+2024-03-24: 3.1.83.0
+
+* detection: use correct packet in trace logs
+* doc: add libml to optional dependencies
+* flow: add filter to dump flows
+* flow: fix UT
+* hash: exception handling for random device
+* packet_capture: fixed wrong dlt in pcap header when nfq is used
+* stream: count retransmits when we disable content rules
+* trace: replace colon delimiter for tenant with whitespace in the trace_logger output
+
2024-03-12: 3.1.82.0
* appid: broadcast commands with ctrlcon
The Snort Team
Revision History
-Revision 3.1.82.0 2024-03-12 12:50:44 EDT TST
+Revision 3.1.83.0 2024-03-24 21:36:04 EDT TST
---------------------------------------------------------------------
* int stream.file_cache.idle_timeout = 180: maximum inactive time
before retiring session tracker { 1:max32 }
+Commands:
+
+ * stream.dump_flows(): dump the flow table
+
Rules:
* 135:1 (stream) TCP SYN received
(sum)
* stream_tcp.proxy_mode_flows: number of flows set to proxy
normalization policy (sum)
+ * stream_tcp.full_retransmits: number of fully retransmitted
+ segments (sum)
5.52. stream_udp
* stream_tcp.exceeded_max_segs: number of times the maximum queued
segment limit was reached (sum)
* stream_tcp.fins: number of fin packets (sum)
+ * stream_tcp.full_retransmits: number of fully retransmitted
+ segments (sum)
* stream_tcp.gaps: missing data between PDUs (sum)
* stream_tcp.held_packet_purges: number of held packets that were
purged without flushing (sum)
* snort.detach(): detach from control shell (without shutting down)
* snort.quit(): shutdown and dump-stats
* snort.help(): this output
+ * stream.dump_flows(): dump the flow table
* trace.set(modules, constraints, ntuple, timestamp): set modules
traces, constraints, ntuple and timestamp options
* trace.clear(): clear modules traces and constraints
The Snort Team
Revision History
-Revision 3.1.82.0 2024-03-12 12:51:07 EDT TST
+Revision 3.1.83.0 2024-03-24 21:36:21 EDT TST
---------------------------------------------------------------------
their instructions for building it as a shared library.
* iconv from https://ftp.gnu.org/pub/gnu/libiconv/ for converting
UTF16-LE filenames to UTF8 (usually included in glibc)
+ * libml from https://github.com/snort3/libml to enable Snort ML,
+ Neural Network-based Exploit Detector
* libunwind from https://www.nongnu.org/libunwind/ to attempt to
dump a somewhat readable backtrace when a fatal signal is
received