]>
git.ipfire.org Git - thirdparty/snort3.git/log
Shawn Turner (shaturne) [Mon, 3 Oct 2016 17:13:18 +0000 (13:13 -0400)]
Merge pull request #644 in SNORT/snort3 from sip_callid to master
Squashed commit of the following:
commit
d9e16c7bc50521a41d7f5df96f51b7323e5297e7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Sep 28 12:43:02 2016 -0400
sip changes to avoid using NAT ip when calculating callid
Michael Altizer (mialtize) [Mon, 3 Oct 2016 15:03:21 +0000 (11:03 -0400)]
Merge pull request #651 in SNORT/snort3 from static_analysis_fixes to master
Squashed commit of the following:
commit
3add74c4db289a86987f766f2d3e25a14607c64a
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Oct 3 10:53:39 2016 -0400
Add FIXIT-A to style guide to indicate a static analysis issue.
commit
69b060b5b54f6b32601bc02ddd65e3d2d94db785
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Oct 3 09:16:08 2016 -0400
Added FIXIT-A for two clang static analysis False Positive findings.
Hui Cao (huica) [Mon, 3 Oct 2016 14:05:46 +0000 (10:05 -0400)]
Merge pull request #642 in SNORT/snort3 from appid_log_file_bug to master
Squashed commit of the following:
commit
d75835a1383c4d93e68a8f32d135b693dbfe3d9a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Sep 27 16:26:08 2016 -0400
only log unknow appid if it is non-zero
fix snort2lua to output 'log_stats true' for appid 'app_stats_filename' option'
init static thread local variable for client app config
fix issues from code review comments, u_int8_t->uint8_t, type/var/field renames to conform to coding style
fix coding style naming issue
Michael Altizer (mialtize) [Fri, 30 Sep 2016 18:32:18 +0000 (14:32 -0400)]
Merge pull request #649 in SNORT/snort3 from dce_includes to master
Squashed commit of the following:
commit
5bf0a396155c01562d168fad34b7cff4f54e76f8
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 30 14:01:39 2016 -0400
dce_rpc: Clean up header inclusions
Michael Altizer (mialtize) [Fri, 30 Sep 2016 16:14:22 +0000 (12:14 -0400)]
Merge pull request #627 in SNORT/snort3 from ~MIALTIZE/snort3:expected_flows to master
Squashed commit of the following:
commit
91133a83eca85bc05e403bce6973af2099e5159e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 16:36:45 2016 -0400
file_mempool: Fix initializing total pool size
commit
61ae01ad22a6a4f4093c749304023b5a25045633
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 13:40:23 2016 -0400
expected: Push expected flow information through the DAQ module
commit
08aa5f9a79a724a61274854fcc37f05a0fc3d1da
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:22:04 2016 -0400
sfdaq: Add SFDAQInstance::add_expected() call
commit
218769cb579189f0600b53c7c6abde063d34627f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 13:34:57 2016 -0400
expected: Expected cache revamp and related bugfixes
- Change expected cache to use FlowKeys instead of ExpectKeys
- Support expected flows where the full N-tuple is known
- Fix SIP (ignored) expected flow creation logic
- Fix AppID expected flow creation regarding IP proto/PktType
- Add FTP data channel expected flow with type TCP rather than PDU
- Many expected cache bugfixes
commit
686ff5e39c79b81472c794a18548e77146638348
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:34:51 2016 -0400
ftp_data: Add expected data consumption to set service name and fix bugs
- Set the parent flow key type from the flow rather than the packet when
creating FTP-DATA flow data.
- Correctly retrieve FTP-DATA flow data instead of FTP flow data when
inspecting with FTP-DATA.
commit
2931ce2677e0a4c20454430f361d92f65c99a2f5
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:31:31 2016 -0400
stream: Fix NPD in get_flow_data() when flow doesn't exist
commit
b06e59efa081db48229bc098f89f1b906b993fd4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:27:15 2016 -0400
flow_key: Add address/port reversal reporting to init()
commit
994b52c89ffedd64ee69395707227589c913be1b
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:25:08 2016 -0400
zhash: Add new node insertion reporting to get()
commit
60af08a53b8711d72aebbd8fc14690bbc493ddc5
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:23:34 2016 -0400
ftp: Fix marking file get commands
commit
90aaa06a5f47b28e8c4d48c522944c0204c6ac9e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:19:33 2016 -0400
build: Remove lingering LibDAQ #ifdefs
commit
9c6f5d9e74d0a7a7deeb5dd702298c43b05ae2fd
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 26 12:16:48 2016 -0400
defaults: Update FTP default config based on Snort2's hardcoded one
Michael Altizer (mialtize) [Fri, 30 Sep 2016 16:13:18 +0000 (12:13 -0400)]
Merge pull request #648 in SNORT/snort3 from nhttp56 to master
Squashed commit of the following:
commit
7119b31cd1d0f3e8623d63d605ce12d3c37888b5
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Sep 29 11:54:58 2016 -0400
NHI event 119/66 fix
Hui Cao (huica) [Thu, 29 Sep 2016 20:29:57 +0000 (16:29 -0400)]
Merge pull request #647 in SNORT/snort3 from obfuscation_updates to master
Squashed commit of the following:
commit
95db4800e1963f5f20d7a7493e850070561379f4
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Sep 29 12:06:23 2016 -0400
Fix mysteriously disabling obfuscation and offset.
Michael Altizer (mialtize) [Thu, 29 Sep 2016 18:31:53 +0000 (14:31 -0400)]
Merge pull request #643 in SNORT/snort3 from dce_udp_autodetect to master
Squashed commit of the following:
commit
75280120e229d16a4137908587d900b34ff14c15
Author: mdagon <mdagon@cisco.com>
Date: Thu Sep 29 13:17:45 2016 -0400
Code review
commit
378da827dc3aa45f2367b47b61fd9f176370d260
Author: mdagon <mdagon@cisco.com>
Date: Tue Sep 27 15:25:47 2016 -0400
dce_udp autodetect and session creation
Michael Altizer (mialtize) [Thu, 29 Sep 2016 18:26:43 +0000 (14:26 -0400)]
Merge pull request #646 in SNORT/snort3 from static_analysis_fixes to master
Squashed commit of the following:
commit
9828dcff1ed69362b71da63b25a3adff33287452
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Sep 29 08:08:47 2016 -0400
Two assert()'s to overcome static analysis errors.
Russ Combs (rucombs) [Thu, 29 Sep 2016 17:42:16 +0000 (13:42 -0400)]
Merge pull request #645 in SNORT/snort3 from late to master
Squashed commit of the following:
commit
a797535dfab7af50483a891e95d37a5fd22ca00c
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 28 21:42:23 2016 -0400
fix ac_full initialization performance
commit
a4edbc38a49e7d54e19dae65a29257db9c99129a
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Wed Sep 28 06:07:36 2016 -0400
latency log tweaks
Russ Combs [Tue, 27 Sep 2016 21:45:39 +0000 (17:45 -0400)]
build 213
Russ Combs (rucombs) [Tue, 27 Sep 2016 21:42:13 +0000 (17:42 -0400)]
Merge pull request #640 in SNORT/snort3 from sd_pattern_from to master
Squashed commit of the following:
commit
8c9f3f7e17accb55731074226ba7325f8ad717cc
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Sep 27 12:33:33 2016 -0400
Slide validation input data to the start of match.
Hui Cao (huica) [Tue, 27 Sep 2016 20:45:56 +0000 (16:45 -0400)]
Merge pull request #641 in SNORT/snort3 from file_smb2 to master
Remove extra byte for file name
Avoiding checking policy for each packet.
Squashed commit of the following:
commit
791af2b871275d159f4421239628b45406a6e9e7
Author: huica <huica@cisco.com>
Date: Tue Sep 27 15:21:10 2016 -0400
correct file name size
Shawn Turner (shaturne) [Tue, 27 Sep 2016 17:47:26 +0000 (13:47 -0400)]
Merge pull request #638 in SNORT/snort3 from full_retransmit to master
Squashed commit of the following:
commit
8801fc1c994927d371735109f88ed08d667b0c15
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Sep 26 16:08:57 2016 -0400
porting full retransmit changes from snort 2.8.3
Russ Combs (rucombs) [Tue, 27 Sep 2016 13:22:56 +0000 (09:22 -0400)]
Merge pull request #639 in SNORT/snort3 from hs_tl to master
Squashed commit of the following:
commit
4f4f7fb4d5ced30a2de94186c93add9d66996d3a
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 26 20:32:03 2016 -0400
fix multithread hyperscan mpse
Russ Combs [Sat, 24 Sep 2016 20:43:15 +0000 (16:43 -0400)]
build 212
Russ Combs (rucombs) [Fri, 23 Sep 2016 21:35:57 +0000 (17:35 -0400)]
Merge pull request #636 in SNORT/snort3 from crc_timeouts to master
Squashed commit of the following:
commit
2797249af796d70c7b0eb9759d056bca3572e229
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 23 14:43:19 2016 -0400
separate idle timeouts from session timeouts counts
close tcp on rst in close wait, closing, fin wait 1, and fin wait 2
Russ Combs (rucombs) [Fri, 23 Sep 2016 20:48:52 +0000 (16:48 -0400)]
Merge pull request #635 in SNORT/snort3 from ~MIALTIZE/snort3:os-cleanup to master
Squashed commit of the following:
commit
c9776312bc8fe2b0320f2e79a068bef2e30d9dae
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 16:02:19 2016 -0400
doc: Update style guide for 'using' statements and underscores
commit
f8a541ce2ca3c349976f6f03d28ebed3d4e723fc
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 13:08:24 2016 -0400
build: Fix 32-bit compiler warnings
commit
c3692c6d4c2cafead8a65235b7eb37cb31790ae9
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 12:33:25 2016 -0400
build: Fix illumos/OpenSolaris build and remove SOLARIS/SUNOS defines
commit
6315aaf73aeda470b3e698f994282762f2774652
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 11:21:56 2016 -0400
packet_capture: Include top-level pcap.h for backward compatibility
commit
e2446819cb97c0c3ea5ad38d4c1fdb77a5aa0c16
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 11:15:58 2016 -0400
lua: Fix conflict with _L macro from ctype.h on OpenBSD
commit
1c4ac1695457446de11d8d2ad09e5b838514d7b1
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 02:41:38 2016 -0400
cmake: Clean dead variables out of config.cmake.h
commit
d0ff9dc6e9733e430f207f90ff289053837510fb
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 02:33:35 2016 -0400
build: Remove superfluous LINUX and MACOS definitions
They were only used in C/C++ code and can be replaced with the
standard C preprocessor macros defined by platform compilers.
commit
368f216086edb97866d3e73939e18cc7c9af86a5
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 01:54:08 2016 -0400
build: Remove superfluous OPENBSD and FREEBSD definitions
They were only used in C/C++ code and can be replaced with the standard
C preprocessor macros defined by platform compilers.
commit
7f2d77cebcb660f2d515f2fbd963049f838ced28
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 01:44:36 2016 -0400
build: Entering 'std' namespace should be after all headers are included
Otherwise, things get weird. Especially on illumos.
commit
b6265ea5a8af4bd9a8c1dbfa9f8a316b068fd848
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 01:21:44 2016 -0400
build: Clean up u_int*_t usage
commit
b82a09c460d5c27fd3c827ea65ce32a296d7a0b6
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 23 01:10:57 2016 -0400
build: Remove SPARC support
Sorry, but it probably didn't work anyway and we have nothing to test it
on. If anyone really wants it, they are free to test it and add it
again.
commit
33d61442742c136b7c644e55d96aa875adb87dd4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 12 15:39:18 2016 -0400
main: Remove unused -w commandline option
commit
cdf3b6f62e1cce4816fb7ac5ff6148eeb77d80df
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Sep 12 13:50:39 2016 -0400
Clean up some DAQ header inclusion creep.
Michael Altizer (mialtize) [Fri, 23 Sep 2016 20:10:18 +0000 (16:10 -0400)]
Merge pull request #632 in SNORT/snort3 from dce_udp_snort2lua to master
Squashed commit of the following:
commit
ee86fa251e30c1fdaddb21774244ed608a71c327
Author: mdagon <mdagon@cisco.com>
Date: Thu Sep 22 18:30:54 2016 -0400
Code review
commit
90b8e627ae34ed8124c9d31207cc99dc2d915345
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 19 08:59:48 2016 -0400
Dce udp snort2lua
huica [Fri, 23 Sep 2016 16:40:38 +0000 (12:40 -0400)]
Merge branch 'master' of
Russ Combs (rucombs) [Fri, 23 Sep 2016 16:31:01 +0000 (12:31 -0400)]
Merge pull request #634 in SNORT/snort3 from cmake-appid-unit-tests to master
Squashed commit of the following:
commit
d2c849d8fc628237be8f0e291213433cb23b3556
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Sep 22 14:57:38 2016 -0400
Fix another case of CPPUTest header order issues
huica [Fri, 23 Sep 2016 16:21:00 +0000 (12:21 -0400)]
Detect files when they are transferred in segments in SMB2
Russ Combs [Fri, 23 Sep 2016 00:39:56 +0000 (20:39 -0400)]
build 211
Russ Combs (rucombs) [Thu, 22 Sep 2016 21:02:30 +0000 (17:02 -0400)]
Merge pull request #633 in SNORT/snort3 from hs to master
Squashed commit of the following:
commit
55c5043898a1cc1856d055d576e1518112cd97ff
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 22 14:25:23 2016 -0400
fix hyperscan with nocase
Russ Combs (rucombs) [Thu, 22 Sep 2016 15:07:28 +0000 (11:07 -0400)]
Merge pull request #631 in SNORT/snort3 from stream to master
Squashed commit of the following:
commit
ae3452ee7aa1acfbd370e1385046986d0553da83
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 21 21:04:38 2016 -0400
move flow purge at shutdown ahead of plugin termination
fix --dirty-pig
refactor use of flow_con for better encapsulation
make all Stream methods static and hide stream implementation
Russ Combs (rucombs) [Wed, 21 Sep 2016 10:54:09 +0000 (06:54 -0400)]
Merge pull request #629 in SNORT/snort3 from ~MIALTIZE/snort3:freebsd-fix to master
Squashed commit of the following:
commit
f14956bfe743fb068fbdc6298952b3dae85927eb
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Sep 21 00:14:24 2016 -0400
service_rpc: Fix FreeBSD build
Russ Combs [Tue, 20 Sep 2016 22:42:14 +0000 (18:42 -0400)]
build 210
Russ Combs (rucombs) [Tue, 20 Sep 2016 20:46:36 +0000 (16:46 -0400)]
Merge pull request #628 in SNORT/snort3 from misc_perf to master
Squashed commit of the following:
commit
7b11ea83413f1af8f0f5a847a0177637deca1d45
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 16 17:32:17 2016 -0400
Refactored BitOp related. Only instantiate on demand. Move accessor out of stream_api
for better encapsulation in ips_flowbits. Eliminate useless methods.
Added stream.ip_frags_only so we can avoid processing non-ICMP-TCP-UDP-frags where not
needed. This avoids creating flows etc. Beware - appID wants flows for everything
at the moment.
Fixed double counting of ip session timeouts and prunes as well as
double counting of udp session timeouts.
Changed stale pruning to prune 1 at a time to resolve excessive latency caused
by pruning. Timeouts are pruned one at a time too, although it remains to be
seen if this is adequate for idle timeouts where connection events are concerned.
Changed default cache sizes to match 2.X.
FlowControl::max_flows() and FlowControl::prune_flows() no longer used; deleted.
Shutdown purging was being counted as prunes in stream_tcp. This is fixed but
still need to fix stream.user prunes which includes shutdown stuff.
Added a crude total and max to packet latency stats to calculate average packet time
a la 2.X. Still only totals about half of runtime so needs to be revisited. It is not
supposed to include stuff like decode so it may be ok.
Fixed stream_tcp to close a scan session immediately (was timing out). So a SYN
that gets a RST results in closed and getting cleared.
Fixed some annoying legacy naming issues. So inspector data on a flow is now
flow_data instead of application_data. Also C-style functions like
get_x_from_y() are now simply C++-style get_x().
Cleanup default conf.
Michael Altizer (mialtize) [Mon, 19 Sep 2016 18:49:46 +0000 (14:49 -0400)]
Merge pull request #626 in SNORT/snort3 from dce_udp to master
Squashed commit of the following:
commit
38110ede8614168bdd50be25d1f0457ae61cbbb4
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 19 07:37:40 2016 -0400
Fix typo
commit
f3e67082bf7b6389d624d17577a151814b81e4c3
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 19 02:35:07 2016 -0400
Dce udp skeleton
Michael Altizer (mialtize) [Mon, 19 Sep 2016 16:00:15 +0000 (12:00 -0400)]
Merge pull request #624 in SNORT/snort3 from stream-ha-dev_notes to master
Squashed commit of the following:
commit
0684abf3822d39fa63b64d2a3fc82ee5806d9653
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Sep 16 08:57:56 2016 -0400
Add HA details to the stream/* dev_notes.
Michael Altizer (mialtize) [Mon, 19 Sep 2016 15:53:57 +0000 (11:53 -0400)]
Merge pull request #625 in SNORT/snort3 from fix_binder_make to master
Squashed commit of the following:
commit
6fbad6a322f0e2f0ba5e77fb1bcf2e59da2e3192
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Sep 19 11:06:56 2016 -0400
Fixed binder make files to include binder.h
Michael Altizer (mialtize) [Thu, 15 Sep 2016 15:03:54 +0000 (11:03 -0400)]
Merge pull request #623 in SNORT/snort3 from tcp_connector_UT_osx to master
Squashed commit of the following:
commit
a64e28d02f5d75c75528d61936e99a3052254f20
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Sep 15 09:42:45 2016 -0400
Fix tcp_connector_test for OSX build.
Russ Combs [Thu, 15 Sep 2016 00:06:57 +0000 (20:06 -0400)]
build 209
Russ Combs [Wed, 14 Sep 2016 21:27:40 +0000 (17:27 -0400)]
disable cpputest leak checks with hyperscan unit tests to avoid crashes or hangs in cpputest
Hui Cao (huica) [Wed, 14 Sep 2016 16:48:46 +0000 (12:48 -0400)]
Merge pull request #622 in SNORT/snort3 from tsc_update to master
Squashed commit of the following:
commit
2cbdfa72cd6f09b8189465341e64ae7e2f1088df
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 14 11:19:43 2016 -0400
add missing usec conversions
add hyperscan single match flag for optimization
Russ Combs (rucombs) [Wed, 14 Sep 2016 00:01:41 +0000 (20:01 -0400)]
Merge pull request #621 in SNORT/snort3 from det_filt to master
Squashed commit of the following:
commit
0aaf1bda7810d19035d6ada0c5b8be54ded81903
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 13 16:20:19 2016 -0400
fix inverted detection_filter logic
Michael Altizer (mialtize) [Tue, 13 Sep 2016 21:06:30 +0000 (17:06 -0400)]
Merge pull request #620 in SNORT/snort3 from tsc_clock to master
Squashed commit of the following:
commit
e2bd893a5333968fe1899d2e67b19b98e2a65668
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 13 16:00:05 2016 -0400
add cmake support for --enable-tsc-clock
commit
170d01c6bbf086b2ea08dc26c96619a18a5eaf4b
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 12 22:40:10 2016 -0400
add --enable-tsc-clock to build/use TSC register
tweak link order so time methods are found
clean up some fp_detect cruft
update latency to use ticks during runtime
fix stream profile stats parents
remove unused cpuclock.h
Michael Altizer (mialtize) [Tue, 13 Sep 2016 18:38:53 +0000 (14:38 -0400)]
Merge pull request #618 in SNORT/snort3 from dce_fast_pattern to master
Squashed commit of the following:
commit
1be83a6aa6114539d25f00941bce219b2d5bafab
Author: mdagon <mdagon@cisco.com>
Date: Tue Sep 13 12:18:04 2016 -0400
Code review
commit
30ad3f627238c4917920b1e4699331e391235edb
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 12 03:01:28 2016 -0400
Dce iface fast pattern for tcp
Shawn Turner (shaturne) [Tue, 13 Sep 2016 13:33:51 +0000 (09:33 -0400)]
Merge pull request #616 in SNORT/snort3 from crc_flush to master
Squashed commit of the following:
commit
f7e5fd34e3bee33e92ce677181408374f019f27e
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 6 21:41:54 2016 -0400
fully cut over to use stream splitter reassembly buffer and size / max
squelch bogus gap counts
Michael Altizer (mialtize) [Fri, 9 Sep 2016 14:15:03 +0000 (10:15 -0400)]
Merge pull request #617 in SNORT/snort3 from tcp_connector-UT_fix to master
Squashed commit of the following:
commit
ccaa495c1ba7f4c2c803f01450d10637a75a7168
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Sep 8 15:31:48 2016 -0400
Fix UT to NOT attempt to stub-out the ReceiveRing.
Russ Combs [Fri, 9 Sep 2016 11:53:42 +0000 (07:53 -0400)]
build 208
Michael Altizer (mialtize) [Thu, 8 Sep 2016 19:33:14 +0000 (15:33 -0400)]
Merge pull request #615 in SNORT/snort3 from ha-tcp-stream to master
Squashed commit of the following:
commit
8ed6a1c5d87cafdf9fd3319a8ae41b65378207d5
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Sep 7 13:10:29 2016 -0400
Needed additional calls to *HAManager::process_deletion()
commit
8d921b570018695ce9db9b308c8d730d18133afe
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Sep 2 12:58:05 2016 -0400
Updates got TCP flow HA.
Michael Altizer (mialtize) [Thu, 8 Sep 2016 17:46:12 +0000 (13:46 -0400)]
Merge pull request #614 in SNORT/snort3 from crc_lzma to master
Squashed commit of the following:
commit
733e5c3c4f5fd7c5eab4b079db98fb36f1d0216a
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 6 18:37:28 2016 -0400
refactor file_decomp.h so that pdf and swf headers aren't required
ensure consistent fd_session_t regardless of lzma support for snort and extras
reorganize fd_session_t to reduce void space
don't install internal swf and pdf headers
Shawn Turner (shaturne) [Wed, 7 Sep 2016 17:13:21 +0000 (13:13 -0400)]
Merge pull request #613 in SNORT/snort3 from appid_client_smtp5 to master
Squashed commit of the following:
commit
244930cb9245e978861f61ee0387c726fc1974e5
Author: Steve Chew <stechew@cisco.com>
Date: Tue Sep 6 11:50:55 2016 -0400
Added smtp client counters and unit tests.
Michael Altizer (mialtize) [Wed, 7 Sep 2016 17:02:57 +0000 (13:02 -0400)]
Merge pull request #609 in SNORT/snort3 from smbv2 to master
Squashed commit of the following:
commit
a35102052f7c311bf47ac68f74fad952c3f79121
Author: mdagon <mdagon@cisco.com>
Date: Tue Aug 30 14:37:28 2016 -0400
Smbv2
Michael Altizer (mialtize) [Fri, 2 Sep 2016 21:01:23 +0000 (17:01 -0400)]
Merge pull request #612 in SNORT/snort3 from ftp_print_remove to master
Squashed commit of the following:
commit
07e889b0cc3417a2d6a4033cd2617e28a6136c91
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Sep 2 11:27:59 2016 -0400
Commented out code related to ftp_config::show()
Michael Altizer (mialtize) [Fri, 2 Sep 2016 18:20:34 +0000 (14:20 -0400)]
Merge pull request #611 in SNORT/snort3 from ~MIALTIZE/snort3:warnings to master
Squashed commit of the following:
commit
155ad1dfe538abfa6b51a644926c018d40740d33
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 2 10:50:45 2016 -0400
Clean up compiler warnings.
Shawn Turner (shaturne) [Fri, 2 Sep 2016 18:03:28 +0000 (14:03 -0400)]
Merge pull request #608 in SNORT/snort3 from mpls_encode to master
Squashed commit of the following:
commit
42ccbfaa13ee35556dfde13671aebb74b99ac014
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Aug 30 01:13:12 2016 -0400
porting mpls encode changes from 2.x
Russ Combs [Fri, 2 Sep 2016 15:11:32 +0000 (11:11 -0400)]
build 207
Russ Combs (rucombs) [Thu, 1 Sep 2016 17:37:40 +0000 (13:37 -0400)]
Merge pull request #607 in SNORT/snort3 from ha-binder to master
Squashed commit of the following:
commit
34a3a1b3cdadf388af53e94c6e12bcc95660d257
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 24 19:57:54 2016 -0400
Changes to binder.cc for HA
Add Binder::eval(Flow*) to initialize Flow's created via received HA messages.
Fix a failing UT and eliminate build warnings.
Add the missing cmake binder UT support..
Removed the Binder::eval(Flow*) and replaced by overloading the Binder::exec() method.
Create binder.h to house a new enum for the Binder::exec() options.
Refactor the exec() method into three functions,
Russ Combs (rucombs) [Wed, 31 Aug 2016 19:19:36 +0000 (15:19 -0400)]
Merge pull request #606 in SNORT/snort3 from appid_session_refactor to master
Squashed commit of the following:
commit
6569f68ab27d55e78022d9064a573e89037cdde2
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Aug 30 18:18:12 2016 -0400
remove extra func ptrs in ServiceApi instance
commit
b9e6eff6d24b74bf75388a1f0dcc5ead5e696024
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Aug 30 17:55:34 2016 -0400
fix compile warnings for unused function parameters, dump config options in debug mode
commit
7ca20ec40cada6e9a980e4b6130c7931006eb7c6
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Aug 9 09:56:51 2016 -0400
minor source formatting nits
fixes for memory management bugs in lua detectors
don't fatal error is lua package server init function is missing
fix stack buffer overflow due to invalid conversion of ip address string
fixes for memory leaks in appid lua detector management
more memory leak fixes
disable assert for now on lua detectors with no init
use sfip_t for ip addr variables
remove assert that checks for memory allocation that can never fail
disable assert for now on lua detectors with no init
remove assert that checks for memory allocation that can never fail
review/fix/catergorize FIXITs
add allocated DetectorFlow object to the allocatedFlowList when created in Detector_getFlow
add count for total lua detectors, remove bogus log statement
add () around logic expression in if statement
refactoring app id into reasonable classes...
first step toward creating proper appid session object
remove deprecated refs to streamAPI
cleaning up FIXITs, make some const params const
rename util directory to appid_utils
delete references to deprecated #def's
allocate tmp session object with new
updates from code review comments
fix compile errors in unit test due to AppIdSession rename
match up snort_calloc with snort_free for memory allocated for port exclusion lists
code review updates, unused code commented out, function names changed to fit coding style, future sessions create no longer requires session
fix compile warnings for unused function parameters, dump config options in debug mode
Tom Peters (thopeter) [Fri, 26 Aug 2016 18:54:50 +0000 (14:54 -0400)]
Merge pull request #604 in SNORT/snort3 from nhttp53 to master
Squashed commit of the following:
commit
acd74c3b9944b52d1cb1264b32a1f3de2a8d6b83
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Aug 22 17:39:50 2016 -0400
NHI becomes OHI part 2
Tom Peters (thopeter) [Fri, 26 Aug 2016 15:29:20 +0000 (11:29 -0400)]
Merge pull request #605 in SNORT/snort3 from file to master
Squashed commit of the following:
commit
221b3697a6b686189041442fc22e002e5482870f
Author: huica <huica@cisco.com>
Date: Fri Aug 26 10:52:57 2016 -0400
Update dev notes
Tom Peters (thopeter) [Thu, 25 Aug 2016 16:52:05 +0000 (12:52 -0400)]
Merge pull request #603 in SNORT/snort3 from appid_rsync1 to master
Squashed commit of the following:
commit
d9f8bd1751d2deb3e9682a648b0b22c7bfb6c583
Merge:
011b8de 1c9b2e3
Author: Steve Chew <stechew@cisco.com>
Date: Wed Aug 24 12:34:30 2016 -0400
Merge branch 'appid_rsync1' of ssh://bitbucket-eng-rtp1.cisco.com:7999/snort/snort3 into appid_rsync1
commit
011b8de0c61fea1413025d9b8a74c0c9ad823fb3
Author: Steve Chew <stechew@cisco.com>
Date: Wed Aug 24 12:22:31 2016 -0400
Fixed Cmake test build.
commit
e25092d29345716ea5ce491232ee79251ea1727e
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 23 09:50:02 2016 -0400
include service_rsync.cc file in tests so we can access private data.
commit
2703075fd0440ceb71c01be91d2ea3a28ba0f0fe
Author: Steve Chew <stechew@cisco.com>
Date: Fri Aug 19 16:36:50 2016 -0400
Added rsync flow counter and rsync_validate unit tests.
commit
1c9b2e3b28f68a488e264b26ea10f5fe23e5073b
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 23 09:50:02 2016 -0400
include service_rsync.cc file in tests so we can access private data.
commit
0257acc0f2432d05684f28c4f3efc9b721a84eb2
Author: Steve Chew <stechew@cisco.com>
Date: Fri Aug 19 16:36:50 2016 -0400
Added rsync flow counter and rsync_validate unit tests.
Tom Peters (thopeter) [Tue, 23 Aug 2016 21:18:44 +0000 (17:18 -0400)]
Merge pull request #601 in SNORT/snort3 from appid_lua_modules to master
Squashed commit of the following:
commit
60777e8a0b9fd95648ef1c13d6691515dd19c271
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Tue Aug 9 09:56:51 2016 -0400
minor source formatting nits
fixes for memory management bugs in lua detectors
don't fatal error is lua package server init function is missing
fix stack buffer overflow due to invalid conversion of ip address string
fixes for memory leaks in appid lua detector management
more memory leak fixes
disable assert for now on lua detectors with no init
use sfip_t for ip addr variables
remove assert that checks for memory allocation that can never fail
disable assert for now on lua detectors with no init
remove assert that checks for memory allocation that can never fail
review/fix/catergorize FIXITs
add allocated DetectorFlow object to the allocatedFlowList when created in Detector_getFlow
add count for total lua detectors, remove bogus log statement
add () around logic expression in if statement
fix formatting issues from code review comments
Tom Peters (thopeter) [Tue, 23 Aug 2016 17:31:17 +0000 (13:31 -0400)]
Merge pull request #578 in SNORT/snort3 from ha-sc-tcp to master
Squashed commit of the following:
commit
0652444c0ea2a17935c5d82cc2d934e73f19d742
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Aug 19 07:08:28 2016 -0400
Removed reference to POLLRDHUP.
commit
fb39de92698a0162923315b7d314504b64c672fa
Merge:
6bca045 6255c61
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Aug 19 06:49:14 2016 -0400
Merge branch 'ha-sc-tcp' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3 into ha-sc-tcp
commit
6bca045aa2aa55a184bc8f77efeb81ec61f6c402
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 16 19:38:02 2016 -0400
Update target code and UT's to disable receive thread for testing.
commit
248c51ed08280b21dcca61212747f99195633c63
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Aug 15 16:15:17 2016 -0400
UT update.
commit
56bdab304cbf99e5a56337da853f8c50406e54ed
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Aug 15 15:46:29 2016 -0400
Updates from code review.
commit
62b2ab8387c8b395bc2a72cab386070c5a6f9620
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 16:41:00 2016 -0400
Disable memory leak detection in CppUtest as it sometimes indicates a false positive under ASAN.
commit
6b7dcac104018dd4643ddde1b1c66cf32a6e573b
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 15:29:19 2016 -0400
Additional tcp_connector UT's
commit
9e0c8e9017ab8527d620faf3488215b8cca7c3d9
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 08:12:48 2016 -0400
Restore some mods that were reverted, but shouldn't have been..
commit
ad105545bda657e12b6df3af98a6317b45439730
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:34:26 2016 -0400
Revert "Additional UT's. Fix one memory leak scenario in tcp_connector.cc"
This reverts commit
e590395e2e5e12dc024d860285056ad31ad7c3c8 .
commit
56e5c6fa3463a886a312860c0374e7750ec4990a
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:34:02 2016 -0400
Revert "Fix an ASAN finding in UT."
This reverts commit
bc8b83c44f9307eba521bb4694d078f88cf9e50e .
commit
373986e3ecae80345d52780344766473e2a190ce
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:19:16 2016 -0400
Fix an ASAN finding in UT.
commit
03d7bd67e852c2dda9748651f8cf564af085289c
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 06:46:45 2016 -0400
Additional UT's. Fix one memory leak scenario in tcp_connector.cc
commit
68f3435ba9025bc210a008c424d379925df6584a
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Aug 5 16:18:29 2016 -0400
Additional UT's
commit
beb32f995e766ff640beb7f47d40c0eef0375398
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 4 14:49:19 2016 -0400
Changed from ConcurrentQueue<> to Ring<> for the TcpConnector receiver.
commit
ca343728fb6f86eeddfb140466bf51054a549cb5
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 4 07:06:31 2016 -0400
Fix error in cmake build.
commit
423f603c0418d845320dfffc9f046ac51fa3a3e6
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 3 17:10:47 2016 -0400
Remove a few remnants of legacy code.
commit
549c4568e04078259a31e73a5f2deaff532730ac
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 3 17:05:56 2016 -0400
Fix a printf format warning ieeue.
commit
c0649eab8e858a1f8a52650e6d1060671207a016
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 2 14:56:37 2016 -0400
Fix memory leak with thread object.
commit
fdf2577b7efd40c0796d3758b6e7bad1f39c36d4
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 2 12:04:04 2016 -0400
Fix a thread shutdown issue.
commit
34b29a0fb66b3802ace70bfa218ab32e7b9a9b34
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
tcp_connector.
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
Memory leak fix.
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
tcp_connector
commit
2fb93265418a749fe284d4820a7a3f6e91fcc746
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
Memory leak fix.
commit
6085ac02479156030c8d7921e8a2d00b4f642790
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
commit
6255c610cad1dc554bf36a47711f6ab47e393b6c
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 16 19:38:02 2016 -0400
Update target code and UT's to disable receive thread for testing.
commit
876493c83b38442ed91346bb2ebb46611a727844
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Aug 15 16:15:17 2016 -0400
UT update.
commit
0c7025514146f4d6ece7da1dc94c02da6a50190d
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Mon Aug 15 15:46:29 2016 -0400
Updates from code review.
commit
b4359b6dc39498241faebcd586b5783f90c9b6c3
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 16:41:00 2016 -0400
Disable memory leak detection in CppUtest as it sometimes indicates a false positive under ASAN.
commit
dd2b2b4971766d4779d28aefba1403f627f37fb7
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 15:29:19 2016 -0400
Additional tcp_connector UT's
commit
2c13c0c3ab1bc369cea2e5632f0d1dd42bf49f79
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 11 08:12:48 2016 -0400
Restore some mods that were reverted, but shouldn't have been..
commit
92b440ff76eddc35352e87f341275671c81ddccf
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:34:26 2016 -0400
Revert "Additional UT's. Fix one memory leak scenario in tcp_connector.cc"
This reverts commit
e590395e2e5e12dc024d860285056ad31ad7c3c8 .
commit
919da30a29b855159be36967e7aa88ec2c24d997
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:34:02 2016 -0400
Revert "Fix an ASAN finding in UT."
This reverts commit
bc8b83c44f9307eba521bb4694d078f88cf9e50e .
commit
bc8b83c44f9307eba521bb4694d078f88cf9e50e
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 07:19:16 2016 -0400
Fix an ASAN finding in UT.
commit
e590395e2e5e12dc024d860285056ad31ad7c3c8
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 10 06:46:45 2016 -0400
Additional UT's. Fix one memory leak scenario in tcp_connector.cc
commit
1c8e424562402734dc7fa6a28ccdaece6f1c587a
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Fri Aug 5 16:18:29 2016 -0400
Additional UT's
commit
8bd056e9a0890b63a3c4cfc0922259970235c186
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 4 14:49:19 2016 -0400
Changed from ConcurrentQueue<> to Ring<> for the TcpConnector receiver.
commit
14788fdb755badf13bc2f7334ce2643b7e1b19ae
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Aug 4 07:06:31 2016 -0400
Fix error in cmake build.
commit
e811e6f268a6a9c6538ed9cc29ca3f960c6c11d2
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 3 17:10:47 2016 -0400
Remove a few remnants of legacy code.
commit
46e335cacad11e6a96c8e3ec93eb356735b565d3
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Wed Aug 3 17:05:56 2016 -0400
Fix a printf format warning ieeue.
commit
0a7c43c4cfe06ae042c8399208bea915fb274096
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 2 14:56:37 2016 -0400
Fix memory leak with thread object.
commit
71899da94897aff8c25ed49567d0542842178ee7
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 2 12:04:04 2016 -0400
Fix a thread shutdown issue.
commit
56cc2f720c4e77fbb42d9be00c9ccaa7bd118b0a
Merge:
571bc99 4d80af3
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Aug 2 08:58:47 2016 -0400
Merge branch 'ha-sc-tcp' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3 into ha-sc-tcp
commit
571bc99914d0fa3002990a2f58820f6c3f05950f
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
tcp_connector.
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
Memory leak fix.
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
tcp_connector
commit
4d80af36f33a30360a5e0ea506feb5e30e61ea8b
Merge:
f61f12c 0f6c19d
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Thu Jul 7 07:35:38 2016 -0400
Merge branch 'ha-sc-tcp' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3 into ha-sc-tcp
commit
f61f12c51c806dc9097ccf4b1afb831a51e6792c
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
Memory leak fix.
commit
0f6c19d80d40de163c4a5c8460c140db836df386
Author: Ed Borgoyn <eborgoyn@cisco.com>
Date: Tue Jul 5 10:00:42 2016 -0400
Updates for TCP HA. Fixes for functional tests. Refactoring for work on tcp_connector.
Tom Peters (thopeter) [Tue, 23 Aug 2016 14:45:21 +0000 (10:45 -0400)]
Merge pull request #602 in SNORT/snort3 from ips_fragbits_edit to master
Squashed commit of the following:
commit
9571d405e2dc4b54d2cd97e1106a2cf13f33d591
Author: alewis <albert.l.lewis@gmail.com>
Date: Mon Aug 22 21:19:52 2016 -0400
removed has_*_mode() functions as the logic was changed from if/else ladder to use a switch statement
Tom Peters (thopeter) [Mon, 22 Aug 2016 21:28:26 +0000 (17:28 -0400)]
Merge pull request #600 in SNORT/snort3 from nhttp52 to master
Squashed commit of the following:
commit
af9dc1d130087276d06e6a0083ba1e23ec3a75c7
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Aug 19 12:57:57 2016 -0400
Conversion from NHI to HI
Tom Peters (thopeter) [Mon, 22 Aug 2016 20:58:27 +0000 (16:58 -0400)]
Merge pull request #599 in SNORT/snort3 from ips_fragbits to master
Squashed commit of the following:
commit
60190f6f0526808c8179610ce66e8e81e29cd796
Author: alewis <albert.l.lewis@gmail.com>
Date: Sat Aug 20 16:38:21 2016 -0400
removed empty line
commit
debb157e5077fb43acd1e7b17b5c4aa7c0bee825
Author: alewis <albert.l.lewis@gmail.com>
Date: Sat Aug 20 16:30:43 2016 -0400
updated file added enums and replace if/else ladder
commit
9dd73493258e9687bcd10ce09bd492cc3483e966
Author: alewis <albert.l.lewis@gmail.com>
Date: Sat Aug 20 12:33:37 2016 -0400
changed const values to enum
commit
e1f477039b0d934e629654f2dc7b8bd99511e91e
Author: alewis <albert.l.lewis@gmail.com>
Date: Fri Aug 19 11:19:22 2016 -0400
updated ips_fragbits
Tom Peters (thopeter) [Fri, 19 Aug 2016 18:46:57 +0000 (14:46 -0400)]
Merge pull request #598 in SNORT/snort3 from nhttp51 to master
Squashed commit of the following:
commit
bf01ba0dba8b94d874cd2cb8036efde9a51646f0
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Aug 11 15:25:53 2016 -0400
NHI alerts for Transfer-Encoding and Content-Encoding abuse.
Tom Peters (thopeter) [Wed, 17 Aug 2016 21:51:49 +0000 (17:51 -0400)]
Merge pull request #596 in SNORT/snort3 from ciscometadata to master
Squashed commit of the following:
commit
4133a11225fb77f59c0dba3ffb854dfeea012160
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Aug 16 03:09:55 2016 -0400
Porting the ciscometadata codec
Porting the ciscometadata codec
Porting the ciscometadata codec
Porting the ciscometadata codec
updating per review comments
Russ Combs (rucombs) [Wed, 17 Aug 2016 18:38:41 +0000 (14:38 -0400)]
Merge pull request #597 in SNORT/snort3 from double_vlan to master
Squashed commit of the following:
commit
9801a96ba004a74c0424d7eece759f9a4c217d62
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Aug 17 13:29:44 2016 -0400
Porting the Double and triple vlan tagging changes
Russ Combs (rucombs) [Tue, 16 Aug 2016 18:18:40 +0000 (14:18 -0400)]
Merge pull request #595 in SNORT/snort3 from regex_fp_fix to master
Squashed commit of the following:
commit
4084e9329da46be546e2d8b2b0fa924d3626663f
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 15 21:36:32 2016 -0400
fix regex as fast pattern with hyperscan mpse
Russ Combs (rucombs) [Mon, 15 Aug 2016 17:47:23 +0000 (13:47 -0400)]
Merge pull request #593 in SNORT/snort3 from ips_rpc_warnings to master
Squashed commit of the following:
commit
7e46c2d9a52823a017f494a6faacc65cf968bc85
Author: alewis <albert.l.lewis@gmail.com>
Date: Mon Aug 15 13:41:33 2016 -0400
changed increment to packet_data +=4
commit
1a6c5588f578fca01ea8952688eca3f7b7d5fb3f
Author: alewis <albert.l.lewis@gmail.com>
Date: Mon Aug 15 12:54:55 2016 -0400
cleaned up blank spaces
commit
a518988789186fb6af679bfd727f9e1951b67fa9
Author: alewis <albert.l.lewis@gmail.com>
Date: Mon Aug 15 12:20:13 2016 -0400
changes to fix variable warnings
Russ Combs (rucombs) [Mon, 15 Aug 2016 16:02:27 +0000 (12:02 -0400)]
Merge pull request #591 in SNORT/snort3 from crc_vg to master
Squashed commit of the following:
commit
a8b860993764c3a950497673c2c9d6912a0deaa1
Author: snorty <snorty@ful1030-pod.cisco.com>
Date: Sat Aug 13 22:24:04 2016 -0400
fix nhi and tcp valgrind errors
Russ Combs (rucombs) [Mon, 15 Aug 2016 15:13:40 +0000 (11:13 -0400)]
Merge pull request #592 in SNORT/snort3 from app_str to master
Squashed commit of the following:
commit
5a81c23e62b9ded08e5a36f4083b2b93136ffb1e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 15 09:51:29 2016 -0400
convert to snort_strndup for proper tracking
Russ Combs (rucombs) [Mon, 15 Aug 2016 13:37:59 +0000 (09:37 -0400)]
Merge pull request #589 in SNORT/snort3 from rpc_idx_remove to master
Squashed commit of the following:
commit
b0095fe60bce432b89b25b1229c698e8b37b9fce
Author: allewi <allewi@cisco.com>
Date: Sun Aug 14 20:32:58 2016 -0400
updated ips_rpc.cc file
commit
da1c1aac584187eb9dd263652a77ff007035ad0d
Author: allewi <allewi@cisco.com>
Date: Sun Aug 14 20:30:37 2016 -0400
updated ips_rpc.cc file
commit
4e7eaad1af0923551c94c5eb893beb91c7781f17
Author: allewi <allewi@cisco.com>
Date: Sun Aug 14 20:25:43 2016 -0400
updated ips_rpc.cc file
Russ Combs (rucombs) [Sun, 14 Aug 2016 14:10:29 +0000 (10:10 -0400)]
Merge pull request #588 in SNORT/snort3 from smb_file_processing to master
Squashed commit of the following:
commit
cae9cd6edd4e28eedfe6bd9d1820917a377b2ae5
Author: mdagon <mdagon@cisco.com>
Date: Fri Aug 12 16:50:45 2016 -0400
Code review: delete extra space
commit
2050aa70614c6494d0492f302096217d53163384
Author: mdagon <mdagon@cisco.com>
Date: Fri Aug 12 13:47:50 2016 -0400
Smb file processing
Russ Combs (rucombs) [Fri, 12 Aug 2016 21:46:31 +0000 (17:46 -0400)]
Merge pull request #590 in SNORT/snort3 from zero_field_fix to master
Squashed commit of the following:
commit
12bded36668b680fc9ba582eb56d99316c28c22e
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Aug 12 16:25:12 2016 -0400
fix for grind error use of uninitialized pointer
Russ Combs (rucombs) [Fri, 12 Aug 2016 20:12:11 +0000 (16:12 -0400)]
Merge pull request #575 in SNORT/snort3 from utf_decoding to master
Squashed commit of the following:
commit
f6b070405bd84b69aa52df672b7d3b69c484adff
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Aug 11 12:05:58 2016 -0400
resolving conflicts
resolving conflicts
resolving conflicts
Updating utf decoding per review comments
resolving conflicts
resolving conflicts
resolving conflicts
Updating utf decoding per review comments
resolving conflicts
resolving conflicts
reverting changes to a norm function in nhi
Russ Combs (rucombs) [Fri, 12 Aug 2016 16:42:15 +0000 (12:42 -0400)]
Merge pull request #587 in SNORT/snort3 from sdf-fast-pattern to master
Squashed commit of the following:
commit
088923ac93ac7890a2e3ff28f6e908d0bfc27093
Author: Victor Roemer <viroemer@cisco.com>
Date: Fri Aug 12 12:21:58 2016 -0400
Remove FIXIT
commit
bad192fd5d6ead40dc3c111cc2cf2f4a08dfa9d9
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 4 15:50:20 2016 -0400
sd_pattern as a fast-pattern.
Russ Combs (rucombs) [Thu, 11 Aug 2016 19:44:13 +0000 (15:44 -0400)]
Merge pull request #554 in SNORT/snort3 from file_capture_mul to master
Squashed commit of the following:
commit
efc9408cd944f1f9c570f4335950fdd52bdaaf21
Author: huica <huica@cisco.com>
Date: Thu Aug 11 11:52:59 2016 -0400
remove additional header file
commit
c00c3ff16c1fbd3ad9d1025655998e552646f047
Author: huica <huica@cisco.com>
Date: Thu Aug 11 10:20:26 2016 -0400
uncrusify
commit
109afa308a619beb3c9273db8a59ce59c1971fba
Merge:
33dd61d 6481ee3
Author: huica <huica@cisco.com>
Date: Thu Aug 11 08:58:48 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
33dd61d83dc2249cd223d2ccd2c08ce0139ffe6f
Author: huica <huica@cisco.com>
Date: Wed Aug 10 17:28:22 2016 -0400
mempool class
commit
acbf8857f6f4d88afe9e7eed5e9ebdba751a5bae
Author: huica <huica@cisco.com>
Date: Wed Aug 10 16:21:35 2016 -0400
update devnotes
commit
a5c98d6b7b894cc62ec01035ba858a735ef666c4
Merge:
5503866 a6b74b3
Author: huica <huica@cisco.com>
Date: Wed Aug 10 15:17:29 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
5503866788ad2ee6ddc7bd0b8a46f5c9aa00f0b9
Author: huica <huica@cisco.com>
Date: Wed Aug 10 15:17:08 2016 -0400
address comments
commit
b375a13a0614f949f559cbb223ce788aae115022
Merge:
151ed4f 867b9c6
Author: huica <huica@cisco.com>
Date: Wed Aug 10 10:29:34 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
151ed4f94c19867770f238c2c4176e8fbe5f3e52
Merge:
7630daa f67d217
Author: huica <huica@cisco.com>
Date: Tue Aug 9 10:21:15 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
7630daa6615e2a7c2b563b29939c26d31d373860
Merge:
534326b 9b4b81e
Author: huica <huica@cisco.com>
Date: Tue Aug 2 14:20:19 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
534326b51f8b6803edd3fcf38d4b69e5c6be82eb
Author: huica <huica@cisco.com>
Date: Tue Aug 2 14:20:11 2016 -0400
supports multi-thread safety for file mempool
commit
9a9097a00e340c734c089cb624e70d2e4eff0614
Author: huica <huica@cisco.com>
Date: Tue Aug 2 13:36:02 2016 -0400
refactor the file capture interfaces
commit
c98a98cf0756d015afeb64b1f2ad7acdd8cdc2eb
Merge:
e15ba25 41fcd73
Author: huica <huica@cisco.com>
Date: Fri Jul 29 09:56:12 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
e15ba25ba46fb1a0d8df32a0801e3bf3e76f2899
Merge:
9ff6683 6f0c2cf
Author: huica <huica@cisco.com>
Date: Wed Jul 27 12:53:02 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
9ff668388fc3d55fea41ac2c4d3c7bdfd22d7602
Merge:
0e65cdb bc4ea3f
Author: huica <huica@cisco.com>
Date: Fri Jul 22 15:42:15 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
0e65cdb292300afe65b4411274083c257eb199e9
Author: huica <huica@cisco.com>
Date: Mon Jul 11 14:16:23 2016 -0400
remove debug
commit
771307d62b66ab16c9682ed38e912abf0d33ce97
Author: huica <huica@cisco.com>
Date: Mon Jul 11 14:05:03 2016 -0400
Store and release file in another thread
commit
41692c3fb38972de52fcbabe148103b4fe54bbde
Merge:
4c4103d 65b2801
Author: huica <huica@cisco.com>
Date: Mon Jul 11 11:52:58 2016 -0400
Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3.git into file_capture_mul
commit
4c4103dadff3543e29dcebda403e6e868b9d570e
Author: huica <huica@cisco.com>
Date: Fri Jul 8 09:52:56 2016 -0400
store file to disk in different thread
snorty [Thu, 11 Aug 2016 14:30:06 +0000 (10:30 -0400)]
work around autoreconf foolishness
Russ Combs (rucombs) [Thu, 11 Aug 2016 06:37:02 +0000 (02:37 -0400)]
fix extra auto build from dist
Russ Combs [Wed, 10 Aug 2016 22:16:33 +0000 (18:16 -0400)]
build 206
Russ Combs (rucombs) [Wed, 10 Aug 2016 21:04:17 +0000 (17:04 -0400)]
Merge pull request #586 in SNORT/snort3 from ohi3 to master
Squashed commit of the following:
commit
ba4b79cd32a18ee9fbf15680efc55fb52fe77d48
Author: snorty <snorty@localhost.localdomain>
Date: Wed Aug 10 13:16:00 2016 -0400
snort2lua updates: http_inspect -> http_server and new_http_inspect -> http_inspect
Russ Combs (rucombs) [Wed, 10 Aug 2016 18:24:29 +0000 (14:24 -0400)]
Merge pull request #584 in SNORT/snort3 from smtp_auth_overflow to master
Squashed commit of the following:
commit
d0562da0307b36867e78604d8f0065c6b4a5ebb0
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Aug 9 13:51:38 2016 -0400
SMTP AUTH overflow alert added
reverting the STARTTLS smtp paf change
reverting the STARTTLS smtp paf change
adding snort2lua change for smtp max_auth_command_line_len option
remove the starttls command processing in SMTP splitter
Russ Combs (rucombs) [Wed, 10 Aug 2016 15:04:59 +0000 (11:04 -0400)]
Merge pull request #585 in SNORT/snort3 from asn1 to master
Squashed commit of the following:
commit
dbdda4825dc3478cb5066504ce599f4dfe9eada9
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 9 13:33:44 2016 -0400
fix asn1:print help
snorty [Wed, 10 Aug 2016 00:01:32 +0000 (20:01 -0400)]
ohi updates for cmake
snorty [Sun, 7 Aug 2016 13:15:56 +0000 (09:15 -0400)]
build NHI options statically by default
snorty [Sat, 6 Aug 2016 14:23:40 +0000 (10:23 -0400)]
move ohi to extra/
snorty [Fri, 5 Aug 2016 21:11:19 +0000 (17:11 -0400)]
add dynamic build support to ohi
snorty [Thu, 4 Aug 2016 19:13:30 +0000 (15:13 -0400)]
fix event queue buffer log size
snorty [Wed, 3 Aug 2016 21:16:21 +0000 (17:16 -0400)]
change ohi to http_server with gids 319-320
Russ Combs (rucombs) [Tue, 9 Aug 2016 20:40:45 +0000 (16:40 -0400)]
Merge pull request #583 in SNORT/snort3 from snort2lua_appid_rule_option to master
Squashed commit of the following:
commit
f2bf7513552b2afbed195612419aa288a10d6979
Author: davis mcpherson <davis.mcpherson@gmail.com>
Date: Fri Aug 5 17:49:54 2016 -0400
implement support for convert appid rule option
free memory allocated for appid names loaded from rules with 'appids' rule option
add ability to modifiy rule option name when converting to snort3 format
Russ Combs (rucombs) [Tue, 9 Aug 2016 12:38:09 +0000 (08:38 -0400)]
Merge pull request #582 in SNORT/snort3 from distcheck to master
Squashed commit of the following:
commit
c07d6e17554017afad54459cd66ee331da278528
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 8 14:31:06 2016 -0400
fix make distcheck
Russ Combs (rucombs) [Fri, 5 Aug 2016 20:22:10 +0000 (16:22 -0400)]
Merge pull request #580 in SNORT/snort3 from appid_ws2_rule_keyword2 to master
Squashed commit of the following:
commit
fad89647036423353ff11e50750149e39e6f8d5b
Author: Steve Chew <stechew@cisco.com>
Date: Wed Aug 3 14:06:23 2016 -0400
Implement Module and IpsOption subclasses for appid rule option.
Add appid support to flow for caching application ids, implement eval function of appid rule option
implement operator== for appid ips option
fix hash & operator== methods to use appid option data correctly, add assert and change parameters to ref on stream api application id methods
fix sort compare to only return true when lhs<rhs, refactor appids option eval function to streamline matching algorithm, make name->id mapping a helper function
move get/set_application_ids methods from Stream to Flow
use AppId type on get/set application ids parameters
Russ Combs [Fri, 5 Aug 2016 12:40:25 +0000 (08:40 -0400)]
build 205
Russ Combs (rucombs) [Thu, 4 Aug 2016 20:13:32 +0000 (16:13 -0400)]
Merge pull request #581 in SNORT/snort3 from ips_options_HAVE_HYPERSCAN to master
Squashed commit of the following:
commit
b7c2b223ae2dce7883dd8d10b1d247d3bf72f227
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Aug 4 15:49:02 2016 -0400
Missing symbol without hyperscan
Russ Combs (rucombs) [Thu, 4 Aug 2016 17:48:47 +0000 (13:48 -0400)]
Merge pull request #577 in SNORT/snort3 from hyper-sensitive to master
Squashed commit of the following:
commit
45bc7d00bcde706a4df09ec5ba416892a79f7b09
Author: Victor Roemer <viroemer@cisco.com>
Date: Fri Jul 29 00:06:55 2016 -0400
Convert sd_pattern to Hyperscan engine.
Russ Combs (rucombs) [Wed, 3 Aug 2016 20:39:08 +0000 (16:39 -0400)]
Merge pull request #579 in SNORT/snort3 from session_define_swap to master
Squashed commit of the following:
commit
9e14c40db95cd02e8c9754e598be9efb7b7c011f
Author: alewis <albert.l.lewis@gmail.com>
Date: Wed Aug 3 16:33:02 2016 -0400
swapped session defines SESSION_BINARY and SESSION_ALL
commit
b386f018ae5182cdcc6d6b9b26a5b1551ee4dc86
Author: alewis <albert.l.lewis@gmail.com>
Date: Wed Aug 3 16:29:45 2016 -0400
swapped session defines SESSION_BINARY and SESSION_ALL
commit
4c43efaa2532e77be1a21be7e410f912d20226f3
Author: alewis <albert.l.lewis@gmail.com>
Date: Wed Aug 3 16:24:42 2016 -0400
swapped session defines SESSION_BINARY and SESSION_ALL
Russ Combs (rucombs) [Tue, 2 Aug 2016 17:42:47 +0000 (13:42 -0400)]
Merge pull request #573 in SNORT/snort3 from smb_segmentation to master
Squashed commit of the following:
commit
3b5cd0bd44a3a79c0c55dca9a3aee990deb1f3f6
Author: mdagon <mdagon@cisco.com>
Date: Mon Aug 1 13:48:37 2016 -0400
Smb segmentation port
Code review: delete space before **, replace comment with assert
Russ Combs (rucombs) [Tue, 2 Aug 2016 17:31:50 +0000 (13:31 -0400)]
Merge pull request #576 in SNORT/snort3 from ips_options_window to master
Squashed commit of the following:
commit
dabe4fb2cd7e4409a0cdefbd6f872169ef88f126
Author: alewis <albert.l.lewis@gmail.com>
Date: Tue Aug 2 13:11:17 2016 -0400
fixed endian problem with ips option window test
Russ Combs (rucombs) [Tue, 2 Aug 2016 14:11:05 +0000 (10:11 -0400)]
Merge pull request #572 in SNORT/snort3 from ips_options-tcp_seq to master
Squashed commit of the following:
commit
8bef0a2a1dcbbc63491496142b249cbc736a8150
Author: allewi <allewi@cisco.com>
Date: Sat Jul 30 12:32:10 2016 -0400
fixed ips_options tcp sequence number comparison (endian)
commit
212c6aa1336aec06272ee8978c5f45400bb612fa
Author: allewi <allewi@cisco.com>
Date: Sat Jul 30 11:57:28 2016 -0400
fixed ips_options tcp sequence number comparison (endian)
Russ Combs (rucombs) [Tue, 2 Aug 2016 14:05:32 +0000 (10:05 -0400)]
Merge pull request #574 in SNORT/snort3 from documentation_error to master
Squashed commit of the following:
commit
85376a42339fd01d6fcc5ec99a68474006adea7f
Author: allewi <allewi@cisco.com>
Date: Mon Aug 1 12:42:54 2016 -0400
updated documentation for ips_option files
Russ Combs [Fri, 29 Jul 2016 13:14:46 +0000 (09:14 -0400)]
build 204
Russ Combs (rucombs) [Thu, 28 Jul 2016 21:00:46 +0000 (17:00 -0400)]
Merge pull request #571 in SNORT/snort3 from ips_options_update to master
Squashed commit of the following:
commit
84eae81aa133c86913677f6a3e79bd3778912dee
Author: alewis <albert.l.lewis@gmail.com>
Date: Thu Jul 28 16:27:47 2016 -0400
updated ips_options endian problem with icmp_id and icmp_seq rule keywords
commit
e735c60e6161c58b62765b9f7141198fefefa0a4
Author: alewis <albert.l.lewis@gmail.com>
Date: Thu Jul 28 15:49:28 2016 -0400
fixed an ntohs (endian) issue with icmp_seq and icmp_id field matching
commit
46eca1d12a0142e68877c8e4c94b024f6b8795ae
Author: alewis <albert.l.lewis@gmail.com>
Date: Thu Jul 28 12:35:09 2016 -0400
endian fix for ips_options icmp_id field
Russ Combs (rucombs) [Thu, 28 Jul 2016 16:37:13 +0000 (12:37 -0400)]
Merge pull request #569 in SNORT/snort3 from linez to master
Squashed commit of the following:
commit
b15f074d2d03ba332b386eb7571a9bf2afdb4dfe
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 28 12:08:37 2016 -0400
refactor, comments
commit
e877c882772db117208bd60286db5b4a4feb6eb9
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Jul 22 14:33:03 2016 -0400
fix line number in rule parsing errors
no line numbers for lua messages
Russ Combs (rucombs) [Wed, 27 Jul 2016 15:14:10 +0000 (11:14 -0400)]
Merge pull request #568 in SNORT/snort3 from nhttp50 to master
Squashed commit of the following:
commit
d3a67eb2a549d929917a8f4b42ac9c5b4b00c0c8
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 26 16:11:06 2016 -0400
Unbounded POST alert
Russ Combs (rucombs) [Mon, 25 Jul 2016 21:43:37 +0000 (17:43 -0400)]
Merge pull request #567 in SNORT/snort3 from nhttp49 to master
Squashed commit of the following:
commit
854e1772985651c65737046469e4cea33fbcfb54
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jul 25 16:35:16 2016 -0400
cmake check fix
projects / thirdparty / snort3.git / log
