 -0500
tweaks: update per new normalizer defaults
commit
d552fcc6c8769cc9d6117ddbe13a5c1208d60ee1
Author: russ <rucombs@cisco.com>
Date: Wed Jan 29 21:30:13 2020 -0500
tweaks: update policy configs to better align with Snort 2
commit
c308df033a25fbb7b2d8ac319cc8dc13c64809e9
Author: russ <rucombs@cisco.com>
Date: Wed Jan 29 21:28:46 2020 -0500
smtp: update defaults to better align with Snort 2
commit
cf37521cc7f04db3f65378eb55815ac8f5c393c2
Author: russ <rucombs@cisco.com>
Date: Mon Jan 27 09:07:17 2020 -0500
build: clean up non-hyperscan builds
commit
c210f495c665920cfd8af2cfda1ab0e721f15a19
Author: russ <rucombs@cisco.com>
Date: Mon Jan 27 09:06:20 2020 -0500
dce_tcp: fixup flow data handling
Michael Altizer (mialtize) [Mon, 3 Feb 2020 20:10:23 +0000 (20:10 +0000)]
Merge pull request #1981 in SNORT/snort3 from ~MIALTIZE/snort3:f31_const to master
Squashed commit of the following:
commit
1031ff1e1db6a258fb70b5f50f04b24e07d8d2ce
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Feb 3 12:48:30 2020 -0500
build: Updates across the board for stricter Clang const-casting warnings
Mike Stepanek (mstepane) [Mon, 3 Feb 2020 18:25:49 +0000 (18:25 +0000)]
Merge pull request #1978 in SNORT/snort3 from ~SMINUT/snort3:doc_reload_update to master
Squashed commit of the following:
commit
010a267c9f94e2341f84161ec761a89e1a626da4
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jan 31 15:18:36 2020 -0500
doc: update reload_limitations.txt.
Mike Stepanek (mstepane) [Mon, 3 Feb 2020 15:21:20 +0000 (15:21 +0000)]
Merge pull request #1977 in SNORT/snort3 from ~THOPETER/snort3:nhttp131 to master
Squashed commit of the following:
commit
4202f01e2fdc2a3e0fb5178ecb6de438b264a5e6
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 31 13:59:15 2020 -0500
http_inspect: refactoring
Michael Altizer (mialtize) [Mon, 3 Feb 2020 14:34:30 +0000 (14:34 +0000)]
Merge pull request #1976 in SNORT/snort3 from ~DERAMADA/snort3:parse_conf_service_name to master
Squashed commit of the following:
commit
be557ef9287e921ccaed09b178133315745e56ea
Author: deramada <deramada@cisco.com>
Date: Thu Jan 30 14:57:50 2020 -0500
parser: store local copy of service name
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 18:27:51 +0000 (18:27 +0000)]
Merge pull request #1964 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_2 to master
Squashed commit of the following:
commit
d581343cebbbb26244cfd6cba4eeddddc308cf50
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 22 14:53:39 2020 -0500
appid: load app mapping data to odp context
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 15:45:55 +0000 (15:45 +0000)]
Merge pull request #1972 in SNORT/snort3 from ~KAMURTHI/snort3:URL_MATCHING to master
Squashed commit of the following:
commit
c62c61b3a77171e76dc64ab42fa86cf6baad31f3
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Jan 27 13:19:11 2020 -0500
appid: Don't mark HTTP session done if the ssl detector is still in progress
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 15:45:09 +0000 (15:45 +0000)]
Merge pull request #1973 in SNORT/snort3 from ~CLJUDGE/snort3:reset_tp_packet_counts_on_reinspect to master
Squashed commit of the following:
commit
99401d020af70075a285aa27113a8ca3b904eede
Author: cljudge <cljudge@cisco.com>
Date: Thu Jan 30 01:18:57 2020 -0500
appid: reset tp packet counters each time we do reinspect
Mike Stepanek (mstepane) [Fri, 31 Jan 2020 14:40:15 +0000 (14:40 +0000)]
Merge pull request #1975 in SNORT/snort3 from ~THOPETER/snort3:h2i_xtra_data to master
Squashed commit of the following:
commit
7cd28267a8c166bc495818c24e33ebf930aeb25a
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jan 28 13:57:41 2020 -0500
http_inspect/http2_inspect: H2I unified2 extra data logging
Michael Altizer (mialtize) [Fri, 31 Jan 2020 05:46:28 +0000 (05:46 +0000)]
Merge pull request #1953 in SNORT/snort3 from ~OKHOMIAK/snort3:snort2lua_variable_expansion to master
Squashed commit of the following:
commit
02f1799f1ed55f6763603fb2aa3470fc0741a3ee
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Tue Jan 21 09:49:35 2020 +0200
snort2lua: conversion of path containing variables
Mike Stepanek (mstepane) [Thu, 30 Jan 2020 18:31:34 +0000 (18:31 +0000)]
Merge pull request #1971 in SNORT/snort3 from ~DERAMADA/snort3:doc_h2i_manual_update to master
Squashed commit of the following:
commit
d5be2e81ccc7858c1857f0233a424b68d6f18f35
Author: deramada <deramada@cisco.com>
Date: Wed Jan 29 15:00:03 2020 -0500
doc: manual updates for HTTP/2
Mike Stepanek (mstepane) [Thu, 30 Jan 2020 14:04:41 +0000 (14:04 +0000)]
Merge pull request #1966 in SNORT/snort3 from ~MDAGON/snort3:h2i to master
Squashed commit of the following:
commit
bbe358a1e38a2c5256f20792b9ad5c3120f9a942
Author: mdagon <mdagon@cisco.com>
Date: Fri Jan 17 09:50:41 2020 -0500
http2_inspect: data frame http inspection walking skeleton first phase
Shravan Rangarajuvenkata (shrarang) [Wed, 29 Jan 2020 11:28:44 +0000 (11:28 +0000)]
Merge pull request #1968 in SNORT/snort3 from ~PGUPTE/snort3:intelhex to master
Squashed commit of the following:
commit
502015d880f65dc234870871f4d515fab08939d1
Author: Payal Gupte <pgupte@cisco.com>
Date: Tue Jan 28 15:56:55 2020 -0500
file-magic: Added missing file magic pattern for IntelHEX.
Mike Stepanek (mstepane) [Tue, 28 Jan 2020 18:52:48 +0000 (18:52 +0000)]
Merge pull request #1958 in SNORT/snort3 from ~DERAMADA/snort3:h2i_http2_w_http_rules to master
Squashed commit of the following:
commit
b09dd25c6ca83b761ceedfc2616d4ac69cc2450f
Author: deramada <deramada@cisco.com>
Date: Wed Jan 22 08:58:33 2020 -0500
parser: add service http2 to http rules
Mike Stepanek (mstepane) [Tue, 28 Jan 2020 17:13:01 +0000 (17:13 +0000)]
Merge pull request #1959 in SNORT/snort3 from ~KATHARVE/snort3:h2i_test_tool to master
Squashed commit of the following:
commit
403392e41d8058a6ffa1dc1adcdabe18665c5450
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jan 14 13:30:58 2020 -0500
http_inspect: update test tool to support the HTTP/2 macros and new insert command
Michael Altizer (mialtize) [Tue, 28 Jan 2020 16:54:44 +0000 (16:54 +0000)]
Merge pull request #1939 in SNORT/snort3 from ~SVLASIUK/snort3:multiple_ftp_server_in_output to master
Squashed commit of the following:
commit
29b6f44f49d8d15a30d0fe8c37e43ff80fbb1630
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon Jan 13 12:21:27 2020 +0200
inspectors: print label for type and alias in inspector manager. Remove printing module name in inspectors ::show() method.
Russ Combs (rucombs) [Fri, 24 Jan 2020 21:30:39 +0000 (21:30 +0000)]
Merge pull request #1951 in SNORT/snort3 from ~RUCOMBS/snort3:ports_and_services to master
Squashed commit of the following:
commit
bd7626b4fdfcd27e2502859ea742c89a8460b6db
Author: russ <rucombs@cisco.com>
Date: Mon Jan 20 07:35:50 2020 -0500
ips: alert service rules check ports
commit
1df737255567925932f6c68db0d557edab560688
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 15:28:01 2020 -0500
ips: refactor rule parsing
commit
257406547538e5ba728240047f617e494e7f1256
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 11:35:57 2020 -0500
ips: remove dead code from rule parser
commit
d1a4bf86979b7379ca00ce3265e710d38163cf9b
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 07:53:25 2020 -0500
bufferlen: match on total length unless remaining is specified
commit
202b4a29e00148ed79143f0a1b80fb79447be71e
Author: russ <rucombs@cisco.com>
Date: Fri Jan 17 16:16:22 2020 -0500
ips: use service "file" instead of "user"
Shravan Rangarajuvenkata (shrarang) [Fri, 24 Jan 2020 18:37:08 +0000 (18:37 +0000)]
Merge pull request #1962 in SNORT/snort3 from ~THOPETER/snort3:h2i_xtra_crash to master
Squashed commit of the following:
commit
cc0f3d5419cb13e11168d1ca6591ce314c706b50
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 24 12:30:07 2020 -0500
http_inspect: patch H2I-related xtra data crash
Michael Altizer (mialtize) [Fri, 24 Jan 2020 17:59:49 +0000 (17:59 +0000)]
Merge pull request #1926 in SNORT/snort3 from ~SELYSENK/snort3:dont_log_zero_vid to master
Squashed commit of the following:
commit
acbf1f541bffec35d3d63a779c515287bd43255f
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Jan 23 16:16:20 2020 +0200
loggers: update vlan logging in csv and json loggers
Log vlan id 0 if vlan_agnostic or untagged, use flow vlan id or packet
vid otherwise.
Russ Combs (rucombs) [Fri, 24 Jan 2020 17:33:34 +0000 (17:33 +0000)]
Merge pull request #1890 in SNORT/snort3 from ~DAVMCPHE/snort3:hyper_vs_pcre to master
Squashed commit of the following:
commit
3b003e8e351bacc4eb161515615dd2a6b3736933
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Nov 14 16:55:24 2019 -0500
ips_pcre: compile/evaluate pcre rule option regular expressions with the hyperscan regex engine when possible
ips_pcre: support the O & R modifiers when converting pcre to regex
detection: add config option to enable conversion of pcre expressions to use the regex engine
Russ Combs (rucombs) [Thu, 23 Jan 2020 03:11:14 +0000 (03:11 +0000)]
Merge pull request #1929 in SNORT/snort3 from ~ALLEWI/snort3:disable_normalization_defaults to master
Squashed commit of the following:
commit
dcf81f202f0d8aa46297cb90cbf69c8eaf371f14
Author: allewi <allewi@cisco.com>
Date: Thu Jan 9 16:55:53 2020 -0500
normalizer: disable all normalizations by default except for tcp.ips
Shravan Rangarajuvenkata (shrarang) [Wed, 22 Jan 2020 18:35:49 +0000 (18:35 +0000)]
Merge pull request #1956 in SNORT/snort3 from ~THOPETER/snort3:h2i_fast_pattern to master
Squashed commit of the following:
commit
5d2bd437978f0b7fa782ce887622c338dca14024
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jan 15 12:46:04 2020 -0500
http2_inspect: fast pattern support
Michael Altizer (mialtize) [Tue, 21 Jan 2020 23:04:27 +0000 (23:04 +0000)]
Merge pull request #1955 in SNORT/snort3 from ~SHRARANG/snort3:appid_delete_odp_ctxt to master
Squashed commit of the following:
commit
9e71869618f6bd18b9a1cc4402cda55c707af133
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jan 21 15:17:37 2020 -0500
appid: clean up ENABLE_APPID_THIRD_PARTY from configure_cmake
Michael Altizer (mialtize) [Tue, 21 Jan 2020 03:04:07 +0000 (03:04 +0000)]
Merge pull request #1946 in SNORT/snort3 from ~SELYSENK/snort3:bug/362106 to master
Squashed commit of the following:
commit
47f108c7be1b3aca7ff8a0b238ca997c469ffbde
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Fri Jan 17 15:18:21 2020 +0200
cip: explicitly include sys/time.h header
commit
51d311de1b4f34931b017529ff382ae2a79b7cba
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Fri Jan 17 18:24:31 2020 +0200
rna: use standard uint8_t type instead of u_int8_t
russ [Mon, 20 Jan 2020 22:37:41 +0000 (17:37 -0500)]
content: delete flawed hyper search test
Russ Combs (rucombs) [Mon, 20 Jan 2020 14:01:54 +0000 (14:01 +0000)]
Merge pull request #1943 in SNORT/snort3 from ~RUCOMBS/snort3:dinty_moore to master
Squashed commit of the following:
commit
505d59a649bcef812ceaa2c5656fa5d90c98775f
Author: russ <rucombs@cisco.com>
Date: Wed Jan 1 21:00:42 2020 -0500
detection: add pcre_override to enable/disable pcre/O
commit
264b6283af3f57198ced03b3db995dbd25edf12b
Author: russ <rucombs@cisco.com>
Date: Wed Jan 1 20:15:54 2020 -0500
detection: add hyperscan_literals option
commit
b7cfac2065b0332d70b767cba705e21a9e24dc92
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:41:41 2019 -0500
search_engine: trivial reformatting
commit
00ad9c9f9c0b5db81cfc28697a6f27a24e022278
Author: russ <rucombs@cisco.com>
Date: Sat Dec 14 08:40:52 2019 -0500
detection: signature evaluation looping based on literal contents only (exclude regex)
commit
3fc421f1739a45bfc37bde0732c442b78386a7cc
Author: russ <rucombs@cisco.com>
Date: Thu Jan 2 08:10:00 2020 -0500
content: use hs_compile if hs_compile_lit is not available
commit
d5c5c32b613011286d0dca879ce1b92b4853d590
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:44:15 2019 -0500
content: add hyperscan content literal matching alternative to boyer-moore
commit
00feeb9b5e7dadac2ccfc9c4332bf9a7606ae075
Author: russ <rucombs@cisco.com>
Date: Tue Dec 10 09:32:57 2019 -0500
framework: introduce ScratchAllocator class to help with scratch memory management
commit
b91dfca84c0b4bc8e8b3d686ae83f9eff1bc06d8
Author: russ <rucombs@cisco.com>
Date: Sun Dec 29 08:59:21 2019 -0500
pcre: ensure use of maximal ovector size and simplify logic
commit
6cd139d98726d5c058bb5733a74f9eb48879a2e7
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:40:37 2019 -0500
hyperscan: convert thread locals to scan context
commit
1a059cea1ba0c9f101039c36f1703308b946686b
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:39:48 2019 -0500
regex: convert thread locals to scan context
Shravan Rangarajuvenkata (shrarang) [Sat, 18 Jan 2020 02:37:43 +0000 (02:37 +0000)]
Merge pull request #1948 in SNORT/snort3 from ~SHRARANG/snort3:appid_delete_odp_ctxt to master
Squashed commit of the following:
commit
551921d010187340395bc3a45e053755cfa43b6e
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 17 12:15:15 2020 -0500
appid: delete odp context on exit
Mike Stepanek (mstepane) [Fri, 17 Jan 2020 21:08:04 +0000 (21:08 +0000)]
Merge pull request #1920 in SNORT/snort3 from ~SMINUT/snort3:host_cache_atomic_size to master
Squashed commit of the following:
commit
8e02a12362716ed4da4c267879e19eea5ebacfbb
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jan 7 15:27:55 2020 -0500
host_tracker: make current_size atomic to save some locks.
Mike Stepanek (mstepane) [Fri, 17 Jan 2020 14:48:09 +0000 (14:48 +0000)]
Merge pull request #1942 in SNORT/snort3 from ~DERAMADA/snort3:h2i_new_tests to master
Squashed commit of the following:
commit
4ff7df9bd99779dc9fb82e72eaaaf548624811ef
Author: deramada <deramada@cisco.com>
Date: Tue Jan 14 10:41:19 2020 -0500
http2_inspect: fix string decode error
Shravan Rangarajuvenkata (shrarang) [Thu, 16 Jan 2020 20:40:53 +0000 (20:40 +0000)]
Merge pull request #1944 in SNORT/snort3 from ~SHRARANG/snort3:appid_nuke_tp_compile_flag to master
Squashed commit of the following:
commit
a8822d9513a9a5783c4e9eed53bc4d0e1a4a670f
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 15 13:28:50 2020 -0500
appid: get rid of ENABLE_APPID_THIRD_PARTY flag
Mike Stepanek (mstepane) [Thu, 16 Jan 2020 16:11:34 +0000 (16:11 +0000)]
Merge pull request #1931 in SNORT/snort3 from ~KATHARVE/snort3:http_mime_file to master
Squashed commit of the following:
commit
159de978a1e07db74de106810e3f268690488567
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jan 8 15:50:36 2020 -0500
mime: support simultaneous file processing of MIME-encoded files over HTTP/1.1
Shravan Rangarajuvenkata (shrarang) [Thu, 16 Jan 2020 16:08:22 +0000 (16:08 +0000)]
Merge pull request #1941 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt to master
Squashed commit of the following:
commit
16d04f32ed78eb83eb52ca2c44b1104581814a06
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 10 10:29:27 2020 -0500
appid: move odp config, host-port cache and length cache to a separate class OdpContext; remove obsolete port detector code
Shravan Rangarajuvenkata (shrarang) [Wed, 15 Jan 2020 19:14:05 +0000 (19:14 +0000)]
Merge pull request #1932 in SNORT/snort3 from ~SHRARANG/snort3:appid_tp_reload_config to master
Squashed commit of the following:
commit
ce792e96a5d6abf2d1804c90e738487061616700
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 10 11:26:32 2020 -0500
appid: do not reload third party on reload_config
Shravan Rangarajuvenkata (shrarang) [Tue, 14 Jan 2020 19:45:33 +0000 (19:45 +0000)]
Merge pull request #1938 in SNORT/snort3 from ~KAMURTHI/snort3:TOR-Proxy to master
Squashed commit of the following:
commit
7885b4c4de8c5a6396aa29c839818e0732e718c0
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun Jan 12 17:24:24 2020 -0500
appid: detect payload for http tunnel traffic
Mike Stepanek (mstepane) [Tue, 14 Jan 2020 14:28:36 +0000 (14:28 +0000)]
Merge pull request #1884 in SNORT/snort3 from ~MASHASAN/snort3:verbose_logs to master
Squashed commit of the following:
commit
57cb51f8838f06da64b8891bca9a08321f05c60e
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Dec 6 14:19:18 2019 -0500
snort: Adding some verbose logs for appid, file_id, and reputation inspectors
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 21:30:04 +0000 (21:30 +0000)]
Merge pull request #1915 in SNORT/snort3 from ~NIHDESAI/snort3:hblock_adjustments to master
Squashed commit of the following:
commit
9a77a8807f272283149ca15da0f1c48f7407c150
Author: Nihal Desai <nihdesai@cisco.com>
Date: Thu Jan 2 13:06:53 2020 -0500
http2_inspect: add transfer encoding chunked at end of decoded http1 header block
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 21:22:26 +0000 (21:22 +0000)]
Merge pull request #1930 in SNORT/snort3 from ~THOPETER/snort3:nhttp130 to master
Squashed commit of the following:
commit
2bb46538d39eb8ffdb2e1a2a0b1e2370972b5ff8
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jan 9 13:12:08 2020 -0500
http_inspect: no duplicate built-in events for a flow
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 14:27:15 +0000 (14:27 +0000)]
Merge pull request #1919 in SNORT/snort3 from ~MDAGON/snort3:integration to master
Squashed commit of the following:
commit
5135fa3bf40d3e6ae2e8e12ff92f4ed79d264fb6
Author: Mike Stepanek (mstepane) <mstepane@cisco.com>
Date: Mon Dec 9 17:08:40 2019 +0000
http2_inspect: integration with NHI
Shravan Rangarajuvenkata (shrarang) [Fri, 10 Jan 2020 15:43:06 +0000 (15:43 +0000)]
Merge pull request #1923 in SNORT/snort3 from ~SATHIRKA/snort3:static_host_cache_wildcard to master
Squashed commit of the following:
commit
be3ab6abccce12eb3bf39f71929778ed596527d1
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jan 7 11:21:36 2020 -0500
appid: Adding support for wildcard ports in static host port cache
Shravan Rangarajuvenkata (shrarang) [Thu, 9 Jan 2020 20:06:08 +0000 (20:06 +0000)]
Merge pull request #1924 in SNORT/snort3 from ~SHRARANG/snort3:appid_terminology to master
Squashed commit of the following:
commit
d6d663b8816f18fa38d8adc0ad753fe548b51079
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 8 05:47:53 2020 -0500
appid: cleanup terminology
Mike Stepanek (mstepane) [Thu, 9 Jan 2020 16:41:20 +0000 (16:41 +0000)]
Merge pull request #1905 in SNORT/snort3 from ~KATHARVE/snort3:http_file to master
Squashed commit of the following:
commit
fb5585357bd605ecaf77b59b6afa1b7dbf1237e9
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Dec 4 10:36:52 2019 -0500
http_inspect: process multiple files simultaneously over HTTP/1.1
George Koikara (gkoikara) [Thu, 9 Jan 2020 14:24:03 +0000 (14:24 +0000)]
Merge pull request #1893 in SNORT/snort3 from ~SUNIMUKH/snort3:sgt to master
Squashed commit of the following:
commit
a6367694b7def585aa6471749d916301b6f24ee3
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Dec 3 03:53:33 2019 -0500
sgt-detection: API support to accessing SGT from CiscoMetaData
Michael Altizer (mialtize) [Wed, 8 Jan 2020 23:55:09 +0000 (23:55 +0000)]
Merge pull request #1925 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master
Squashed commit of the following:
commit
f267210213b61f6beaf8c11ee14975da410db3bc
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 8 16:29:57 2020 -0500
catch: Update to Catch v2.11.1
commit
12eb31c6584eb73e3b473ae65034f40d04367166
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 8 14:40:16 2020 -0500
build: Fix more Clang 9 compiler warnings
Mike Stepanek (mstepane) [Tue, 7 Jan 2020 15:18:41 +0000 (15:18 +0000)]
Merge pull request #1917 in SNORT/snort3 from ~MASHASAN/snort3:port_scan_rrt to master
Squashed commit of the following:
commit
3c72a2cc66a715b931ad2a07dea63d50503acd70
Author: Masud Hasan <mashasan@cisco.com>
Date: Sat Jan 4 18:40:53 2020 -0500
port_scan: Supporting reload config when memcap changes
Shravan Rangarajuvenkata (shrarang) [Fri, 3 Jan 2020 14:46:22 +0000 (14:46 +0000)]
Merge pull request #1901 in SNORT/snort3 from ~SHRARANG/snort3:appid_tp_reload_1_thread to master
Squashed commit of the following:
commit
cf334063cb9963471a4d3b87267f0e3e72966613
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Dec 17 06:27:06 2019 -0500
appid: support third party reload when snort is running with single packet thread
Michael Altizer (mialtize) [Wed, 25 Dec 2019 14:35:11 +0000 (14:35 +0000)]
Merge pull request #1906 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master
Squashed commit of the following:
commit
a5cd61e97b73d70e9f38b136405c1a55238b0b87
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 20 13:36:37 2019 -0500
codecs: Use unions for checksum pseudoheaders
This helps clear up static analysis confusion.
commit
ddcefc137ecd5229e1eca815a245346c8b539879
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 16:01:52 2019 -0500
build: Clean up accumulated tabs and trailing whitespace in the code
commit
0c3a7f4f53af3bcee1b56962d06c61a039f69990
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 15:28:51 2019 -0500
build: Rename parameters that shadow class members (compiler warnings)
commit
9f8664ec859c10ee2668a5cdb4a289b0c58ca1ed
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 14:17:10 2019 -0500
build: Remove some extraneous semicolons (compiler warnings)
Mike Stepanek (mstepane) [Mon, 23 Dec 2019 13:24:22 +0000 (13:24 +0000)]
Merge pull request #1900 in SNORT/snort3 from ~THOPETER/snort3:h2i_remove_file_data to master
Squashed commit of the following:
commit
784c640f93cfb669d2f06112aece95a5d26fe044
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Dec 19 18:10:58 2019 -0500
http2_inspect: frame data no longer in file_data
Michael Altizer (mialtize) [Fri, 20 Dec 2019 19:39:41 +0000 (19:39 +0000)]
Merge pull request #1902 in SNORT/snort3 from ~MIALTIZE/snort3:build_267 to master
Squashed commit of the following:
commit
7e4b25ffb40817f3efb272ea62c94f2db92f905b
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 20 13:09:16 2019 -0500
build: generate and tag build 267
Russ Combs (rucombs) [Thu, 19 Dec 2019 21:43:48 +0000 (21:43 +0000)]
Merge pull request #1879 in SNORT/snort3 from ~RUCOMBS/snort3:offload_count to master
Squashed commit of the following:
commit
1212fbdff4d8b7afb71ec9b8ce26256806b4ae29
Author: russ <rucombs@cisco.com>
Date: Thu Dec 5 07:58:10 2019 -0500
search_engine: fix expected count of MPSEs when offloading
George Koikara (gkoikara) [Thu, 19 Dec 2019 12:24:01 +0000 (12:24 +0000)]
Merge pull request #1896 in SNORT/snort3 from ~RJAVALI/snort3:GRE_issu to master
Squashed commit of the following:
commit
a50900239a95fe36fb81a608a4e13068a42a0be5
Author: Raghavendra Javali <rjavali@cisco.com>
Date: Thu Dec 12 05:23:19 2019 -0500
codec: Header files alphabetically re-ordered and addition of unit test case for code coverage.
Mike Stepanek (mstepane) [Wed, 18 Dec 2019 16:39:00 +0000 (16:39 +0000)]
Merge pull request #1881 in SNORT/snort3 from ~MDAGON/snort3:assitant_gadget to master
Squashed commit of the following:
commit
f7fbbb6f69f2b80e8be8bb0bbdab36d72cca33ac
Author: mdagon <mdagon@cisco.com>
Date: Wed Dec 4 13:59:02 2019 -0500
binder: assitant gadget support.
Currently used by Http2 to setup Http as assistant gadget.
Flow was updated as well to support assistant gadget.
Mike Stepanek (mstepane) [Tue, 17 Dec 2019 13:48:33 +0000 (13:48 +0000)]
Merge pull request #1891 in SNORT/snort3 from ~KATHARVE/snort3:multiple_file_contexts_fix to master
Squashed commit of the following:
commit
7c77f290e40591555e152bb286838efc08054758
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Dec 6 14:00:17 2019 -0500
file_api: When multiple files are processed simultaneously per flow, store the files on the flow, not in the cache. Don't cache files until the signature has been computed
Michael Altizer (mialtize) [Tue, 17 Dec 2019 05:22:56 +0000 (05:22 +0000)]
Merge pull request #1826 in SNORT/snort3 from ~SHASLAD/snort3:dont_capture_rebuilt to master
Squashed commit of the following:
commit
05efc9aebf8450c5b946142ec832c272c2f46366
Author: Shashi Lad <shaslad@cisco.com>
Date: Wed Oct 30 00:44:41 2019 -0400
packet_capture: ignore PDUs and defragged packets, include non-IP packets
Mike Stepanek (mstepane) [Mon, 16 Dec 2019 20:39:58 +0000 (20:39 +0000)]
Merge pull request #1873 in SNORT/snort3 from ~MMATIRKO/snort3:perfmon_reload_tune to master
Squashed commit of the following:
commit
1330041efbc4410e003415c46d96dfff98929d60
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Nov 25 15:01:39 2019 -0500
perf_monitor: tuning for flow_ip_memcap on reload
Shravan Rangarajuvenkata (shrarang) [Mon, 16 Dec 2019 16:09:58 +0000 (16:09 +0000)]
Merge pull request #1898 in SNORT/snort3 from ~SHRARANG/snort3:appid_cleanup to master
Squashed commit of the following:
commit
868f316b3e1642a3cc1045b1bd4351d298f195ed
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Dec 11 15:52:40 2019 -0500
appid: cleanup unused code
Mike Stepanek (mstepane) [Mon, 16 Dec 2019 13:09:10 +0000 (13:09 +0000)]
Merge pull request #1880 in SNORT/snort3 from ~NIHDESAI/snort3:limit_detained_ins to master
Squashed commit of the following:
commit
de16cdefb4d6587f116b42a8b992154e059f387b
Author: Nihal Desai <nihdesai@cisco.com>
Date: Thu Dec 5 03:51:54 2019 -0500
http_inspect: support limited response depth
Shravan Rangarajuvenkata (shrarang) [Mon, 16 Dec 2019 11:37:54 +0000 (11:37 +0000)]
Merge pull request #1894 in SNORT/snort3 from ~SATHIRKA/snort3:navl_reload_command to master
Squashed commit of the following:
commit
a968abdae0d74e6b983a707fd9895b6f3909b96d
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Dec 12 12:11:46 2019 -0500
appid: Adding command for third-party reload
Michael Altizer [Fri, 13 Dec 2019 16:56:16 +0000 (11:56 -0500)]
sfip: Use REG_TEST-style IP stringification for standalone Catch tests
Shravan Rangarajuvenkata (shrarang) [Thu, 12 Dec 2019 18:39:07 +0000 (18:39 +0000)]
Merge pull request #1889 in SNORT/snort3 from ~SHRARANG/snort3:file_magic to master
Squashed commit of the following:
commit
0deef444b0544a25550c7e7191ff51df06876d38
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Dec 10 12:41:18 2019 -0500
file_magic: add file magic for .jar, .rar, .alz, .egg, .hwp and .swf files
George Koikara (gkoikara) [Wed, 11 Dec 2019 08:45:08 +0000 (08:45 +0000)]
Merge pull request #1878 in SNORT/snort3 from ~APOORAJ/snort3:gtp_teid to master
Squashed commit of the following:
commit
65363ab96ffd788f42836c407e6143952a69e825
Author: Apoorv Raj <apooraj@cisco.com>
Date: Tue Dec 3 23:42:37 2019 -0500
gtp:alerts should be raised for missing TEID in gtp msg
Michael Altizer [Wed, 11 Dec 2019 02:47:42 +0000 (21:47 -0500)]
lua: Link lua_stack_test against libdl to handle the static luajit case
Michael Altizer (mialtize) [Wed, 11 Dec 2019 01:52:42 +0000 (01:52 +0000)]
Merge pull request #1888 in SNORT/snort3 from ~MIALTIZE/snort3:catch_update to master
Squashed commit of the following:
commit
50bce7dcee80462f07283c4c7738728e8ff60841
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Dec 10 12:14:34 2019 -0500
build: Const-ify reference arguments as suggested by cppcheck
commit
4c90072dc0ab9f5ebae7cf4c1a4395d69794fe0a
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 18:08:25 2019 -0500
lua: Convert LuaStack unit tests to standalone Catch
commit
b33f7cc6db6fe2c5aa4077101efb5555bd6a201a
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 18:02:15 2019 -0500
stream/tcp: Remove some unused Catch includes
commit
641d95ae9d46ffff6e3c91e39c2a278028ebdc07
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 17:56:47 2019 -0500
sfip: Convert SfIp unit tests to standalone Catch
commit
85bd00016ecaa8146ffec9a809fa3851586116d3
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 17:45:31 2019 -0500
profiler: Convert MemoryContext and ProfilerStatsTable unit tests to standalone Catch
commit
693ace7a10e04611b8f91ee3d28bb43ea5664199
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 17:37:40 2019 -0500
helpers: Convert Base64Encoder unit tests to standalone Catch
commit
d7a7fd2beffa6fd3f7d46e9466c8f36a012e0f12
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 17:16:20 2019 -0500
time: Convert periodic and stopwatch unit tests to standalone Catch
commit
4248db7448a208b73fb8a815f0a6998b4e5fee06
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 16:54:43 2019 -0500
utils: Convert bitop unit tests to standalone Catch
commit
ef66e67db068785a60c260cb6463b15ca641d47b
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 9 16:51:03 2019 -0500
control: Convert IdleProcessing unit tests to standalone Catch
commit
b134ee2b0a6a8d388c2141458fb95128d31140d3
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 27 17:14:05 2019 -0500
framework: Convert parameter and range unit tests to standalone Catch
commit
ebe3148b938ae8dcf422a89af5d6e959490a8174
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 27 17:04:12 2019 -0500
perf_monitor: Convert CSV, FBS, and JSON formatter unit tests to standalone Catch
commit
d064b5cbe59a7f372718794a3a307e40948d3af6
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 27 14:49:36 2019 -0500
dce_rpc: Convert HTTP proxy and server splitter unit tests to standalone Catch
commit
d78b0707d9cd70ae3f487ce848a598889189127f
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 29 10:11:10 2019 -0400
catch: Add infrastructure for standalone Catch unit tests
commit
890eb47d153baf0fc89ef75eab7a2a9fde47c836
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Nov 27 12:20:24 2019 -0500
catch: Update to Catch v2.11.0
Steve Chew (stechew) [Tue, 10 Dec 2019 22:11:14 +0000 (22:11 +0000)]
Merge pull request #1887 in SNORT/snort3 from ~ANTOROZC/snort3:duapalme_lru_cache to master
Squashed commit of the following:
commit
34fe7d4675a47b58c4fc6f9c5d3305f59d7ef999
Author: Duane Palmer <duapalme@cisco.com>
Date: Thu Nov 14 15:04:28 2019 -0600
lru_cache_shared: added find_else_insert to add user managed objects to the cache
Russ Combs (rucombs) [Tue, 10 Dec 2019 13:42:11 +0000 (13:42 +0000)]
Merge pull request #1877 in SNORT/snort3 from ~RUCOMBS/snort3:reincluder to master
Squashed commit of the following:
commit
7499236c7f9a0d79228c56d96099acf939626daf
Author: russ <rucombs@cisco.com>
Date: Wed Dec 4 17:43:52 2019 -0500
ips: do not use includer for any rules file includes
commit
2ce77f3186a19a723f97d9fbc34bc28bc3cd8053
Author: russ <rucombs@cisco.com>
Date: Wed Dec 4 13:40:56 2019 -0500
ips: fix --show-file-codes for inclusion from -c file
Mike Stepanek (mstepane) [Mon, 9 Dec 2019 17:08:40 +0000 (17:08 +0000)]
Merge pull request #1882 in SNORT/snort3 from ~THOPETER/snort3:h2i_streams to master
Squashed commit of the following:
commit
3b164411655f7ec11e66c424a3783f74c11cf11e
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Dec 2 14:59:20 2019 -0500
http2_inspect: add Stream class
Mike Stepanek (mstepane) [Mon, 9 Dec 2019 13:22:29 +0000 (13:22 +0000)]
Merge pull request #1858 in SNORT/snort3 from ~DAVMCPHE/snort3:reload_idle_tuning to master
Squashed commit of the following:
commit
bac1de7f1bdc9aa14db71457e39932c27768c43e
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Nov 22 09:07:13 2019 -0500
reload: fix issue where resource tuning was not being called when in idle context
Michael Altizer (mialtize) [Fri, 6 Dec 2019 16:56:37 +0000 (16:56 +0000)]
Merge pull request #1875 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_tcp_init_race_condition to master
Squashed commit of the following:
commit
fd95dddf1c1087d8834f3ee04e3a6fb559798f61
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Dec 2 16:40:35 2019 -0500
stream_tcp: refactor stream_tcp initialization to create reassemblers during plugin init
stream_tcp: refactor to initialize tcp normalizers during plugin init
stream_tcp:: fix TcpState post increment operator to stop increment at max value (and use correct max value)
George Koikara (gkoikara) [Fri, 6 Dec 2019 09:59:33 +0000 (09:59 +0000)]
Merge pull request #1870 in SNORT/snort3 from ~RJAVALI/snort3:GRE_issu to master
Squashed commit of the following:
commit
c7d297104eceef9da751684b7102899c57fb48ba
Author: Raghavendra Javali <rjavali@cisco.com>
Date: Mon Nov 18 01:46:47 2019 -0500
codec: Added GRE::encode method
Mike Stepanek (mstepane) [Thu, 5 Dec 2019 21:16:40 +0000 (21:16 +0000)]
Merge pull request #1856 in SNORT/snort3 from ~DERAMADA/snort3:h2i_settings_frame to master
Squashed commit of the following:
commit
eb9c908e03f795681f2d82e92eaee6d8d17d5759
Author: deramada <deramada@cisco.com>
Date: Thu Nov 21 14:50:57 2019 -0500
http2: parse settings frames
Russ Combs (rucombs) [Thu, 5 Dec 2019 05:45:05 +0000 (05:45 +0000)]
Merge pull request #1853 in SNORT/snort3 from ~RUCOMBS/snort3:empty_rule_state_table to master
Squashed commit of the following:
commit
6bfb8eddcf1ba0cc23fbf4b42b3d9229bc506748
Author: russ <rucombs@cisco.com>
Date: Wed Nov 20 15:43:23 2019 -0500
rule_state: allow empty tables
Michael Altizer (mialtize) [Wed, 4 Dec 2019 17:14:29 +0000 (17:14 +0000)]
Merge pull request #1876 in SNORT/snort3 from ~MSTEPANE/snort3:build_266 to master
Squashed commit of the following:
commit
aec79dac54f6b8ad5fa28d8c0343de252858564e
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Dec 4 08:34:24 2019 -0500
build: generate and tag build 266
Shravan Rangarajuvenkata (shrarang) [Tue, 3 Dec 2019 22:08:14 +0000 (22:08 +0000)]
Merge pull request #1871 in SNORT/snort3 from ~SATHIRKA/snort3:host_cache_ssl to master
Squashed commit of the following:
commit
54ad92428c38323655e2b816d7eae3e7901a2b67
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Nov 27 14:34:18 2019 -0500
appid: Enabling host cache for unknown SSL flows
Mike Stepanek (mstepane) [Tue, 3 Dec 2019 20:28:43 +0000 (20:28 +0000)]
Merge pull request #1840 in SNORT/snort3 from ~SMINUT/snort3:appid_memcap_rrt to master
Squashed commit of the following:
commit
a9c44d768cf79685c6d547ac5a18da01dd7851ca
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Nov 8 18:27:01 2019 -0500
appid: handle memcap during reload_config using RRT.
Shravan Rangarajuvenkata (shrarang) [Tue, 3 Dec 2019 20:10:34 +0000 (20:10 +0000)]
Merge pull request #1855 in SNORT/snort3 from ~CLJUDGE/snort3:snort3-parity-ssl-pop3s to master
Squashed commit of the following:
commit
f21d9f8383c11ae5fdca7168b23a498cb44af89b
Author: cljudge <cljudge@cisco.com>
Date: Thu Nov 21 14:48:36 2019 -0500
appid: add new pattern to pop3, don't concatenate ssl certs, use openssl-1.1 compliant APIs
Steve Chew (stechew) [Tue, 3 Dec 2019 20:08:48 +0000 (20:08 +0000)]
Merge pull request #1863 in SNORT/snort3 from ~STECHEW/snort3:deferred_whitelist to master
Squashed commit of the following:
commit
5a3d0a1cd928695d52cf798cb92fb55186fe1593
Author: Steve Chew <stechew@cisco.com>
Date: Fri Nov 22 12:18:20 2019 -0500
flow: Add ability to defer whitelist verdict.
Mike Stepanek (mstepane) [Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)]
Merge pull request #1872 in SNORT/snort3 from ~THOPETER/snort3:doc_detained_inspection to master
Squashed commit of the following:
commit
d8229b442b674dd56ad47a1f9d7135ea08a70786
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Dec 3 11:34:16 2019 -0500
http_inspect: update user manual for detained inspection
George Koikara (gkoikara) [Tue, 3 Dec 2019 10:01:18 +0000 (10:01 +0000)]
Merge pull request #1868 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala_test to master
Squashed commit of the following:
commit
adce4923e61c0258762b54d8cd716f7cebdd27c4
Author: krishnakanth <vkambala@cisco.com>
Date: Mon Nov 18 00:12:32 2019 -0500
file_api: Fixed eventing when FILE_SIG_DEPTH failed when store files enabled
Russ Combs (rucombs) [Tue, 3 Dec 2019 03:11:27 +0000 (03:11 +0000)]
Merge pull request #1867 in SNORT/snort3 from ~SHASLAD/snort3:bye_mallinfo to master
Squashed commit of the following:
commit
f9c843c9d43a77883ed7fd8d7095f72c17ca31ca
Author: Shashi Lad <shaslad@cisco.com>
Date: Tue Nov 26 13:23:05 2019 -0500
stats: removal of mallinfo as it only support 32bit
Russ Combs (rucombs) [Tue, 3 Dec 2019 02:57:37 +0000 (02:57 +0000)]
Merge pull request #1841 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_consolidate_source_files to master
Squashed commit of the following:
commit
e50ee5a0450248a37a310b42f9be1e8868cacaa9
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Nov 25 10:46:55 2019 -0500
stream_tcp: updates from PR review comments
commit
88137cf6242a9378cf6351882f7631947bff9d84
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Nov 11 08:58:57 2019 -0500
stream_tcp: move and update the libtcp source files to the tcp source directory to consolidate the stream tcp code into one component (libtcp goes away)
Russ Combs (rucombs) [Mon, 2 Dec 2019 22:28:25 +0000 (22:28 +0000)]
Merge pull request #1847 in SNORT/snort3 from ~RUCOMBS/snort3:rule_hacks to master
Squashed commit of the following:
commit
a273b19fd7256ab43c4639b064695a1d11f8030f
Author: russ <rucombs@cisco.com>
Date: Fri Nov 29 08:28:33 2019 -0500
http_inspect: implement show method for verbose config output
commit
6e1f40e01c95f0afd8ef4d0b609df25db9b757c6
Author: russ <rucombs@cisco.com>
Date: Thu Nov 28 18:44:33 2019 -0500
appid: format detected apps stats in columns akin to file stats
commit
4eb7cbdbfa223d6e6c998822c4db06d8c6f6a681
Author: russ <rucombs@cisco.com>
Date: Sun Nov 24 17:58:51 2019 -0500
profiler: fix module profile for multithreaded runs
The checks and time(us) are aggregated from all packet threads so the total time
can be N times greater than elapsed real time for N packet threads. The "other"
bucket has checks equal to the total number of packets and time equal to the sum
of all packet thread run times less the sum of all other times accounted for.
commit
9f7e9ec1fec03fc8681438a89f680d7b248f2326
Author: russ <rucombs@cisco.com>
Date: Wed Nov 27 13:42:13 2019 -0500
search_engine: raise an error if any MPSE compilation fails
commit
75bd85542994fb88da80754668679b46cfb3caca
Author: russ <rucombs@cisco.com>
Date: Wed Nov 27 09:08:10 2019 -0500
search_engine: process intermediate fast-pattern matches in batches of 32 same as Snort 2
commit
b76f0fc78432d4056e9b940441fd8803d7a5035b
Author: russ <rucombs@cisco.com>
Date: Sun Nov 24 18:01:12 2019 -0500
ips: support 2 rule vars same as Snort 2
commit
67ee953c4c7c9d13e4f95a4e527d87cb8a365b44
Author: russ <rucombs@cisco.com>
Date: Fri Nov 22 16:30:41 2019 -0500
appid: minor cleanup
commit
6b66d0839ca6cb14e8dd37010d69a47f97c6c5b6
Author: russ <rucombs@cisco.com>
Date: Fri Nov 22 16:24:56 2019 -0500
search_engine: ensure configured search_method is applied to search tools
commit
039f452cea4f183a469aa555275c7f47d37cd14d
Author: russ <rucombs@cisco.com>
Date: Mon Nov 18 18:14:14 2019 -0500
ips: only use multiple threads for rule group compilation at startup
A typical deployment will have N packet threads, each pinned to a separate core.
N threads can be used to speed up startup but shouldn't be used during reload
since that could impact detection. Reload is also not as time critical as
startup.
commit
a23500a9baf5773592653648d1a2cf32cfb22487
Author: russ <rucombs@cisco.com>
Date: Fri Nov 15 13:59:18 2019 -0500
hyperscan: select max scratch from among all compiler threads
commit
5b918976e0fad0f706675635852c74870175b4ad
Author: russ <rucombs@cisco.com>
Date: Thu Nov 14 16:45:34 2019 -0500
mpse: only hyperscan currently supports parallel compilation
commit
5ceb74b43af4b3bd7fafe61da7c53f2900b6b3cd
Author: russ <rucombs@cisco.com>
Date: Thu Nov 14 15:52:41 2019 -0500
ips: add support for parallel fast-pattern MPSE FSM compilation
Mike Stepanek (mstepane) [Wed, 27 Nov 2019 18:16:22 +0000 (18:16 +0000)]
Merge pull request #1865 in SNORT/snort3 from ~KATHARVE/snort3:h2i_dynamic_2 to master
Squashed commit of the following:
commit
8f4efe3e017be5036c368e2bd4fbdd70b9c3a025
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Nov 25 14:56:43 2019 -0500
http2_inspect: implement hpack dynamic index lookups
Mike Stepanek (mstepane) [Wed, 27 Nov 2019 15:53:30 +0000 (15:53 +0000)]
Merge pull request #1866 in SNORT/snort3 from ~KAMURTHI/snort3:shell-application to master
Squashed commit of the following:
commit
28d4e06573721c4a1beb02dbb3e100d050d61e14
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Wed Nov 20 19:57:27 2019 -0500
appid: Fix for better classification on pinholed data session and control session for Rshell/rexec.
George Koikara (gkoikara) [Wed, 27 Nov 2019 05:42:32 +0000 (05:42 +0000)]
Merge pull request #1797 in SNORT/snort3 from ~POAWASTH/snort3:CSCvr33175 to master
Squashed commit of the following:
commit
df59543a5e3e99bef9c809163c6030bdfb042796
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Fri Oct 11 06:07:32 2019 -0400
high_availability:Disabling the inspection if the Flow state is BLOCK
Michael Altizer [Wed, 30 Oct 2019 15:40:28 +0000 (11:40 -0400)]
cmake: Cache static DAQ module info in FindDAQ
Michael Altizer (mialtize) [Mon, 25 Nov 2019 23:47:26 +0000 (23:47 +0000)]
Merge pull request #1864 in SNORT/snort3 from ~MIALTIZE/snort3:sfip_copy to master
Squashed commit of the following:
commit
75e04dbd8822d123436d078ed6a8c9264e5fe780
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Nov 25 12:51:01 2019 -0500
port_scan: Only update scanner for ICMP if we have one
commit
79a2e35cf97761f748bd50070c82fb5cc40dd97a
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Nov 5 17:52:27 2019 -0500
flow: Clean up unit test compiler warnings
commit
2c8c1f85b7c24d2c20edc803508018306362ca39
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 6 16:05:32 2019 -0400
sfip: Replace copy setter with implicit copy constructor
Also, add some more padding guards and give SfCidr a default
constructor.
Mike Stepanek (mstepane) [Mon, 25 Nov 2019 14:28:51 +0000 (14:28 +0000)]
Merge pull request #1830 in SNORT/snort3 from ~KATHARVE/snort3:h2i_response_start_line2 to master
Squashed commit of the following:
commit
0a5f41439490f3dad02b91ae6358c448af539553
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Oct 30 17:09:13 2019 -0400
http2_inspect: generate status lines for responses and be more lenient on RFC violations
Russ Combs [Sat, 23 Nov 2019 03:03:43 +0000 (22:03 -0500)]
Squashed commit of the following:
commit
0698be4596756d8c393c294bd39995ea3631a75a
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Nov 22 11:53:06 2019 -0500
build: generate and tag build 265
Russ Combs (rucombs) [Sat, 23 Nov 2019 02:17:48 +0000 (02:17 +0000)]
Merge pull request #1862 in SNORT/snort3 from ~JIAWU2/snort3:dynamic_fix to master
Squashed commit of the following:
commit
d4338ff7993f3d75898004cf6ac24104ee35b1e3
Author: Jian Wu <jiawu2@cisco.com>
Date: Fri Nov 22 16:22:53 2019 -0500
pub_sub: fix warning when loading cip as dynamic lib
Mike Stepanek (mstepane) [Fri, 22 Nov 2019 20:20:10 +0000 (20:20 +0000)]
Merge pull request #1852 in SNORT/snort3 from ~NIHDESAI/snort3:ftp_cmds to master
Squashed commit of the following:
commit
72471dda4db4c0467871065d166c187cdfefb720
Author: Nihal Desai <nihdesai@cisco.com>
Date: Mon Nov 18 16:15:52 2019 -0500
ftp: handling multiple ftp server config validation
Shravan Rangarajuvenkata (shrarang) [Fri, 22 Nov 2019 18:04:41 +0000 (18:04 +0000)]
Merge pull request #1857 in SNORT/snort3 from ~SATHIRKA/snort3:bt_midstream to master
Squashed commit of the following:
commit
df005fee8fdee9b15bb625cd5ef908bbc410a7e7
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Nov 21 14:21:12 2019 -0500
appid: Adding Lua-C API to handle midstream traffic
projects / thirdparty / snort3.git / log
