From: Priyanka Bangalore Gurudev (prbg) Date: Wed, 11 Oct 2023 19:22:59 +0000 (+0000) Subject: Pull request #4044: build: generate and tag 3.1.72.0 X-Git-Tag: 3.1.72.0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc00486bb58ce77677d58c3ac2be1a379ffebcd0;p=thirdparty%2Fsnort3.git Pull request #4044: build: generate and tag 3.1.72.0 Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.72.0 to master Squashed commit of the following: commit 31d798da0da602ab732f2661d2fca4ae75e15101 Author: Priyanka Gurudev Date: Tue Oct 10 23:02:24 2023 -0400 build: generate and tag 3.1.72.0 --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f7c6c710..ab07da116 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,7 +3,7 @@ project (snort CXX C) set (VERSION_MAJOR 3) set (VERSION_MINOR 1) -set (VERSION_PATCH 71) +set (VERSION_PATCH 72) set (VERSION_SUBLEVEL 0) set (VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_SUBLEVEL}") diff --git a/ChangeLog.md b/ChangeLog.md index 4ed9679cf..8117091a4 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,19 @@ +2023-10-10: 3.1.72.0 + +* active: added API for printing delayed action string +* appid: support to get correct http session based on stream_id +* control: allow one command at a time +* dce_rpc: using reset_using_rpkt() inline to what is there in eval() of SMB inspector code as well +* flow_cache: added protocol base LRU caches +* helpers: increase buffer space for function names, allow printing truncated names +* http_inspect: clear fake headers snapshot for 0.9 response +* http_inspect: run detection on failed utf decoding +* memory: change NOW type counts to SUM type, where necessary +* packet_io: fix daq stats +* stream_tcp: accept 1 byte of trimmed probe data after zero window +* stream_tcp: update rcv_nxt appropriately for each segment +* tcp: timeout for embryonic and idle session + 2023-09-25: 3.1.71.0 * appid, http_inspect, http2_inspect: create appid session if not present in decrypt event handler, add message section as part of StreamFlowIntf for httpx diff --git a/doc/reference/snort_reference.text b/doc/reference/snort_reference.text index 75ab703d6..2dd51ee0f 100644 --- a/doc/reference/snort_reference.text +++ b/doc/reference/snort_reference.text @@ -8,7 +8,7 @@ Snort 3 Reference Manual The Snort Team Revision History -Revision 3.1.71.0 2023-09-25 07:40:20 EDT TST +Revision 3.1.72.0 2023-10-10 22:54:49 EDT TST --------------------------------------------------------------------- @@ -505,7 +505,8 @@ Peg counts: * daq.analyzed: total packets analyzed from DAQ (sum) * daq.dropped: packets dropped (sum) * daq.filtered: packets filtered out (sum) - * daq.outstanding: packets unprocessed (sum) + * daq.outstanding: packets unprocessed (now) + * daq.outstanding_max: maximum of packets unprocessed (max) * daq.injected: active responses or replacements (sum) * daq.allow: total allow verdicts (sum) * daq.block: total block verdicts (sum) @@ -1095,21 +1096,21 @@ Peg counts: * memory.start_up_use: memory used before packet processing (now) * memory.cur_in_use: current memory used (now) * memory.max_in_use: maximum memory used (max) - * memory.epochs: number of memory updates (now) + * memory.epochs: number of memory updates (sum) * memory.allocated: total amount of memory allocated by packet threads (now) * memory.deallocated: total amount of memory deallocated by packet threads (now) * memory.reap_cycles: number of actionable over-limit conditions - (now) - * memory.reap_attempts: attempts to reclaim memory (now) - * memory.reap_failures: failures to reclaim memory (now) + (sum) + * memory.reap_attempts: attempts to reclaim memory (sum) + * memory.reap_failures: failures to reclaim memory (sum) * memory.reap_aborts: abort pruning before target due to process - under limit (now) + under limit (sum) * memory.reap_decrease: total amount of the decrease in thread - memory while process over limit (now) + memory while process over limit (sum) * memory.reap_increase: total amount of the increase in thread - memory while process over limit (now) + memory while process over limit (sum) * memory.app_all: total bytes allocated by application (now) * memory.active: total bytes allocated in active pages (now) * memory.resident: maximum bytes physically resident (now) @@ -5803,6 +5804,10 @@ Configuration: * int stream_tcp.session_timeout = 180: session tracking timeout { 1:max31 } * bool stream_tcp.track_only = false: disable reassembly if true + * int stream_tcp.embryonic_timeout = 30: Non-established connection + timeout { 1:max31 } + * int stream_tcp.idle_timeout = 3600: session deletion on idle { + 1:max31 } Rules: @@ -10889,9 +10894,13 @@ libraries see the Getting Started section of the manual. given range { 0: } * int stream.tcp_cache.idle_timeout = 3600: maximum inactive time before retiring session tracker { 1:max32 } + * int stream_tcp.embryonic_timeout = 30: Non-established connection + timeout { 1:max31 } * int stream_tcp.flush_factor = 0: flush upon seeing a drop in segment size after given number of non-decreasing segments { 0:65535 } + * int stream_tcp.idle_timeout = 3600: session deletion on idle { + 1:max31 } * int stream_tcp.max_pdu = 16384: maximum reassembled PDU size { 1460:32768 } * int stream_tcp.max_window = 0: maximum allowed TCP window { @@ -11115,7 +11124,8 @@ libraries see the Getting Started section of the manual. lack of DAQ support (sum) * daq.other_messages: messages received from DAQ with unrecognized message type (sum) - * daq.outstanding: packets unprocessed (sum) + * daq.outstanding_max: maximum of packets unprocessed (max) + * daq.outstanding: packets unprocessed (now) * daq.pcaps: total files and interfaces processed (max) * daq.received: total packets received from DAQ (sum) * daq.replace: total replace verdicts (sum) @@ -11679,18 +11689,18 @@ libraries see the Getting Started section of the manual. * memory.cur_in_use: current memory used (now) * memory.deallocated: total amount of memory deallocated by packet threads (now) - * memory.epochs: number of memory updates (now) + * memory.epochs: number of memory updates (sum) * memory.max_in_use: maximum memory used (max) * memory.reap_aborts: abort pruning before target due to process - under limit (now) - * memory.reap_attempts: attempts to reclaim memory (now) + under limit (sum) + * memory.reap_attempts: attempts to reclaim memory (sum) * memory.reap_cycles: number of actionable over-limit conditions - (now) + (sum) * memory.reap_decrease: total amount of the decrease in thread - memory while process over limit (now) - * memory.reap_failures: failures to reclaim memory (now) + memory while process over limit (sum) + * memory.reap_failures: failures to reclaim memory (sum) * memory.reap_increase: total amount of the increase in thread - memory while process over limit (now) + memory while process over limit (sum) * memory.resident: maximum bytes physically resident (now) * memory.retained: total bytes not returned to OS (now) * memory.start_up_use: memory used before packet processing (now) diff --git a/doc/upgrade/snort_upgrade.text b/doc/upgrade/snort_upgrade.text index d04fc785a..f5740076d 100644 --- a/doc/upgrade/snort_upgrade.text +++ b/doc/upgrade/snort_upgrade.text @@ -8,7 +8,7 @@ Snort 3 Upgrade Manual The Snort Team Revision History -Revision 3.1.71.0 2023-09-25 07:41:06 EDT TST +Revision 3.1.72.0 2023-10-10 22:55:38 EDT TST --------------------------------------------------------------------- diff --git a/doc/user/snort_user.text b/doc/user/snort_user.text index 9e1f5276f..da21960d9 100644 --- a/doc/user/snort_user.text +++ b/doc/user/snort_user.text @@ -8,7 +8,7 @@ Snort 3 User Manual The Snort Team Revision History -Revision 3.1.71.0 2023-09-25 07:40:35 EDT TST +Revision 3.1.72.0 2023-10-10 22:55:06 EDT TST ---------------------------------------------------------------------