Pull request #4309: build: generate and tag 3.1.85.0

Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.85.0 to master

Squashed commit of the following:

commit ab0da173702879f47dacb75432271916a5fb7468
Author: Priyanka Gurudev <prbg@cisco.com>
Date:   Mon May 6 22:52:42 2024 -0400

    build: generate and tag 3.1.85.0

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 366fef785065b413000a456284e069935feff469..56824d191afc2f768fcbd25601b6d23e80afd0b8 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ project (snort CXX C)
 
 set (VERSION_MAJOR 3)
 set (VERSION_MINOR 1)
-set (VERSION_PATCH 84)
+set (VERSION_PATCH 85)
 set (VERSION_SUBLEVEL 0)
 set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}")
 

diff --git a/ChangeLog.md b/ChangeLog.md
index ec17051c0fbf0ab2b5293cc5703b5e9c6ee75528..0e4852cf116c68313060079f4011505944dd88ba 100644 (file)
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,23 @@
+2024-05-06: 3.1.85.0
+
+* anaylzer, framework: add a data bus method to publish to all network policies and use it for idle
+* appid: add http url regex patterns
+* appid: appid CPU Profiler Table and CLI
+* appid: disable appid cpu profiler
+* detection: clear inspector data before flow_data
+* detection: fix postponed rule evaluation with recall presence
+* file_api: fix incorrect data size being passed to IPS engine for file type detection
+* flow: connection profiling feature
+* flow: fix unit test for debian
+* main: update usage of a deprecated hwloc macro. Thanks to teicors for reporting the issue!
+* stream_tcp: add reassembler class for missed_3whs
+* stream_tcp: change drop reason issuer to stream
+* stream_tcp: drop packet with invalid sequence number if inspection policy is inline and fix sequence number comparisons
+* stream_tcp: implement an asymmetric flow (one-way traffic) mode for reassembly that purges flushed segments immediately (no waiting for ack that will never come)
+* stream_tcp: support for asymmetric normalization
+* stream_tcp: track offset into data buffer due to overlaps with state variable on the TCP segment node
+* utils: move file specific functions from perfmonitor to utils
+
 2024-04-08: 3.1.84.0
 
 * appid: enhanced appid config parsing

diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text
index 6a930d7b131ce749aa0d229d62423dee536802c8..2eb57060541b668d562900f0802840b84f38d103 100644 (file)
--- a/doc/reference/snort_reference.text
+++ b/doc/reference/snort_reference.text
@@ -8,7 +8,7 @@ Snort 3 Reference Manual
 The Snort Team
 
 Revision History
-Revision 3.1.84.0 2024-04-08 22:48:07 EDT TST
+Revision 3.1.85.0 2024-05-06 22:48:20 EDT TST
 
 ---------------------------------------------------------------------
 
@@ -901,7 +901,7 @@ Configuration:
     | bsd | bsd_right | last | windows | solaris }
   * enum hosts[].tcp_policy: TCP reassembly policy { first | last | 
     linux | old_linux | bsd | macos | solaris | irix | hpux11 | 
-    hpux10 | windows | win_2003 | vista | proxy }
+    hpux10 | windows | win_2003 | vista | proxy | asymmetric }
   * string hosts[].services[].name: service identifier
   * enum hosts[].services[].proto = tcp: IP protocol { tcp | udp }
   * port hosts[].services[].port: port number
@@ -2600,6 +2600,9 @@ Commands:
   * appid.reload_third_party(): reload appid third-party module
   * appid.reload_detectors(): reload appid detectors
   * appid.print_appid_config(): print appid configs
+  * appid.show_cpu_profiler_stats(appid): show appid cpu profiling
+    stats
+  * appid.show_cpu_profiler_status(): show appid cpu profiling status
 
 Peg counts:
 
@@ -5851,7 +5854,7 @@ Configuration:
   * enum stream_tcp.policy = bsd: determines operating system
     characteristics like reassembly { first | last | linux | 
     old_linux | bsd | macos | solaris | irix | hpux11 | hpux10 | 
-    windows | win_2003 | vista | proxy }
+    windows | win_2003 | vista | proxy | asymmetric }
   * bool stream_tcp.reassemble_async = true: queue data for
     reassembly before traffic is seen in both directions
   * int stream_tcp.require_3whs = -1: don’t track midstream sessions
@@ -6010,6 +6013,10 @@ Peg counts:
     normalization policy (sum)
   * stream_tcp.full_retransmits: number of fully retransmitted
     segments (sum)
+  * stream_tcp.flush_on_asymmetric_flow: number of flushes on
+    asymmetric flows (sum)
+  * stream_tcp.asymmetric_flows: number of completed flows having
+    one-way traffic only (sum)
 
 
 5.52. stream_udp
@@ -9659,7 +9666,7 @@ libraries see the Getting Started section of the manual.
   * enum hosts[].services[].proto = tcp: IP protocol { tcp | udp }
   * enum hosts[].tcp_policy: TCP reassembly policy { first | last | 
     linux | old_linux | bsd | macos | solaris | irix | hpux11 | 
-    hpux10 | windows | win_2003 | vista | proxy }
+    hpux10 | windows | win_2003 | vista | proxy | asymmetric }
   * addr host_tracker[].ip: hosts address / cidr
   * port host_tracker[].services[].port: port number
   * enum host_tracker[].services[].proto: IP protocol { ip | tcp | 
@@ -11000,7 +11007,7 @@ libraries see the Getting Started section of the manual.
   * enum stream_tcp.policy = bsd: determines operating system
     characteristics like reassembly { first | last | linux | 
     old_linux | bsd | macos | solaris | irix | hpux11 | hpux10 | 
-    windows | win_2003 | vista | proxy }
+    windows | win_2003 | vista | proxy | asymmetric }
   * int stream_tcp.queue_limit.max_bytes = 4194304: don’t queue more
     than given bytes per session and direction, 0 = unlimited {
     0:max32 }
@@ -12233,6 +12240,8 @@ libraries see the Getting Started section of the manual.
     tuner called while processing packets (sum)
   * stream.stale_prunes: sessions pruned due to stale connection
     (sum)
+  * stream_tcp.asymmetric_flows: number of completed flows having
+    one-way traffic only (sum)
   * stream_tcp.client_cleanups: number of times data from server was
     flushed when session released (sum)
   * stream_tcp.closing: number of sessions currently closing (now)
@@ -12252,6 +12261,8 @@ libraries see the Getting Started section of the manual.
   * stream_tcp.exceeded_max_segs: number of times the maximum queued
     segment limit was reached (sum)
   * stream_tcp.fins: number of fin packets (sum)
+  * stream_tcp.flush_on_asymmetric_flow: number of flushes on
+    asymmetric flows (sum)
   * stream_tcp.full_retransmits: number of fully retransmitted
     segments (sum)
   * stream_tcp.gaps: missing data between PDUs (sum)
@@ -15749,6 +15760,9 @@ alert is raised by the enhanced JavaScript normalizer.
   * appid.reload_third_party(): reload appid third-party module
   * appid.reload_detectors(): reload appid detectors
   * appid.print_appid_config(): print appid configs
+  * appid.show_cpu_profiler_stats(appid): show appid cpu profiling
+    stats
+  * appid.show_cpu_profiler_status(): show appid cpu profiling status
   * host_cache.dump(file_name): dump host cache
   * host_cache.delete_host(host_ip): delete host from host cache
   * host_cache.delete_network_proto(host_ip, proto): delete network

diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text
index ce9f0f8e463222f24983c45d711a182c4d811a80..f3a65689c88945ce26c9d362ed68f60e29865d5e 100644 (file)
--- a/doc/upgrade/snort_upgrade.text
+++ b/doc/upgrade/snort_upgrade.text
@@ -8,7 +8,7 @@ Snort 3 Upgrade Manual
 The Snort Team
 
 Revision History
-Revision 3.1.84.0 2024-04-08 22:49:12 EDT TST
+Revision 3.1.85.0 2024-05-06 22:49:28 EDT TST
 
 ---------------------------------------------------------------------
 

diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text
index 2e5d0b51181ea8fa81101730c31a6e080300241d..ebaac2ad39818df2ecf8fc1f6002d7ff8d7290da 100644 (file)
--- a/doc/user/snort_user.text
+++ b/doc/user/snort_user.text
@@ -8,7 +8,7 @@ Snort 3 User Manual
 The Snort Team
 
 Revision History
-Revision 3.1.84.0 2024-04-08 22:48:29 EDT TST
+Revision 3.1.85.0 2024-05-06 22:48:43 EDT TST
 
 ---------------------------------------------------------------------