]>
git.ipfire.org Git - thirdparty/snort3.git/log
Masud Hasan (mashasan) [Tue, 23 Mar 2021 16:17:01 +0000 (16:17 +0000)]
Merge pull request #2792 in SNORT/snort3 from ~SMINUT/snort3:smbfp to master
Squashed commit of the following:
commit
727fcef5b3952eb13f895e3ea8fbb0075c4366d8
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Mar 11 15:43:57 2021 -0500
appid: smb fingerprinting support
rna: smb fingerprint support
Mike Stepanek (mstepane) [Tue, 23 Mar 2021 13:26:15 +0000 (13:26 +0000)]
Merge pull request #2801 in SNORT/snort3 from ~OSHUMEIK/snort3:dup_rtn_with_vars to master
Squashed commit of the following:
commit
2aaa48fd2e09639b937e61533b14d55544cb1355
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Mar 18 12:13:34 2021 +0200
parser: support duped RTN if its header has been changed
Mike Stepanek (mstepane) [Tue, 23 Mar 2021 13:05:23 +0000 (13:05 +0000)]
Merge pull request #2778 in SNORT/snort3 from ~OSERHIIE/snort3:javascript_normalization to master
Squashed commit of the following:
commit
5371730d74442a199d46ed862639172f18437193
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Feb 1 16:01:38 2021 +0200
http_inspect: add JavaScript whitespace normalization
http_inspect: integrate JSNormalizer (whitespace normalizzation) keeping the old one
http_inspect: add normalization_depth config option
utils: add JSNormalizer
cmake: add flex build dependency
doc: update http_inspect feature doc
Michael Altizer (mialtize) [Tue, 23 Mar 2021 01:38:42 +0000 (01:38 +0000)]
Merge pull request #2806 in SNORT/snort3 from ~MIALTIZE/snort3:goodbye_retry to master
Squashed commit of the following:
commit
3f880f91cec15ab7c551962f117a02124ae075d4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 22 10:32:55 2021 -0400
packet_io: Update for the removal of the RETRY DAQ verdict
Shravan Rangarajuvenkata (shrarang) [Mon, 22 Mar 2021 18:35:40 +0000 (18:35 +0000)]
Merge pull request #2752 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_add_netbios_domain_to_logs to master
Squashed commit of the following:
commit
482176a1c83f2a63941308ec6dbef5f7f2109712
Author: cljudge <cljudge@cisco.com>
Date: Wed Feb 17 04:55:19 2021 -0500
appid: Make netbios domain available through appid api.
Tom Peters (thopeter) [Thu, 18 Mar 2021 15:17:42 +0000 (15:17 +0000)]
Merge pull request #2797 in SNORT/snort3 from ~MDAGON/snort3:detection to master
Squashed commit of the following:
commit
bbfa5a891df785f60d423c84c1c55b125b4c07f0
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon Mar 15 16:04:54 2021 -0400
detection: update detection.alert, to be used instead of reputation.total_alerts
Bhagya Tholpady (bbantwal) [Thu, 18 Mar 2021 15:05:50 +0000 (15:05 +0000)]
Merge pull request #2788 in SNORT/snort3 from ~DKYRYLOV/snort3:dump_rule_meta_crash to master
Squashed commit of the following:
commit
01f2233993c744d01935e1fbe9a727555867ad8f
Author: dkyry <dkyrylov@cisco.com>
Date: Wed Mar 10 14:07:21 2021 +0200
detection: Update dump_rule_meta function to only print rules from default ips policy
Masud Hasan (mashasan) [Wed, 17 Mar 2021 20:53:12 +0000 (20:53 +0000)]
Merge pull request #2795 in SNORT/snort3 from ~MMATIRKO/snort3:hostclient_nullptr to master
Squashed commit of the following:
commit
d5789022476a59edec4cfd73eea23d53664cdda2
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Mar 11 15:15:57 2021 -0500
host_tracker: fully populate local hostclient before logging
Bhargava Jandhyala (bjandhya) [Wed, 17 Mar 2021 14:39:07 +0000 (14:39 +0000)]
Merge pull request #2798 in SNORT/snort3 from ~DIPANDIT/snort3:classify to master
Squashed commit of the following:
commit
5927f7dae46a8a82919942171f594320044baf8a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Wed Mar 17 09:06:47 2021 -0400
dce_rpc: fix warning of empty body
Russ Combs (rucombs) [Tue, 16 Mar 2021 15:57:26 +0000 (15:57 +0000)]
Merge pull request #2790 in SNORT/snort3 from ~RUCOMBS/snort3:stylez to master
Squashed commit of the following:
commit
498f2ec03eda4d563554358acb56da12fa323a33
Author: russ <rucombs@cisco.com>
Date: Thu Mar 11 11:13:08 2021 -0500
style: Change C++ comment NULL to null
To make inappropriate use of NULL vs nullptr easier to spot.
Also, keep MPLS "NULL label" comments since that is normative.
commit
3cf4fc89961d26585a091ca2f04526f3098c9302
Author: russ <rucombs@cisco.com>
Date: Thu Mar 11 10:51:59 2021 -0500
style: Remove unnecessary cruft
commit
e8ec4040b2deabe46d7322191fc4087e92525d8e
Author: russ <rucombs@cisco.com>
Date: Thu Mar 11 10:38:41 2021 -0500
style: Remove unused cruft
Lokesh Bevinamarad (lbevinam) [Tue, 16 Mar 2021 07:55:49 +0000 (07:55 +0000)]
Merge pull request #2737 in SNORT/snort3 from ~DIPANDIT/snort3:classify to master
Squashed commit of the following:
commit
85f29b509d5b53795caffbd55a44991929bac49c
Author: Dipto Pandit <dipandit@cisco.com>
Date: Thu Oct 8 06:55:59 2020 -0400
dce_rpc: refactoring smb code
Changed old C style code to C++ code. Created classes for appropriate
structures and encapsulated the methods. maintained data boundary as
much as possible. Changed file structure to reduce clutter.
Russ Combs (rucombs) [Mon, 15 Mar 2021 19:09:14 +0000 (19:09 +0000)]
Merge pull request #2785 in SNORT/snort3 from ~RUCOMBS/snort3:dash_h to master
Squashed commit of the following:
commit
b929e28aecf5a4b9eb7ab8ccf5266971a53cc7ec
Author: russ <rucombs@cisco.com>
Date: Tue Mar 9 11:23:06 2021 -0500
snort: Add -h to output the help overview (same as --help)
Michael Altizer (mialtize) [Sat, 13 Mar 2021 15:40:16 +0000 (15:40 +0000)]
Merge pull request #2794 in SNORT/snort3 from ~SMULKA/snort3:dtrace_style to master
Squashed commit of the following:
commit
ecc98c4f141de36b9f334933c14247f0b95b2ea2
Author: smulka <smulka@cisco.com>
Date: Thu Mar 11 23:14:21 2021 -0500
packet_tracer: Remove unused pt_timer_start()
Michael Altizer (mialtize) [Fri, 12 Mar 2021 15:37:13 +0000 (15:37 +0000)]
Merge pull request #2771 in SNORT/snort3 from ~KBHANDAN/snort3:pt_shell_nonip to master
Squashed commit of the following:
commit
0e87af6c8591908e68e8e3b60f98ff593566ef96
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Tue Mar 2 11:35:49 2021 -0500
packet_tracer: Do not log non-IP packets when enabled from shell and when a constraint is set
Masud Hasan (mashasan) [Fri, 12 Mar 2021 15:14:19 +0000 (15:14 +0000)]
Merge pull request #2783 in SNORT/snort3 from ~ARMANDAV/snort3:passive to master
Squashed commit of the following:
commit
003c442bf581f1d77a2d17263b57728b132830f2
Author: Arun Mandava <armandav@cisco.com>
Date: Tue Mar 9 09:31:41 2021 -0500
rna: Make discovery filter to use client and server interfaces if they are not DAQ_PKTHDR_UNKNOWN
Pranav Bhalerao (prbhaler) [Fri, 12 Mar 2021 11:48:11 +0000 (11:48 +0000)]
Merge pull request #2782 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_lua to master
Squashed commit of the following:
commit
40ef99ede336f6b2970d1fc42846369a3b986232
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Mon Mar 8 03:48:53 2021 -0500
snort2lua: Fixing lua conversion of http preproc options
Michael Altizer (mialtize) [Thu, 11 Mar 2021 21:10:46 +0000 (21:10 +0000)]
Merge pull request #2791 in SNORT/snort3 from ~MIALTIZE/snort3:3_1_2_0 to master
Squashed commit of the following:
commit
61f2ce2932087540afd85ba847dd164bdb68dd25
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 11 14:53:33 2021 -0500
build: Generate and tag 3.1.2.0
Michael Altizer (mialtize) [Thu, 11 Mar 2021 04:53:24 +0000 (04:53 +0000)]
Merge pull request #2789 in SNORT/snort3 from ~MIALTIZE/snort3:tidy to master
Squashed commit of the following:
commit
a5026537718b6da997ff33e4125e90a250b74486
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Mar 10 16:10:52 2021 -0500
build: Do one more pass of modernizing the C++ code
Mostly generated automatically from clang-tidy using:
- modernize-deprecated-headers
- modernize-redundant-void-arg
- modernize-use-bool-literals
- modernize-use-equals-default
- modernize-use-nullptr
- modernize-use-override
Michael Altizer (mialtize) [Wed, 10 Mar 2021 17:22:20 +0000 (17:22 +0000)]
Merge pull request #2786 in SNORT/snort3 from ~MIALTIZE/snort3:flowstats_style to master
Squashed commit of the following:
commit
29bb7fe503dc2b2a8a87a164717a124368db13df
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 9 21:46:30 2021 -0500
snort: Update for DAQ_FlowStats_t structure and field name changes
Michael Altizer (mialtize) [Tue, 9 Mar 2021 21:49:57 +0000 (21:49 +0000)]
Merge pull request #2784 in SNORT/snort3 from ~MIALTIZE/snort3:frag_off to master
Squashed commit of the following:
commit
764273f3debc314962f1f935e5127cdd679fb5ed
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 9 13:27:53 2021 -0500
ipv4: Correct the calculation for illegal fragment offset checks
Shravan Rangarajuvenkata (shrarang) [Tue, 9 Mar 2021 17:43:27 +0000 (17:43 +0000)]
Merge pull request #2780 in SNORT/snort3 from ~SATHIRKA/snort3:smtps_imaps_fix to master
Squashed commit of the following:
commit
338c24caf91f531338b043703ad2928819768006
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Mar 4 17:07:27 2021 -0500
appid: Use opportunistic tls event to set decryption countdown for SMTP detector; Update IMAP service detector pattern
Shanmugam S (shanms) [Tue, 9 Mar 2021 16:22:13 +0000 (16:22 +0000)]
Merge pull request #2766 in SNORT/snort3 from ~SUNIMUKH/snort3:clear_global_counter to master
Squashed commit of the following:
commit
df425d8fc335ca5891200064f2c03b9b6f7d6892
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Feb 23 17:28:05 2021 -0500
module: Introduced new api to clear global active module counters
Lokesh Bevinamarad (lbevinam) [Tue, 9 Mar 2021 11:26:44 +0000 (11:26 +0000)]
Merge pull request #2763 in SNORT/snort3 from ~SMULKA/snort3:daq_trace to master
Squashed commit of the following:
commit
222b106f98bbade0ad7c89dbf526feea8fd1f46e
Author: smulka <smulka@cisco.com>
Date: Sat Feb 20 15:35:35 2021 -0500
packet_tracer: Added daq buffer to hold daq logs
Michael Altizer (mialtize) [Tue, 9 Mar 2021 03:56:50 +0000 (03:56 +0000)]
Merge pull request #2734 in SNORT/snort3 from ~BRASTULT/snort3:zip_data_desc to master
Squashed commit of the following:
commit
142372710cf9717980b1e2ab14f11c2f7ea5a18d
Author: Brandon Stultz <brastult@cisco.com>
Date: Wed Feb 3 00:23:10 2021 -0500
decompress: add support for streaming ZIPs
Michael Altizer (mialtize) [Tue, 9 Mar 2021 03:01:53 +0000 (03:01 +0000)]
Merge pull request #2729 in SNORT/snort3 from ~MIALTIZE/snort3:compound_codec to master
Squashed commit of the following:
commit
d38e1757de753e33fbd7eb86fdd47e7005367ba4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 8 17:32:42 2021 -0500
snort_config: Clean up and annotate command line config merge process
commit
7ddcab755604935be48973c78b17ca70a1dc3eb4
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 2 15:30:14 2021 -0500
protocols: Add peg count for decodes that exceeded the max layers
Also, make sure that the alert for doing so only triggers once per
packet being decoded.
commit
4dbd0f9718ee3160864c760632dc8e4611101899
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Feb 2 18:25:29 2021 -0500
protocols: Add initial support for multilayer compound codecs
commit
6903a09c81e02f8dce04becc393edc26c1ce3b48
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Feb 1 12:29:19 2021 -0500
protocols: Consistently encapsulate exported protocol headers in the snort namespace
commit
e4f056d9fb416c0aaab573f6fa8d81c8f58367d1
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 27 13:24:22 2021 -0500
log: Base logging the Ethernet header on proto bits rather than DLT
commit
d80dc65860f76d1f28e8c93dc832d66d65169e3e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jan 11 20:43:46 2021 -0500
main: Fix accumulating and printing codec stats at run time
Michael Altizer (mialtize) [Mon, 8 Mar 2021 21:44:27 +0000 (21:44 +0000)]
Merge pull request #2744 in SNORT/snort3 from ~MIALTIZE/snort3:mpls to master
Squashed commit of the following:
commit
ee516377468dd17dfb4b1ff370d3912c96b29274
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 25 16:38:35 2021 -0500
mpls: Add next layer autodetection and implement codec logging
The max_mpls_stack_depth and mpls_payload_type parameters of the MPLS
codec module have been renamed to max_stack_depth and payload_type
respectively to cut down on redundancy.
The EXP field in the MPLS header has been renamed to TC (traffic class)
per RFC5462. Previously available MPLS counters have been removed due
to being both inaccurate and not very valuable.
commit
c007bb268c0f94038e07646eb047f2f0659165a5
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 25 16:38:35 2021 -0500
mpls: Refactor mpls.enable_mpls_overlapping_ip into packet.mpls_agnostic
commit
c00686eb8b98ccca8ca61cbd3517733ffe64802a
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 25 16:38:35 2021 -0500
mpls: Remove enable_mpls_multicast option
The option was unused and MPLS multicast support is now always enabled.
commit
8b4edf540f2ac597e954b6edaace9e506d0d603a
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 25 16:38:35 2021 -0500
loggers: Fix excessive byte reordering when printing MPLS labels in CSV and JSON
commit
ec4488602cf3e45ed4b5f7385f7acd9099078205
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 25 16:38:35 2021 -0500
trans_bridge: Lift the log() implementation from the root Ethernet codec
Shravan Rangarajuvenkata (shrarang) [Fri, 5 Mar 2021 23:45:37 +0000 (23:45 +0000)]
Merge pull request #2777 in SNORT/snort3 from ~SHRARANG/snort3:appid_sub_policy to master
Squashed commit of the following:
commit
48ee239ce9197dcf6746dea9e77145e968a14322
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Mar 4 15:37:49 2021 -0500
appid: get uri from http event even when http host is not present
commit
d1f81e06c96812def7e556f563bb011490ce2be4
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Mar 3 17:29:35 2021 -0500
appid: always get appid inspector from default inspection policy
Mike Stepanek (mstepane) [Fri, 5 Mar 2021 20:33:40 +0000 (20:33 +0000)]
Merge pull request #2776 in SNORT/snort3 from ~MDAGON/snort3:rep_peg to master
Squashed commit of the following:
commit
0ac10d96c7da3c9bb9055c3915380f7c5b934726
Author: mdagon <mdagon@cisco.com>
Date: Wed Mar 3 10:03:58 2021 -0500
reputation: add peg count for total alerts
Shanmugam S (shanms) [Fri, 5 Mar 2021 15:52:03 +0000 (15:52 +0000)]
Merge pull request #2757 in SNORT/snort3 from ~SUNIMUKH/snort3:elephant_flow to master
Squashed commit of the following:
commit
b28012491788b2a71dacda895d85fee6a9be3422
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Feb 22 00:42:49 2021 -0500
flow: Add new flag to indicate elephant flow
Bhagya Tholpady (bbantwal) [Fri, 5 Mar 2021 14:06:03 +0000 (14:06 +0000)]
Merge pull request #2770 in SNORT/snort3 from ~SVLASIUK/snort3:doc_ips_states to master
Squashed commit of the following:
commit
1c155320fdadbb0513af094e96f98d034bf91c25
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Mar 2 14:35:09 2021 +0200
doc: update documentation for ips.states
Masud Hasan (mashasan) [Fri, 5 Mar 2021 13:39:42 +0000 (13:39 +0000)]
Merge pull request #2774 in SNORT/snort3 from ~MMATIRKO/snort3:funky_flush to master
Squashed commit of the following:
commit
12979dc9a9035a732d7be73a2a1b0d42000c97b8
Author: russ <rucombs@cisco.com>
Date: Mon Mar 1 10:21:38 2021 -0500
stream_tcp: Ensure flows aren't pruned while processing a PDU
Externally triggered flushes require a new context if a packet is not
already in play. All external flushes require a new packet.
Bhagya Tholpady (bbantwal) [Thu, 4 Mar 2021 23:18:44 +0000 (23:18 +0000)]
Merge pull request #2759 in SNORT/snort3 from ~OSHUMEIK/snort3:cvars to master
Squashed commit of the following:
commit
5a87d044fb559592ece9f0d340f79d1f330b3095
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Feb 16 17:09:05 2021 +0200
detection: use IP and port variables from the targeted policy
Port lists are updated for every duped RTN if its ports have been changed.
Steve Chew (stechew) [Thu, 4 Mar 2021 18:55:08 +0000 (18:55 +0000)]
Merge pull request #2772 in SNORT/snort3 from ~DERAMADA/snort3:ftp_held_pkt_detection to master
Squashed commit of the following:
commit
26c02c56d90d25bcbd9b8e62e1dcf0e12ca991df
Author: Deepak Ramadass <deramada@cisco.com>
Date: Thu Feb 25 11:04:05 2021 -0500
stream: set block pending flag when a flow is dropped
commit
dd01cd19943517c5dcada77d82c3079dd20a2c64
Author: Deepak Ramadass <deramada@cisco.com>
Date: Thu Feb 25 11:03:02 2021 -0500
ftp_telnet: implement init_partial_flush for ftp data
Michael Altizer (mialtize) [Wed, 3 Mar 2021 23:37:15 +0000 (23:37 +0000)]
Merge pull request #2754 in SNORT/snort3 from ~SPADALKA/snort3:perf_tracker_crash to master
Squashed commit of the following:
commit
f5cbcb1e165ad8c3ba18f921c0dd5dc2a656e9d7
Author: Satyajit Padalkar <spadalkar@gmail.com>
Date: Wed Mar 3 16:52:35 2021 -0500
perf_monitor: Fix finalizing JSON output files for trackers
Michael Altizer (mialtize) [Wed, 3 Mar 2021 22:20:58 +0000 (22:20 +0000)]
Merge pull request #2773 in SNORT/snort3 from ~MIALTIZE/snort3:textlog_format to master
Squashed commit of the following:
commit
cc15aa3048a4006dcede48ae2c74292f1185ef44
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 2 13:03:42 2021 -0500
log: Add printf format attribute to TextLog_Print() and clean up the fallout
Shanmugam S (shanms) [Wed, 3 Mar 2021 05:05:45 +0000 (05:05 +0000)]
Merge pull request #2403 in SNORT/snort3 from ~KBHANDAN/snort3:cleanup_cmd_line to master
Squashed commit of the following:
commit
1e5322ae5ba0f32c3af2ccf35d52c637a556ffe2
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Fri Aug 14 16:12:59 2020 -0400
snort_config: remove unnecessary command line options
Shanmugam S (shanms) [Tue, 2 Mar 2021 05:52:03 +0000 (05:52 +0000)]
Merge pull request #2746 in SNORT/snort3 from ~APOORAJ/snort3:portscan_fixit_delimiter to master
Squashed commit of the following:
commit
c4088ca495e7bb1cfb4e244243d43e3878a9de25
Author: Apoorv Raj <apooraj@cisco.com>
Date: Sat Feb 6 17:22:13 2021 -0500
portscan: Fix delimiter for ports in config
Shanmugam S (shanms) [Tue, 2 Mar 2021 05:49:36 +0000 (05:49 +0000)]
Merge pull request #2769 in SNORT/snort3 from ~PUNEETKU/snort3:pkt_cp_chry_pk to master
Squashed commit of the following:
commit
491324ec7ff4267206c353402e932a0fc91a0323
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Fri Feb 19 00:32:34 2021 -0500
packet_capture: add group filter for packet capture
Shravan Rangarajuvenkata (shrarang) [Fri, 26 Feb 2021 20:02:45 +0000 (20:02 +0000)]
Merge pull request #2768 in SNORT/snort3 from ~SHRARANG/snort3:appid_cppcheck to master
Squashed commit of the following:
commit
540aa99530d3d7e9ff6282691891553fcb9153da
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 26 12:41:42 2021 -0500
appid: fixes for cppcheck warnings
Steve Chew (stechew) [Fri, 26 Feb 2021 18:06:47 +0000 (18:06 +0000)]
Merge pull request #2747 in SNORT/snort3 from ~SBAIGAL/snort3:perf_ha to master
Squashed commit of the following:
commit
8a93f67c57c000a089e52459f3f6ddd425387a28
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 18 16:31:11 2021 -0500
stream: do not update service from appid to host attributes if nothing is changed
commit
58111934f03848ddb29be00ba9268ca93d801262
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 18 13:40:20 2021 -0500
host_attributes: updated api to reduce use of shared_pointer
commit
678f77983e959ac97e659ceb000dd3bcb4d05baa
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 18 12:43:56 2021 -0500
binder: use service inspector caching to improve get_gadget() performance
Masud Hasan (mashasan) [Fri, 26 Feb 2021 01:31:39 +0000 (01:31 +0000)]
Merge pull request #2760 in SNORT/snort3 from ~MASHASAN/snort3:flush_on_fin_recv to master
Squashed commit of the following:
commit
2eab74e332742c3afbffbdcf2f366a90a7bcd0db
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Feb 18 22:05:52 2021 -0500
stream_tcp: Flush queued segments when FIN is received
Bhagya Tholpady (bbantwal) [Thu, 25 Feb 2021 15:44:08 +0000 (15:44 +0000)]
Merge pull request #2767 in SNORT/snort3 from ~BBANTWAL/snort3:alias_fix to master
Squashed commit of the following:
commit
aec73724ee2ba89181730c41662031e90ef4232d
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Feb 24 16:55:10 2021 -0500
managers: Perform sanity checks on set_alias() parameters
Mike Stepanek (mstepane) [Thu, 25 Feb 2021 15:03:21 +0000 (15:03 +0000)]
Merge pull request #2764 in SNORT/snort3 from ~JRITTLE/snort3:iec104_trace_fix to master
Squashed commit of the following:
commit
888682bccf55b3b6f93c6d2a023fc295e34b99d6
Author: jrittle <jrittle@cisco.com>
Date: Wed Feb 24 09:40:49 2021 -0500
iec104: additional input sanitization, syntax, and style changes
Mike Stepanek (mstepane) [Wed, 24 Feb 2021 21:47:12 +0000 (21:47 +0000)]
Merge pull request #2765 in SNORT/snort3 from ~JRITTLE/snort3:doc_iec104_service_inspector to master
Squashed commit of the following:
commit
f6e25e62a7ab803c360f168349da23a6f6609db0
Author: jrittle <jrittle@cisco.com>
Date: Mon Feb 22 14:36:01 2021 -0500
iec104: adding documentation for iec104 service inspector
Mike Stepanek (mstepane) [Wed, 24 Feb 2021 02:25:20 +0000 (02:25 +0000)]
Merge pull request #2743 in SNORT/snort3 from ~JRITTLE/snort3:iec104_service_inspector to master
Squashed commit of the following:
commit
4f3019db2c8f24111cbf99e154feb30f1876ef70
Author: jrittle <jrittle@cisco.com>
Date: Tue Feb 23 14:20:42 2021 -0500
iec104: integrating new iec104 protocol service inspector
Shravan Rangarajuvenkata (shrarang) [Wed, 24 Feb 2021 00:56:52 +0000 (00:56 +0000)]
Merge pull request #2762 in SNORT/snort3 from ~SATHIRKA/snort3:optimize_loading_lua_detectors to master
Squashed commit of the following:
commit
38a9cd5cffc0e971391be078f2499f04085e37ae
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Dec 14 16:11:23 2020 -0500
appid: Load lua detectors for packet threads from compiled lua bytecode during detector reload
Bhagya Tholpady (bbantwal) [Tue, 23 Feb 2021 22:57:46 +0000 (22:57 +0000)]
Merge pull request #2741 in SNORT/snort3 from ~BBANTWAL/snort3:binder_aliases to master
Squashed commit of the following:
commit
9ca8c58d0bf04b18e4441bed7e9b61c42c984688
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Feb 10 14:19:28 2021 -0500
managers: enforce strict parsing for binder aliases
1. don't load aliased table when alias type is not known
2. don't load aliased table when alias type is not bindable
3. error and don't load aliased table when alias name is not empty
and alias type is a singleton (global usage)
4. error and don't load aliased table when alias name is a known module
Bhagya Tholpady (bbantwal) [Tue, 23 Feb 2021 19:59:35 +0000 (19:59 +0000)]
Merge pull request #2750 in SNORT/snort3 from ~SVLASIUK/snort3:pcre_relative to master
Squashed commit of the following:
commit
c23a528787f8a0f9d7052e6e0dba7c84b17473ae
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Feb 11 18:29:10 2021 +0200
ips_options: update cursor position for relative pcre
Steve Chew (stechew) [Tue, 23 Feb 2021 15:49:02 +0000 (15:49 +0000)]
Merge pull request #2738 in SNORT/snort3 from ~DERAMADA/snort3:reputation_cleanup to master
Squashed commit of the following:
commit
82c01b1afb0e625f836a7ae09ae0df5098024aff
Author: Deepak Ramadass <deramada@cisco.com>
Date: Wed Feb 10 11:21:08 2021 -0500
reputation: remove redundant terms
Mike Stepanek (mstepane) [Tue, 23 Feb 2021 13:01:41 +0000 (13:01 +0000)]
Merge pull request #2756 in SNORT/snort3 from ~MDAGON/snort3:rst_frame to master
Squashed commit of the following:
commit
54dc3d9568f8cc05da2b84a6457f131bc589912f
Author: mdagon <mdagon@cisco.com>
Date: Fri Jan 22 15:18:07 2021 -0500
http2_inspect: process rst_stream frame
Bhargava Jandhyala (bjandhya) [Mon, 22 Feb 2021 05:16:59 +0000 (05:16 +0000)]
Merge pull request #2751 in SNORT/snort3 from ~DIPANDIT/snort3:smb1_file_api to master
Squashed commit of the following:
commit
2c8805d21d2106d95ea496a320bcf4898bb4e4fe
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon Feb 15 04:20:50 2021 -0500
dce_rpc: pass proper file id in file api from smb1
Masud Hasan (mashasan) [Fri, 19 Feb 2021 21:48:27 +0000 (21:48 +0000)]
Merge pull request #2753 in SNORT/snort3 from ~ARMANDAV/snort3:oomkill to master
Squashed commit of the following:
commit
41f16cfa0a59259aabc849b50ac39b16868fed88
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Feb 11 20:50:55 2021 -0500
memory: free memory space while updating allocation
Mike Stepanek (mstepane) [Fri, 19 Feb 2021 19:55:19 +0000 (19:55 +0000)]
Merge pull request #2740 in SNORT/snort3 from ~MDAGON/snort3:chunk_partial to master
Squashed commit of the following:
commit
4549c4b769a5cb8f0cc2535385a1525dcc0da6e1
Author: mdagon <mdagon@cisco.com>
Date: Thu Jan 28 09:12:47 2021 -0500
http_inspect: partial inspection for 0 length chunk
Mike Stepanek (mstepane) [Thu, 18 Feb 2021 20:39:50 +0000 (20:39 +0000)]
Merge pull request #2755 in SNORT/snort3 from ~THOPETER/snort3:di_reversion to master
Squashed commit of the following:
commit
182ae204f53679e1a86031649361399cf757637f
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Feb 18 13:44:19 2021 -0500
http_inspect: temporarily restore detained_inspection parameter
Shravan Rangarajuvenkata (shrarang) [Thu, 18 Feb 2021 19:51:10 +0000 (19:51 +0000)]
Merge pull request #2749 in SNORT/snort3 from ~SHRARANG/snort3:appid_remove_forecast to master
Squashed commit of the following:
commit
8b16b5b54d078478ddffa3b4899b68eda7a4641d
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 12 17:17:55 2021 -0500
appid: remove app forecast method
Mike Stepanek (mstepane) [Wed, 17 Feb 2021 12:33:30 +0000 (12:33 +0000)]
Merge pull request #2745 in SNORT/snort3 from ~MDAGON/snort3:doc_remove_detained to master
Squashed commit of the following:
commit
18a1323b4462d37298071fa023a070b3d2786a7b
Author: mdagon <mdagon@cisco.com>
Date: Fri Feb 12 17:02:33 2021 -0500
doc: remove http detained inspection from user manual
Mike Stepanek (mstepane) [Wed, 17 Feb 2021 12:29:35 +0000 (12:29 +0000)]
Merge pull request #2748 in SNORT/snort3 from ~THOPETER/snort3:nhttp155 to master
Squashed commit of the following:
commit
f6efaf5d3ed10d81275a38931dcaeba00b4564ab
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Feb 15 17:11:57 2021 -0500
http_inspect: remove detained inspection
Mike Stepanek (mstepane) [Fri, 12 Feb 2021 14:08:35 +0000 (14:08 +0000)]
Merge pull request #2742 in SNORT/snort3 from ~THOPETER/snort3:nhttp154 to master
Squashed commit of the following:
commit
9c6dd8194ed2f3549d7731affc566dc7127a4801
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Feb 11 13:35:28 2021 -0500
http_inspect: IPv6 authority in URI
commit
ab9cb850c58828dc3ecebe67c3345019dd5433d6
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Feb 8 11:46:48 2021 -0500
http_inspect: Javascript support cleanup
Michael Altizer (mialtize) [Thu, 11 Feb 2021 19:11:52 +0000 (19:11 +0000)]
Merge pull request #2739 in SNORT/snort3 from ~MIALTIZE/snort3:binder_stuff2 to master
Squashed commit of the following:
commit
b38c4c0fbf677313717ccc289a77cbacb4f047ab
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Feb 9 12:13:25 2021 -0500
ftp_telnet: Respect telnet_cmds config for raising 125:1
commit
9ab2924a28b50726a8d185eaae10990d7b224cb6
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Feb 4 12:35:21 2021 -0500
binder: Apply host attribute table information at the beginning of flow setup
commit
d794f0481b9e1d886fe65ae0cec87e6af33ecd76
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 4 15:26:00 2020 -0500
binder: Use the first match for non-terminal binding usage
commit
76d7cea0d784afcab575a173c57c8a65ac0a6153
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 4 15:13:31 2020 -0500
binder: Clean up std namespace usage
commit
464fd2c44019b3a48c8c44c6b9c7bed82b3dc0b2
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 4 14:51:22 2020 -0500
inspector_manager: Instantiate default binder as long as a wizard or stream are present
commit
7f0be69877ff16e0fc74716c0c73e9850eca1a46
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Dec 3 15:05:37 2020 -0500
module_manager: Enforce interest in global modules only in the default policy
commit
0cacbbc73299aecd52ba1f08700fb996c089a8a0
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Dec 16 13:49:06 2020 -0500
action_manager: Remove unused cached reject action
Bhagya Tholpady (bbantwal) [Thu, 11 Feb 2021 17:30:00 +0000 (17:30 +0000)]
Merge pull request #2733 in SNORT/snort3 from ~OSHUMEIK/snort3:sslv2_curse to master
Squashed commit of the following:
commit
af61d25062a0f28247cd017cd9a2f4269f0655bc
Author: ryanhoff <ryanhoff@cisco.com>
Date: Tue Jan 21 16:55:33 2020 -0500
wizard: add support for sslv2 detection
The curse ignores specs/challenge/session_id length values.
It's up to the inspector to decide about it.
Bhagya Tholpady (bbantwal) [Thu, 11 Feb 2021 17:24:39 +0000 (17:24 +0000)]
Merge pull request #2736 in SNORT/snort3 from ~OSHUMEIK/snort3:default_module_end to master
Squashed commit of the following:
commit
597c069734ebcddf8763bbde18bf4d48adf430ae
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Feb 5 16:00:28 2021 +0200
managers: pass the configuration to default module's end()
Thanks to W. Michael Petullo for reporting the issue.
Shravan Rangarajuvenkata (shrarang) [Tue, 9 Feb 2021 14:11:48 +0000 (14:11 +0000)]
Merge pull request #2735 in SNORT/snort3 from ~SHRARANG/snort3:appid_remove_obsolete_detectors to master
Squashed commit of the following:
commit
37dc196d8111a349c7acb34d2333a70dc1d6fde1
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 5 09:45:23 2021 -0500
appid: remove detectors for obsolete apps - AOL instant messenger and Yahoo messenger
Naveen Gujje (ngujje) [Tue, 9 Feb 2021 08:02:35 +0000 (08:02 +0000)]
Merge pull request #2668 in SNORT/snort3 from ~SUNIMUKH/snort3:clear_counter to master
Squashed commit of the following:
commit
edc690f9464477764c96dbc175411d6e2b0e543f
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Dec 8 03:14:39 2020 -0500
snort: clear snort counter for modules, daq, file_id, appid
Masud Hasan (mashasan) [Mon, 8 Feb 2021 14:36:43 +0000 (14:36 +0000)]
Merge pull request #2727 in SNORT/snort3 from ~SMINUT/snort3:rna_netbios to master
Squashed commit of the following:
commit
b3850b1ddb6329274d502de7c4c7312cf8f0207b
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jan 29 12:30:22 2021 -0500
rna: discover NetBIOS name
Discover NetBIOS in appid, publish an event and log it in rna.
Naveen Gujje (ngujje) [Fri, 5 Feb 2021 06:05:22 +0000 (06:05 +0000)]
Merge pull request #2662 in SNORT/snort3 from ~APOORAJ/snort3:port_scan_fixes to master
Squashed commit of the following:
commit
27a5e5b0592fe2a2d8102385755223f51edc6f3b
Author: Apoorv Raj <apooraj@cisco.com>
Date: Tue Dec 22 05:05:08 2020 -0500
portscan: fix decoy and distributed scan logic
commit
508c3052a2f17456ca68389722438cd48c78bf5d
Author: Apoorv Raj <apooraj@cisco.com>
Date: Mon Dec 7 02:14:42 2020 -0500
portscan: Fix IP scans not alerting
Mike Stepanek (mstepane) [Thu, 4 Feb 2021 19:24:28 +0000 (19:24 +0000)]
Merge pull request #2732 in SNORT/snort3 from ~THOPETER/snort3:nhttp153 to master
Squashed commit of the following:
commit
3f388128feedc0ece93e4312f48feafb69a1cb4d
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 29 17:11:40 2021 -0500
http_inspect: remove unused events
Masud Hasan (mashasan) [Wed, 3 Feb 2021 15:35:03 +0000 (15:35 +0000)]
Merge pull request #2731 in SNORT/snort3 from ~ARMANDAV/snort3:napbug to master
Squashed commit of the following:
commit
4152a7d9d0d407bcd976cf00c344e3e653d69343
Author: Arun Mandava <armandav@cisco.com>
Date: Mon Feb 1 13:26:24 2021 -0500
stream: always use latest splitter from tracker after paf_check
Bhargava Jandhyala (bjandhya) [Wed, 3 Feb 2021 05:12:00 +0000 (05:12 +0000)]
Merge pull request #2730 in SNORT/snort3 from ~DIPANDIT/snort3:handle_async to master
Squashed commit of the following:
commit
904c98bc58f715b3369622c07fe727e2492d904f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri Jan 29 05:52:41 2021 -0500
dce_rpc: handle async responses in smbv2
Masud Hasan (mashasan) [Tue, 2 Feb 2021 18:28:20 +0000 (18:28 +0000)]
Merge pull request #2718 in SNORT/snort3 from ~MASHASAN/snort3:tcp_dso to master
Squashed commit of the following:
commit
4cc835adb34938ecb1e9c1b9c9e5bf914ed09558
Author: Masud Hasan <mashasan@cisco.com>
Date: Sun Jan 17 20:34:34 2021 -0500
stream_tcp: Supporting data on SYN by default with or without Fast Open option
Shravan Rangarajuvenkata (shrarang) [Mon, 1 Feb 2021 22:36:59 +0000 (22:36 +0000)]
Merge pull request #2728 in SNORT/snort3 from ~SHRARANG/snort3:file_magic_pcap to master
Squashed commit of the following:
commit
b042f7abee48221fa96006d8151d35aab2973e67
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Feb 1 14:33:49 2021 -0500
file_magic: add pattern for pcapng
Shravan Rangarajuvenkata (shrarang) [Mon, 1 Feb 2021 17:05:13 +0000 (17:05 +0000)]
Merge pull request #2724 in SNORT/snort3 from ~AGIURGIU/snort3:pcapng_pattern to master
Squashed commit of the following:
commit
79691dc526824df6b74f77c777572f6810058c74
Author: Alexandru Giurgiu <agiurgiu@cisco.com>
Date: Thu Jan 28 13:10:29 2021 +0200
file_magic: New pattern for pcapng
Mike Stepanek (mstepane) [Fri, 29 Jan 2021 16:27:13 +0000 (16:27 +0000)]
Merge pull request #2721 in SNORT/snort3 from ~KATHARVE/snort3:h2i_stream_limit to master
Squashed commit of the following:
commit
8dc19216a06d0e2b18fc4f02aabc4b2955e2e65e
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jan 22 14:46:34 2021 -0500
http2_inspect: limit number of concurrent streams
Shravan Rangarajuvenkata (shrarang) [Thu, 28 Jan 2021 20:26:15 +0000 (20:26 +0000)]
Merge pull request #2722 in SNORT/snort3 from ~SATHIRKA/snort3:reload_detectors_response to master
Squashed commit of the following:
commit
6af6fafdf8634b8176bf7dcd040d0014e769aca5
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jan 26 13:09:14 2021 -0500
appid: Send reloading detectors message to socket immediately
Michael Altizer (mialtize) [Thu, 28 Jan 2021 16:08:58 +0000 (16:08 +0000)]
Merge pull request #2725 in SNORT/snort3 from ~MIALTIZE/snort3:3_1_1_0 to master
Squashed commit of the following:
commit
094794410a5872f3da801bc83644d481489dcfb1
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jan 28 10:46:22 2021 -0500
build: Generate and tag 3.1.1.0
Mike Stepanek (mstepane) [Thu, 28 Jan 2021 12:43:48 +0000 (12:43 +0000)]
Merge pull request #2723 in SNORT/snort3 from ~MDAGON/snort3:napth to master
Squashed commit of the following:
commit
3043fc34dfe875a1362407c007dfc5c07d80ae4e
Author: mdagon <mdagon@cisco.com>
Date: Tue Jan 26 15:59:22 2021 -0500
codecs: update tcp naptha check to make sure it is ipv4 traffic
Cynthia Leonard (cyleonar) [Wed, 27 Jan 2021 11:30:16 +0000 (11:30 +0000)]
Merge pull request #2695 in SNORT/snort3 from ~SHIKV/snort3:snmp to master
Squashed commit of the following:
commit
35e3bfc98489be91544c74e671fc2eb31c7c4dc4
Author: shikv <shikv@cisco.com>
Date: Sun Jan 10 16:57:40 2021 -0500
appid: add support for snmpv3 report pdu
Bhargava Jandhyala (bjandhya) [Wed, 27 Jan 2021 07:51:28 +0000 (07:51 +0000)]
Merge pull request #2719 in SNORT/snort3 from ~DIPANDIT/snort3:handle_stop_verdict to master
Squashed commit of the following:
commit
7d259f788d761da3eacb91122e54d52c3e0ac4e3
Author: Dipto Pandit <dipandit@cisco.com>
Date: Mon Jan 25 04:29:18 2021 -0500
file_api: stop processing signature when type verdict is 'FILE_VERDICT_STOP'
Masud Hasan (mashasan) [Tue, 26 Jan 2021 21:40:51 +0000 (21:40 +0000)]
Merge pull request #2693 in SNORT/snort3 from ~SMINUT/snort3:host_cache_rna to master
Squashed commit of the following:
commit
ec7f9504910ba29d2899c7669f833195b29fd6dd
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jan 8 10:55:59 2021 -0500
rna: Minimize synchronization overhead
Avoid some locks during network discovery in order to increase speed,
by caching the host trackers locally in the RNAFlow, in a way in which
the cached host trackers do not spill memory into the host cache during
pruning.
Shravan Rangarajuvenkata (shrarang) [Tue, 26 Jan 2021 18:08:13 +0000 (18:08 +0000)]
Merge pull request #2700 in SNORT/snort3 from ~SHRARANG/snort3:appid_lua_cleanup to master
Squashed commit of the following:
commit
b99a830b4eaefa3394534da367df1f1fcd6aed10
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jan 11 10:52:37 2021 -0500
appid: remove unused code; cleanup FIXIT comments related to reload
Shravan Rangarajuvenkata (shrarang) [Mon, 25 Jan 2021 18:32:36 +0000 (18:32 +0000)]
Merge pull request #2713 in SNORT/snort3 from ~SATHIRKA/snort3:reload_response to master
Squashed commit of the following:
commit
ab0f7d9e35572f611a339eb4ff7ddeeeb8b3c547
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jan 8 11:19:29 2021 -0500
appid: Send reload detectors and third-party messages to socket immediately if appid is not enabled
Mike Stepanek (mstepane) [Mon, 25 Jan 2021 14:46:57 +0000 (14:46 +0000)]
Merge pull request #2717 in SNORT/snort3 from ~KATHARVE/snort3:hi_scheme_length to master
Squashed commit of the following:
commit
3ba32d1935436a4246e8242302935abb38a92c13
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jan 22 10:53:37 2021 -0500
http_inspect: validate URI scheme length
Pranav Bhalerao (prbhaler) [Sat, 23 Jan 2021 07:34:13 +0000 (07:34 +0000)]
Merge pull request #2681 in SNORT/snort3 from ~PRBHALER/snort3:fw_ha to master
Squashed commit of the following:
commit
8947b45af8169786b9b46a8f6139e3532abcde20
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Mon Jan 18 10:17:47 2021 -0500
flow: updating direction and interface info in HA flow.
Steve Chew (stechew) [Fri, 22 Jan 2021 22:33:24 +0000 (22:33 +0000)]
Merge pull request #2689 in SNORT/snort3 from ~SBAIGAL/snort3:ftps_eof to master
Squashed commit of the following:
commit
bf862aa1e46a75147da1332d0f343faed2b273d6
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Dec 15 13:09:53 2020 -0500
ftp: using hold_packet to handle ftp-data eof
Shravan Rangarajuvenkata (shrarang) [Fri, 22 Jan 2021 16:28:20 +0000 (16:28 +0000)]
Merge pull request #2703 in SNORT/snort3 from ~SHRARANG/snort3:appid_sip_reload to master
Squashed commit of the following:
commit
14adfff5e37a683b77cc1426edf78c37bdbc2897
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 15 00:03:42 2021 -0500
appid: do not process sip event for an existing session after detector reload
Bhagya Tholpady (bbantwal) [Fri, 22 Jan 2021 14:00:43 +0000 (14:00 +0000)]
Merge pull request #2711 in SNORT/snort3 from ~OSHUMEIK/snort3:fix to master
Squashed commit of the following:
commit
46d8bcdb2067c1c169de3e4666bac9c2804a62f6
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jan 20 13:44:33 2021 +0200
managers: change the message to be a warning
Ron Dempster (rdempste) [Thu, 21 Jan 2021 17:06:59 +0000 (17:06 +0000)]
Merge pull request #2712 in SNORT/snort3 from ~RDEMPSTE/snort3:inspector_ref_count to master
Squashed commit of the following:
commit
8787270d1f835699059f2b6163435b222d076088
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jan 15 14:40:08 2021 -0500
inspector: add a global reference count for uses that are not thread specific
Mike Stepanek (mstepane) [Thu, 21 Jan 2021 13:40:16 +0000 (13:40 +0000)]
Merge pull request #2709 in SNORT/snort3 from ~MDAGON/snort3:settings to master
Squashed commit of the following:
commit
40fdd7a388e51d4d2c8cdac04b79178989a6dea4
Author: mdagon <mdagon@cisco.com>
Date: Tue Jan 12 16:57:13 2021 -0500
payload_injector: inject settings frame
Mike Stepanek (mstepane) [Thu, 21 Jan 2021 12:11:51 +0000 (12:11 +0000)]
Merge pull request #2714 in SNORT/snort3 from ~THOPETER/snort3:nhttp152 to master
Squashed commit of the following:
commit
d183c08a43839b51274b9323e808b05b14470177
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jan 20 17:15:56 2021 -0500
http_inspect: add chunked processing to dev notes
Shravan Rangarajuvenkata (shrarang) [Wed, 20 Jan 2021 18:51:35 +0000 (18:51 +0000)]
Merge pull request #2710 in SNORT/snort3 from ~SATHIRKA/snort3:ha_crash_appid to master
Squashed commit of the following:
commit
94e65ca756857fbe3e2a8940c12e813e033a62b2
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jan 15 09:28:39 2021 -0500
appid: always store container session api object in stash
Masud Hasan (mashasan) [Wed, 20 Jan 2021 15:57:18 +0000 (15:57 +0000)]
Merge pull request #2704 in SNORT/snort3 from ~ANTOROZC/snort3:opoluian_cert_cache_size to master
Squashed commit of the following:
commit
be2fccccd8674196c0454f70b749534bdc150c0e
Author: Oleh Poluianskyi <opoluian@cisco.com>
Date: Thu Jan 14 19:32:19 2021 +0200
lrucache: changes for memcap for support constant cache objects with variable size.
Bhagya Tholpady (bbantwal) [Tue, 19 Jan 2021 16:24:57 +0000 (16:24 +0000)]
Merge pull request #2686 in SNORT/snort3 from ~OSHUMEIK/snort3:purge_trash to master
Squashed commit of the following:
commit
6946763e813ab16584b977647cf8c3b7fce5e434
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Dec 22 13:42:38 2020 +0200
managers: clean all inactive inspectors ignoring referenced ones
At the exit the framework guarantees all inactive inspectors will be cleaned up.
Mike Stepanek (mstepane) [Tue, 19 Jan 2021 16:01:09 +0000 (16:01 +0000)]
Merge pull request #2705 in SNORT/snort3 from ~KATHARVE/snort3:file_context to master
Squashed commit of the following:
commit
43e965a50c52225c8abf584a511f75db6923b00b
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jan 14 15:55:38 2021 -0500
mime: provide file_id to set file name and read new return value
commit
e6de4fd92c3ce02a905aa18ed095d80e847413c9
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jan 14 15:55:04 2021 -0500
http_inspect: provide file_id to set file name and read new return value
commit
1197b3c8a80b2703a739704e11aeb4032e76ef90
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jan 12 17:25:06 2021 -0500
file_api: remove file context after file name set if processing is complete
Mike Stepanek (mstepane) [Tue, 19 Jan 2021 12:36:05 +0000 (12:36 +0000)]
Merge pull request #2701 in SNORT/snort3 from ~THOPETER/snort3:nhttp151 to master
Squashed commit of the following:
commit
590e02e4b68adfb5105de46c844b31c8cf3aaac5
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jan 11 18:49:18 2021 -0500
http_inspect: validate and normalize scheme
Russ Combs (rucombs) [Thu, 14 Jan 2021 14:53:06 +0000 (14:53 +0000)]
Merge pull request #2699 in SNORT/snort3 from ~MIALTIZE/snort3:version to master
Squashed commit of the following:
commit
fde481c81ff3499cd9b5cf8f18557a4801378021
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 13 12:57:23 2021 -0500
build: Generate and tag 3.1.0
commit
d8ba67eba1dac5e7e6ef19b02d252c4f1f6985f4
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 13 12:57:23 2021 -0500
build: Add support for version sublevel and build via CMake
The sublevel version in CMakeLists.txt acts as a fourth digit for the
version. It is expected to be 0 in the master branch in all but the
rarest cases.
The VERSION_BUILD CMake variable can be defined and used by an external
build system for artifact tracking. If a build number is not manually
defined, all mention of build numbers will be stripped from Snort's
output. To set VERSION_BUILD from configure_cmake.sh, the
SNORT_BUILD_NUMBER variable is used from the command line options.
Note: A build number of 0 will be ignored and treated as though it was
not set.
commit
8dff1244a18d88b2f2f3da7241f335d7f97159ed
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 13 12:57:23 2021 -0500
stream_tcp: Remove obsolete flush_data_ready() function
Naveen Gujje (ngujje) [Wed, 13 Jan 2021 05:20:38 +0000 (05:20 +0000)]
Merge pull request #2691 in SNORT/snort3 from ~KBHANDAN/snort3:whd_ids to master
Squashed commit of the following:
commit
c3914b6900a5570dd7eb87806da9749560971605
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Thu Jan 7 17:00:08 2021 -0500
packet_io: ids mode should not give blacklist verdict for Intrusion event
Bhagya Tholpady (bbantwal) [Tue, 12 Jan 2021 17:59:34 +0000 (17:59 +0000)]
Merge pull request #2682 in SNORT/snort3 from ~OSHUMEIK/snort3:log_buffered to master
Squashed commit of the following:
commit
640bdaa5a20b77c4ba8db4d571f1a7e9a52a48b9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Dec 16 17:54:34 2020 +0200
log: reuse TextLog buffer for a large data
Thanks to Chris White for reporting the issue.
Shravan Rangarajuvenkata (shrarang) [Mon, 11 Jan 2021 21:19:32 +0000 (21:19 +0000)]
Merge pull request #2688 in SNORT/snort3 from ~SATHIRKA/snort3:navl_conn_destroy_core to master
Squashed commit of the following:
commit
8f96caf9be67da55952502cee1e0822a72ec64c9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jan 6 10:40:59 2021 -0500
appid: tear down third-party when appid gets disabled
Michael Altizer (mialtize) [Mon, 11 Jan 2021 18:40:24 +0000 (18:40 +0000)]
Merge pull request #2697 in SNORT/snort3 from ~KATHARVE/snort3:hi_fix_test to master
Squashed commit of the following:
commit
0d0f2b28cd6f25b3ad851cfd2538a5c7f487ad34
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jan 11 13:01:08 2021 -0500
http_inspect: fix type of unit test mock function
Mike Stepanek (mstepane) [Mon, 11 Jan 2021 13:38:56 +0000 (13:38 +0000)]
Merge pull request #2692 in SNORT/snort3 from ~MDAGON/snort3:nhi_alert to master
Squashed commit of the following:
commit
45db5f4a4e9eadc2ddb6565824ed3407063b4307
Author: mdagon <mdagon@cisco.com>
Date: Tue Dec 22 15:44:07 2020 -0500
http_inspect: alert on truncated chunked and content-length message bodies
Mike Stepanek (mstepane) [Fri, 8 Jan 2021 16:01:38 +0000 (16:01 +0000)]
Merge pull request #2690 in SNORT/snort3 from ~KATHARVE/snort3:h2_in_hi to master
Squashed commit of the following:
commit
955281029abbb6d30732b10660a5edde2594f78a
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jan 5 14:59:13 2021 -0500
http_inspect: abort on HTTP/2 connection preface
projects / thirdparty / snort3.git / log
