From: Priyanka Bangalore Gurudev (prbg) Date: Mon, 25 Mar 2024 17:22:54 +0000 (+0000) Subject: Pull request #4258: build: generate and tag 3.1.83.0 X-Git-Tag: 3.1.83.0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a346713f06dca3f31e804d7b57ec2f32c3f77544;p=thirdparty%2Fsnort3.git Pull request #4258: build: generate and tag 3.1.83.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.83.0 to master Squashed commit of the following: commit 5db7781f1c56b76fe08c45f6cea597db2b3d6e3f Author: Priyanka Gurudev Date: Sun Mar 24 21:40:55 2024 -0400 build: generate and tag 3.1.83.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 37f295ee7..2ef9225f5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 1) -set (VERSION_PATCH 82) +set (VERSION_PATCH 83) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index 6704e05a6..ea2cd5c03 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,14 @@ +2024-03-24: 3.1.83.0 + +* detection: use correct packet in trace logs +* doc: add libml to optional dependencies +* flow: add filter to dump flows +* flow: fix UT +* hash: exception handling for random device +* packet_capture: fixed wrong dlt in pcap header when nfq is used +* stream: count retransmits when we disable content rules +* trace: replace colon delimiter for tenant with whitespace in the trace_logger output + 2024-03-12: 3.1.82.0 * appid: broadcast commands with ctrlcon diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index eb1400481..f3e957513 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.1.82.0 2024-03-12 12:50:44 EDT TST +Revision 3.1.83.0 2024-03-24 21:36:04 EDT TST --------------------------------------------------------------------- @@ -5626,6 +5626,10 @@ Configuration: * int stream.file_cache.idle_timeout = 180: maximum inactive time before retiring session tracker { 1:max32 } +Commands: + + * stream.dump_flows(): dump the flow table + Rules: * 135:1 (stream) TCP SYN received @@ -6003,6 +6007,8 @@ Peg counts: (sum) * stream_tcp.proxy_mode_flows: number of flows set to proxy normalization policy (sum) + * stream_tcp.full_retransmits: number of fully retransmitted + segments (sum) 5.52. stream_udp @@ -12245,6 +12251,8 @@ libraries see the Getting Started section of the manual. * stream_tcp.exceeded_max_segs: number of times the maximum queued segment limit was reached (sum) * stream_tcp.fins: number of fin packets (sum) + * stream_tcp.full_retransmits: number of fully retransmitted + segments (sum) * stream_tcp.gaps: missing data between PDUs (sum) * stream_tcp.held_packet_purges: number of held packets that were purged without flushing (sum) @@ -15806,6 +15814,7 @@ alert is raised by the enhanced JavaScript normalizer. * snort.detach(): detach from control shell (without shutting down) * snort.quit(): shutdown and dump-stats * snort.help(): this output + * stream.dump_flows(): dump the flow table * trace.set(modules, constraints, ntuple, timestamp): set modules traces, constraints, ntuple and timestamp options * trace.clear(): clear modules traces and constraints diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index 81d89cdd3..6b61afd39 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.1.82.0 2024-03-12 12:51:51 EDT TST +Revision 3.1.83.0 2024-03-24 21:36:54 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index d30f9be76..969652a74 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.1.82.0 2024-03-12 12:51:07 EDT TST +Revision 3.1.83.0 2024-03-24 21:36:21 EDT TST --------------------------------------------------------------------- @@ -1061,6 +1061,8 @@ Optional: their instructions for building it as a shared library. * iconv from https://ftp.gnu.org/pub/gnu/libiconv/ for converting UTF16-LE filenames to UTF8 (usually included in glibc) + * libml from https://github.com/snort3/libml to enable Snort ML, + Neural Network-based Exploit Detector * libunwind from https://www.nongnu.org/libunwind/ to attempt to dump a somewhat readable backtrace when a fatal signal is received