+2020/11/16 - 3.0.3 build 5
+
+-- appid: Add unit test to verify HA data for flow unmonitored by appid
+-- appid: Handle cppcheck warnings
+-- appid: Prefix http/2 decrypted urls with https://
+-- appid: Support client login failure event
+-- flow: Do not remove the flow during pruning/reload during IPS event with block action
+-- flow: Flesh out swap_roles() to swap more client/server fields
+-- flow: Set client initiated flag based on DAQ reverse flow flag, track on syn config, and syn-ack
+ packet
+-- ftp: Handle FTP detection when ftp data segment size changes
+-- host_tracker: Ignore IP family when comparing SfIp keys in the host cache
+-- http2_inspect: Data frame redesign
+-- http2_inspect: Multi-segment reassemble discard bug fix
+-- http2_inspect: Perform hpack decoding on push_promise frames
+-- http2_inspect: Refactor data cutter
+-- http2_inspect: Refactor scan()
+-- http2_inspect: Remove const cast
+-- http2_inspect: Send push_promise frames through http_inspect
+-- ips_options: Don't move cursor in byte_math
+-- main: Set up logging flags globally to avoid dependencies on a particular SnortConfig object
+-- payload_injector: Refactoring
+-- payload_injector: Remove content length and connection for HTTP/2
+-- rna: Add command to delete MAC hosts and protos
+-- rna: Delete payloads when clients, services are deleted; add unit tests
+-- rna: Discover banner on service version or response events
+-- rna: Don't process packet in eval if eth bit not set
+-- rna: Log src mac from packet containing CDP message when host type change event is generated
+-- rna: Support banner discovery
+-- rna: Support change service event with null version and vendor
+-- rna: Support user login failure discovery
+-- smtp: Make sure the ssl search abandoned flag is preserved for reset
+-- stream_tcp: Remove redundant/unneeded asserts that check if tcp event is for a meta-ack
+ psuedo-packet
+-- thread_config: Show thread ID when logging binding information
+-- trace: Add missing packet information to some of the messages
+
2020/10/27 - 3.0.3 build 4
-- actions: Add support to react for HTTP/2
The Snort Team
Revision History
-Revision 3.0.3 (Build 4) 2020-10-27 14:24:13 EDT TST
+Revision 3.0.3 (Build 5) 2020-11-16 12:11:59 EST TST
---------------------------------------------------------------------
* ftp_server.ssl_search_abandoned: total SSL search abandoned (sum)
* ftp_server.ssl_srch_abandoned_early: total SSL search abandoned
too soon (sum)
+ * ftp_server.pkt_segment_size_changed: total number of FTP data
+ packets with segment size change (sum)
+ * ftp_server.flow_segment_size_changed: total number of FTP
+ sessions with segment size change (sum)
5.22. gtp_inspect
Commands:
* rna.dump_macs(): dump rna’s internal MAC trackers
+ * rna.delete_mac_host(mac): delete a MAC from rna’s MAC cache
+ * rna.delete_mac_host_proto(mac, proto): delete a protocol
+ associated with a MAC host
Peg counts:
* ftp_data.packets: total packets (sum)
* ftp_server.concurrent_sessions: total concurrent FTP sessions
(now)
+ * ftp_server.flow_segment_size_changed: total number of FTP
+ sessions with segment size change (sum)
* ftp_server.max_concurrent_sessions: maximum concurrent FTP
sessions (max)
+ * ftp_server.pkt_segment_size_changed: total number of FTP data
+ packets with segment size change (sum)
* ftp_server.ssl_search_abandoned: total SSL search abandoned (sum)
* ftp_server.ssl_srch_abandoned_early: total SSL search abandoned
too soon (sum)
* perf_monitor.show_flow_ip_profiling(): show status of statistics
on host pairs
* rna.dump_macs(): dump rna’s internal MAC trackers
+ * rna.delete_mac_host(mac): delete a MAC from rna’s MAC cache
+ * rna.delete_mac_host_proto(mac, proto): delete a protocol
+ associated with a MAC host
* snort.show_plugins(): show available plugins
* snort.delete_inspector(inspector): delete an inspector from the
default policy
The Snort Team
Revision History
-Revision 3.0.3 (Build 4) 2020-10-27 14:24:05 EDT TST
+Revision 3.0.3 (Build 5) 2020-11-16 12:11:50 EST TST
---------------------------------------------------------------------
The Snort Team
Revision History
-Revision 3.0.3 (Build 4) 2020-10-27 14:24:05 EDT TST
+Revision 3.0.3 (Build 5) 2020-11-16 12:11:50 EST TST
---------------------------------------------------------------------
void Flow::swap_roles()
{
- flags.client_initiated = !flags.client_initiated;
- std::swap(client_ip, server_ip);
- std::swap(client_port, server_port);
std::swap(flowstats.client_pkts, flowstats.server_pkts);
std::swap(flowstats.client_bytes, flowstats.server_bytes);
+ std::swap(mpls_client, mpls_server);
+ std::swap(client_ip, server_ip);
+ std::swap(client_intf, server_intf);
+ std::swap(client_group, server_group);
+ std::swap(client_port, server_port);
+ std::swap(inner_client_ttl, inner_server_ttl);
+ std::swap(outer_client_ttl, outer_server_ttl);
+ flags.client_initiated = !flags.client_initiated;
}
// //
//-----------------------------------------------//
-#define BUILD_NUMBER 4
+#define BUILD_NUMBER 5
#ifndef EXTRABUILD
#define BUILD STRINGIFY_MX(BUILD_NUMBER)
projects / thirdparty / snort3.git / commitdiff
