Merge pull request #1929 in SNORT/snort3 from ~ALLEWI/snort3:disable_normalization_de...

Squashed commit of the following:

commit dcf81f202f0d8aa46297cb90cbf69c8eaf371f14
Author: allewi <allewi@cisco.com>
Date:   Thu Jan 9 16:55:53 2020 -0500

    normalizer: disable all normalizations by default except for tcp.ips

diff --git a/src/network_inspectors/normalize/norm_module.cc b/src/network_inspectors/normalize/norm_module.cc
index cb894040f9f4848289ce4d2c1ed8493825c0210d..73b057d639f255e3e3ea6e2bd7abac22629db8d0 100644 (file)
--- a/src/network_inspectors/normalize/norm_module.cc
+++ b/src/network_inspectors/normalize/norm_module.cc
@@ -87,7 +87,7 @@ static bool allow_codes(NormalizerConfig* config, const char* s)
 
 static const Parameter norm_ip4_params[] =
 {
-    { "base", Parameter::PT_BOOL, nullptr, "true",
+    { "base", Parameter::PT_BOOL, nullptr, "false",
       "clear options" },
 
     { "df", Parameter::PT_BOOL, nullptr, "false",
@@ -107,13 +107,13 @@ static const Parameter norm_ip4_params[] =
 
 static const Parameter norm_tcp_params[] =
 {
-    { "base", Parameter::PT_BOOL, nullptr, "true",
+    { "base", Parameter::PT_BOOL, nullptr, "false",
       "clear reserved bits and option padding and fix urgent pointer / flags issues" },
 
-    { "block", Parameter::PT_BOOL, nullptr, "true",
+    { "block", Parameter::PT_BOOL, nullptr, "false",
       "allow packet drops during TCP normalization" },
 
-    { "urp", Parameter::PT_BOOL, nullptr, "true",
+    { "urp", Parameter::PT_BOOL, nullptr, "false",
       "adjust urgent pointer if beyond segment length" },
 
     { "ips", Parameter::PT_BOOL, nullptr, "true",
@@ -122,7 +122,7 @@ static const Parameter norm_tcp_params[] =
     { "ecn", Parameter::PT_SELECT, "off | packet | stream", "off",
       "clear ecn for all packets | sessions w/o ecn setup" },
 
-    { "pad", Parameter::PT_BOOL, nullptr, "true",
+    { "pad", Parameter::PT_BOOL, nullptr, "false",
       "clear any option padding bytes" },
 
     { "trim_syn", Parameter::PT_BOOL, nullptr, "false",
@@ -140,19 +140,19 @@ static const Parameter norm_tcp_params[] =
     { "trim", Parameter::PT_BOOL, nullptr, "false",
       "enable all of the TCP trim options" },
 
-    { "opts", Parameter::PT_BOOL, nullptr, "true",
+    { "opts", Parameter::PT_BOOL, nullptr, "false",
       "clear all options except mss, wscale, timestamp, and any explicitly allowed" },
 
-    { "req_urg", Parameter::PT_BOOL, nullptr, "true",
+    { "req_urg", Parameter::PT_BOOL, nullptr, "false",
       "clear the urgent pointer if the urgent flag is not set" },
 
-    { "req_pay", Parameter::PT_BOOL, nullptr, "true",
+    { "req_pay", Parameter::PT_BOOL, nullptr, "false",
       "clear the urgent pointer and the urgent flag if there is no payload" },
 
-    { "rsv", Parameter::PT_BOOL, nullptr, "true",
+    { "rsv", Parameter::PT_BOOL, nullptr, "false",
       "clear the reserved bits in the TCP header" },
 
-    { "req_urp", Parameter::PT_BOOL, nullptr, "true",
+    { "req_urp", Parameter::PT_BOOL, nullptr, "false",
       "clear the urgent flag if the urgent pointer is not set" },
 
     { "allow_names", Parameter::PT_MULTI,