git.ipfire.org Git - thirdparty/snort3.git/log

eliminate packet manager thread local for dst mac
move packet manager thread local for encode packet to detection context
using codec max for packet buffers

commit | commitdiff | tree

Russ Combs [Sun, 23 Oct 2016 01:27:32 +0000 (21:27 -0400)]

move defrag packets to detection context

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 22:21:31 +0000 (18:21 -0400)]

move fp detect thread locals to ips context

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 15:08:07 +0000 (11:08 -0400)]

move remaining http_inspect thread local to flow data

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 14:20:40 +0000 (10:20 -0400)]

detection engine support for context data

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 11:36:21 +0000 (07:36 -0400)]

convert stream splitters to detection engine buffer

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 09:40:46 +0000 (05:40 -0400)]

add detection_engine.* sources

commit | commitdiff | tree

Russ Combs [Sat, 22 Oct 2016 01:26:26 +0000 (21:26 -0400)]

refactor event queue into DetectionEngine

commit | commitdiff | tree

Russ Combs [Fri, 21 Oct 2016 23:33:54 +0000 (19:33 -0400)]

continue refactoring to build out DetectionEngine

commit | commitdiff | tree

Russ Combs [Fri, 21 Oct 2016 20:54:59 +0000 (16:54 -0400)]

refactor, establish DetectionEngine class

commit | commitdiff | tree

Russ Combs [Thu, 20 Oct 2016 21:26:21 +0000 (17:26 -0400)]

support dynamic builds and other tweaks

commit | commitdiff | tree

Russ Combs [Thu, 20 Oct 2016 11:36:51 +0000 (07:36 -0400)]

add DetectionContext
move event queue to ips context
move dce rebuilt packets to ips context

commit | commitdiff | tree

Russ Combs [Wed, 19 Oct 2016 23:26:40 +0000 (19:26 -0400)]

move wire and tcp rebuilt packets from thread local to IpsContext

commit | commitdiff | tree

Russ Combs [Sun, 16 Oct 2016 13:40:27 +0000 (09:40 -0400)]

enable build with Snort

commit | commitdiff | tree

Russ Combs [Sun, 16 Oct 2016 12:44:29 +0000 (08:44 -0400)]

initial ContextSwitcher

commit | commitdiff | tree

Russ Combs [Sun, 16 Oct 2016 12:43:18 +0000 (08:43 -0400)]

initial IpsContext

commit | commitdiff | tree

Russ Combs [Tue, 17 Jan 2017 19:45:31 +0000 (14:45 -0500)]

build 224

commit | commitdiff | tree

Russ Combs (rucombs) [Sat, 14 Jan 2017 15:12:18 +0000 (10:12 -0500)]

Merge pull request #776 in SNORT/snort3 from strtcp to master

Squashed commit of the following:

commit cc76d85724b799e2727969259dcf9e18603e4742
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Fri Jan 13 07:49:28 2017 -0500

    remove config option that specifies directory for thirdparty appid detection library until third party support is enabled

commit 1b0e15e770db439b5d836ee50a858c69e80dceda
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jan 11 12:07:41 2017 -0500

    fix flush issues

    fix getter for tracker flush flags to return uint16_t istead of uint8_t since the flags variable is a uinit16_t

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 13 Jan 2017 20:51:18 +0000 (15:51 -0500)]

Merge pull request #774 in SNORT/snort3 from dynamic_plugins to master

Squashed commit of the following:

commit 429abf88893a45cdb4d2c4a8a5b41c18284cb166
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 12 18:28:03 2017 -0500

    pkg-config: Remove unnecessary optional cppflags from the default

    Nothing in the exported headers requires PCAP, DNET, or OpenSSL headers.

commit 482b74a103a5d6d88c1391e5c4219687cfeef875
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 12 18:24:06 2017 -0500

    cmake: Fix exporting Hyperscan cppflags in snort.pc

commit ab4ba847964e2d5e255e07663be9ab9fa35b5203
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 12 17:57:03 2017 -0500

    cmake: Add configure_cmake.sh convenience wrapper for extras

commit 1df401e0cc1ba3b60a10a74c041ae133407de7f7
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 12 17:49:11 2017 -0500

    build: Synchronize installed files between autotools and cmake

commit ebaf6fb2a8e05d50619dea337eb504996a3f7df6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jan 11 02:33:18 2017 -0500

    build: Build dynamic plugins as modules rather than shared libraries

    This removes the 'lib' prefix from dynamic plugins, leaving them with
    their normal bare names and a .so file extension.  No SONAME nor other,
    OS-level dynamic library versioning method is applied.

    The cmake macro for adding dynamic plugins has been renamed from
    add_shared_library to add_dynamic_module.

    On OSX, this means that plugins will no longer have the dynamic library
    suffix (.dylib) and only plugins with the .so extension will be loaded,
    just like on other platforms.

    The cmake and automake templates for extras have been updated
    accordingly and used to regenerate the respective files in extras.

commit 65cc51c527d07a3d1dfbc89c3ac9885f1c352984
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 12 14:00:55 2017 -0500

    cmake: Fix setting CMAKE_C[XX]_FLAGS for subdirectories

    Don't clobber the existing CMAKE_C_FLAGS and CMAKE_CXX_FLAGS.
    Additionally, add subdirectories after flags have been pulled from
    pkg-config so that they are properly propagated.

commit 8a1f748c6ab8836e6236c7b6922c42162138dd18
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jan 11 01:33:50 2017 -0500

    build: Remove unnecessary check for pcap_lib_version()

    The function has been present since libpcap 0.8 and we require higher
    than that, so don't bother.

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 12 Jan 2017 20:50:58 +0000 (15:50 -0500)]

Merge pull request #773 in SNORT/snort3 from nhttp63 to master

Squashed commit of the following:

commit 1af3bd51f306e045a09ce819e3eff05f868edce1
Author: Tom Peters <thopeter@cisco.com>
Date:   Thu Jan 12 14:54:33 2017 -0500

    code review fixes

commit 93732c6027015abc7f651889cd20e853aac1ce36
Author: Tom Peters <thopeter@cisco.com>
Date:   Tue Jan 3 10:39:06 2017 -0500

    NHI-stream issues

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 12 Jan 2017 17:30:31 +0000 (12:30 -0500)]

Merge pull request #772 in SNORT/snort3 from sdf_rebuilt to master

Squashed commit of the following:

commit 17e64dab9b41ff5f511d2f658f6b5786a9ba2c3b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jan 11 15:36:17 2017 -0500

    update per review comments - remove spurios space

commit 4c57328e70f71d0982e5839021396f798167774f
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jan 11 15:06:36 2017 -0500

    update per review comments

commit 4d343bfbabb1e1bc434557150179e48ee0f92af2
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Jan 11 13:50:00 2017 -0500

    delete obfuscator for rebuilt packets

commit 8b97d1de63620836d3f383f785c4eb07dbfb5d54
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Tue Jan 10 14:51:46 2017 -0500

    fix obfuscation offset for sdf

commit 5dd32194356ded49d1275a1796ba4df7d6c702db
Merge: 562ce29 f14f7db
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Tue Jan 10 14:51:01 2017 -0500

    Merge branch 'master' of https://bitbucket-eng-rtp1.cisco.com/bitbucket/scm/snort/snort3

commit 562ce2927cf84f5927bc583be6b45c08659c14c9
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Tue Jan 10 00:29:40 2017 -0500

    obfuscate stream rebuilt payload

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 12 Jan 2017 17:29:53 +0000 (12:29 -0500)]

Merge pull request #771 in SNORT/snort3 from appid_count_kerberos to master

Squashed commit of the following:

commit 2721acae70b568e4d8e54b72c2318e81a8b6ca0f
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Jan 10 10:53:38 2017 -0500

new kerberos appid flows are counted when appid creates its flowdata

commit | commitdiff | tree

Michael Altizer (mialtize) [Tue, 10 Jan 2017 16:43:20 +0000 (11:43 -0500)]

Merge pull request #770 in SNORT/snort3 from modern_zlib to master

Squashed commit of the following:

commit 152f75000bddbafd0180352d4208cb4eae1c3d70
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jan 9 21:38:56 2017 -0500

    http_server: Do not copy zlib z_stream object after initialization

    More recent versions of zlib now include a backreference from the
    stream state to the stream object for sanity checking, which becomes
    invalid if the z_stream object is copied by value.  Future functions
    called using the copied object will fail due to the sanity checks.

    http_server was doing this for no obvious reason, so this patch fixes it.

commit 25eef766344d6c24f096f3f0ecc175b244a8ef41
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jan 9 21:31:29 2017 -0500

    so_manager: Use the lowest legal value for windowBits in deflateInit2()

    The current value of -8 is not legal due to a bug in deflate with
    windowBits == 8 (256-byte window).  Newer versions of zlib are
    actively enforcing this restriction when headers are being excluded as
    Snort does and cause deflateInit2() to fail.  It used to silently change
    the windowBits to 9, so now do so explicitly.

    See also:
    https://github.com/madler/zlib/commit/049578f0a1849f502834167e233f4c1d52ddcbcc
    as well as the zlib manual (http://www.zlib.net/manual.html)

commit | commitdiff | tree

Hui Cao (huica) [Mon, 9 Jan 2017 21:04:54 +0000 (16:04 -0500)]

Merge pull request #769 in SNORT/snort3 from smb2_fix to master

Squashed commit of the following:

commit 9db2679579295da3f7a76eec8a9dea0bfcfc84a3
Author: huica <huica@cisco.com>
Date: Mon Jan 9 13:15:17 2017 -0500

disable smb2 processing when file service is disabled

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 9 Jan 2017 19:38:43 +0000 (14:38 -0500)]

Merge pull request #768 in SNORT/snort3 from expected_leak to master

Squashed commit of the following:

commit bc95f17209177c4d6e1417bb5a80ba47ae831ac9
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Jan 9 14:16:31 2017 -0500

    expected: Fix expected flow leak when expiring nodes during lookup

    If expected cache nodes are expired during lookup, their associated
    unconsumed flows are leaked, eventually leading to a segfault when the
    pool of expected flows are exhausted.  This fix releases the expected
    flows when expiring the expected node.

    Thanks to João Soares <joaosoares11@hotmail.com> for reporting the
    issue.

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 6 Jan 2017 19:06:03 +0000 (14:06 -0500)]

Merge pull request #767 in SNORT/snort3 from header_fixes to master

Squashed commit of the following:

commit 844d73f41f407756e05b7784530f7690285903f8
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jan 6 11:14:12 2017 -0500

    autoconf: Add piglet plugin iface headers and unit_test_main.h to sources lists

commit 36ab75006d396f62642ab37f5bae14d78559d9e9
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jan 6 11:13:23 2017 -0500

    sfrt: Finish removal of sfrt_trie.h

commit eff74954c55abbfeb95af6865c37f06023a6d161
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Jan 6 11:13:51 2017 -0500

    http_inspect: Restore stdexcept header inclusion for old compilers

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 6 Jan 2017 16:31:40 +0000 (11:31 -0500)]

Merge pull request #766 in SNORT/snort3 from expected_leak to master

Squashed commit of the following:

commit 0e6b4ac3791d30c26b164f9abd64c3f87fc27886
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jan 5 18:55:35 2017 -0500

expected: Fix expected flow leak when pruning nodes

commit | commitdiff | tree

Michael Altizer (mialtize) [Thu, 5 Jan 2017 21:27:12 +0000 (16:27 -0500)]

Merge pull request #765 in SNORT/snort3 from pcre_cflags to master

Squashed commit of the following:

commit 32ce7a4397b8219563c1a099ce789045046226dd
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 4 15:10:22 2017 -0500

autoconf: Fix retrieving PCRE cppflags from pkg-config

commit | commitdiff | tree

Michael Altizer (mialtize) [Thu, 5 Jan 2017 21:24:54 +0000 (16:24 -0500)]

Merge pull request #764 in SNORT/snort3 from header_cleanup to master

Squashed commit of the following:

commit d2b780ecee5d8c14a52df5f443594ef88c2d0d2b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Jan 5 12:57:47 2017 -0500

    doc: Update style guide with header inclusion instructions

commit 3c1979ca35f3cd3ddae7de83beab8dfb6d0508ac
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Dec 22 15:50:14 2016 -0500

    install: Prune the set of installed headers

commit fc995ce4218462561a9e86ae8288a458e2d95add
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Dec 22 15:56:38 2016 -0500

    build: The big header cleanup

commit | commitdiff | tree

Hui Cao (huica) [Thu, 5 Jan 2017 13:55:00 +0000 (08:55 -0500)]

Merge pull request #763 in SNORT/snort3 from fix-osx to master

Squashed commit of the following:

commit 1cf8d99a6467a6c5f446ffa5953fca9ecfa45d2b
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Jan 4 13:55:48 2017 -0500

alert_sf_socket is not supported on OSX

commit | commitdiff | tree

Hui Cao (huica) [Tue, 3 Jan 2017 21:25:16 +0000 (16:25 -0500)]

Merge pull request #751 in SNORT/snort3 from doc_sdf2x3x to master

Squashed commit of the following:

commit 042b8ad6e168b42e4fd46de8ebd5a10f46a86284
Author: Victor Roemer <viroemer@cisco.com>
Date: Thu Dec 15 12:08:55 2016 -0500

SDF 2.x vs 3.x

commit | commitdiff | tree

Michael Altizer (mialtize) [Fri, 23 Dec 2016 18:48:21 +0000 (13:48 -0500)]

Merge pull request #759 in SNORT/snort3 from pkg_conf to master

Squashed commit of the following:

commit 5ffeafc229b253e2e0b3cdd4da94e57f9c50272d
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Dec 13 14:13:54 2016 -0500

Added CPP flags used to build Snort to snort.pc for extras and other plugins to use

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 22 Dec 2016 19:51:29 +0000 (14:51 -0500)]

Merge pull request #762 in SNORT/snort3 from userssn to master

Squashed commit of the following:

commit 78d6818621bb12500c440b79fd07f36eebaabd5f
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 22 10:27:09 2016 -0500

    convert debug prints to proper traces

commit c6deeed10fa6fc82f164d54a6562616a18d0b3ce
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 22 07:10:34 2016 -0500

    fix user session reassembly

commit | commitdiff | tree

Russ Combs [Thu, 22 Dec 2016 04:03:44 +0000 (23:03 -0500)]

build 223

commit | commitdiff | tree

Russ Combs [Wed, 21 Dec 2016 17:00:52 +0000 (12:00 -0500)]

refactor plugin loading so that builtins are loaded
with the same lists as dynamic plugins.

commit | commitdiff | tree

Michael Altizer (mialtize) [Wed, 21 Dec 2016 18:35:37 +0000 (13:35 -0500)]

Merge pull request #761 in SNORT/snort3 from nhttp62 to master

Squashed commit of the following:

commit ad012fd47facac9599f369baac37ae33b292af13
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Dec 14 11:18:29 2016 -0500

Improve NHI Field class

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 21 Dec 2016 15:28:04 +0000 (10:28 -0500)]

Merge pull request #760 in SNORT/snort3 from file_reload to master

Squashed commit of the following:

commit 758044e06f1da69e4984fd3a5c7bf8ff46d73794
Author: huica <huica@cisco.com>
Date: Fri Dec 16 10:13:26 2016 -0500

Add file inspector to avoid reload issues

commit | commitdiff | tree

Russ Combs [Wed, 21 Dec 2016 11:54:04 +0000 (06:54 -0500)]

fix daemonization

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 20 Dec 2016 22:35:25 +0000 (17:35 -0500)]

Merge pull request #755 in SNORT/snort3 from smb_active_response to master

Squashed commit of the following:

commit 1382167838c9b098ce5ff7a65560f599b741b579
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Dec 19 04:18:15 2016 -0500

smb active response updates

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 20 Dec 2016 17:21:53 +0000 (12:21 -0500)]

Merge pull request #753 in SNORT/snort3 from appid_docs1 to master

Squashed commit of the following:

commit 38e9cfcf5c392c75e40a0ec0718479f9a0599326
Author: Steve Chew <stechew@cisco.com>
Date: Thu Dec 15 16:04:35 2016 -0500

Added AppId to Features section of doc. Removed RNA code.

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 20 Dec 2016 13:57:19 +0000 (08:57 -0500)]

Merge pull request #758 in SNORT/snort3 from tsc_fix to master

Squashed commit of the following:

commit 7752bae1299569b97989ed65f4867d64172620b5
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Dec 19 18:53:55 2016 -0500

    do not build tsc clock scaling if not enabled
        (don't break non-x86 builds)

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 19 Dec 2016 19:56:04 +0000 (14:56 -0500)]

Merge pull request #757 in SNORT/snort3 from failed_init to master

Squashed commit of the following:

commit 2f5ecada66689fc0abcb05bafc402c66ff6cbad2
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 19 13:29:31 2016 -0500

Fix thread termination segfaults after DAQ module initialization fails

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 19 Dec 2016 17:50:14 +0000 (12:50 -0500)]

Merge pull request #756 in SNORT/snort3 from flush_fix2 to master

Squashed commit of the following:

commit 73fb00538580fac0a17963837190863bb3f8b603
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Dec 19 11:12:09 2016 -0500

    fix splitter checks to make analyzer happy

commit e50e7b418f3ac7f4a9dc79fcf79fd9be2d3c7d2e
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Dec 19 07:29:27 2016 -0500

    fallback from paf to atom splitter if flushing past gap

commit | commitdiff | tree

Russ Combs [Sun, 18 Dec 2016 15:12:44 +0000 (10:12 -0500)]

fix paf-type flushing of single segments
thanks to joaosoares11@hotmail.com for reporting the issue

also fixes double counting of reassembled buffers
minor refactor of flush loop for clarity

commit | commitdiff | tree

Russ Combs [Sat, 17 Dec 2016 20:41:33 +0000 (15:41 -0500)]

fix appid service dispatch handling issue
thanks to João Soares <joaosoares11@hotmail.com> for reporting the issue

commit | commitdiff | tree

Russ Combs [Fri, 16 Dec 2016 15:37:58 +0000 (10:37 -0500)]

build 222

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 16 Dec 2016 15:14:08 +0000 (10:14 -0500)]

Merge pull request #752 in SNORT/snort3 from appid_service_plugin_fail_bug to master

Squashed commit of the following:

commit e96d17d582906a36eacaad7ba4b8afea3c56fb11
Author: davis mcpherson <davmcphe.cisco.com>
Date: Thu Dec 15 14:30:12 2016 -0500

this fixes the service plugin dispatch bug when a service failed and was deleted from the candidate list

commit | commitdiff | tree

Russ Combs [Thu, 15 Dec 2016 23:06:22 +0000 (18:06 -0500)]

adjust builtin rule text for consistent formatting

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 15 Dec 2016 22:41:19 +0000 (17:41 -0500)]

Merge pull request #754 in SNORT/snort3 from crc_s2l to master

Squashed commit of the following:

commit e5ffd64ddf366e1243ad75892fd3e8b3f2bd684b
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 15 15:39:39 2016 -0500

    fix modbus_data handling to not skip options
    thanks to FabianMalte.Kopp@b-tu.de for reporting the issue

commit | commitdiff | tree

Russ Combs [Thu, 15 Dec 2016 03:35:02 +0000 (22:35 -0500)]

revert s2l const change to fix borked clang build

commit | commitdiff | tree

Russ Combs [Thu, 15 Dec 2016 02:51:08 +0000 (21:51 -0500)]

clean up help text

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 15 Dec 2016 00:01:53 +0000 (19:01 -0500)]

Merge pull request #750 in SNORT/snort3 from crc_const to master

Squashed commit of the following:

commit f638ff4cb5039a6b52dbc5e8d94c0aee060909a6
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Dec 14 13:20:05 2016 -0500

const -> static const

commit | commitdiff | tree

Michael Altizer (mialtize) [Wed, 14 Dec 2016 23:51:48 +0000 (18:51 -0500)]

Merge pull request #744 in SNORT/snort3 from nhttp58 to master

Squashed commit of the following:

commit 4150d37b3afef6615b88e8350d273976290d145c
Author: allewi <allewi@cisco.com>
Date: Mon Nov 28 20:57:00 2016 -0500

JavaScript Normalization

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 14 Dec 2016 20:04:45 +0000 (15:04 -0500)]

Merge pull request #748 in SNORT/snort3 from doc_sdftyop to master

Squashed commit of the following:

commit e646c080bfd765b3c42830b4a9b3eb8343bf58d4
Author: Victor Roemer <viroemer@cisco.com>
Date:   Wed Dec 14 11:09:40 2016 -0500

    Fix alert msg output

commit 565a89b76108f9058e898213cbd04c5b96020945
Author: Victor Roemer <viroemer@cisco.com>
Date:   Tue Dec 13 14:35:47 2016 -0500

    Fix typos

commit 0170073da41b6310a9b2e9e9464cfe32ac367fa0
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Dec 8 16:23:48 2016 -0500

    Update example alert output to match latest behavior.

commit 7f8f8bb4b3cdfc7c9acefb6ea149267e66d34e4c
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Dec 8 15:38:15 2016 -0500

    Fix typo

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 14 Dec 2016 20:04:35 +0000 (15:04 -0500)]

Merge pull request #749 in SNORT/snort3 from doc_concepts to master

Squashed commit of the following:

commit c0d4565a4996ded8816750e5637b4d0eb82f7594
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Dec 14 11:50:34 2016 -0500

doc: update concepts

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 13 Dec 2016 17:28:32 +0000 (12:28 -0500)]

Merge pull request #747 in SNORT/snort3 from doc_umentation to master

Squashed commit of the following:

commit 1871bd514dce2bfaa7d28ccf4df25d2d5f48b00d
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Dec 13 07:55:26 2016 -0500

    more reorganization for clarity

commit 6db3bc35d92ae7ccc2bf9079d94b2aa5c5c7ae2d
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Dec 13 06:17:12 2016 -0500

    use Snort 2 and Snort 3 throughout

commit ea75de13ba40bd1acb479c5380fb898d024ab997
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Dec 9 11:45:49 2016 -0500

    doc: refactor user manual to start with overview, getting started,
    concepts, and features sections.

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 12 Dec 2016 21:40:42 +0000 (16:40 -0500)]

Merge pull request #746 in SNORT/snort3 from opensolaris_cppcheck to master

Squashed commit of the following:

commit c5ee2095e28b19c4fa99b4236041fc77a979e9dc
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Dec 9 18:40:33 2016 -0500

    build: Address some cppcheck concerns

commit 9e89b0f57dd5e0a43d1c9600a54ac6fca8a155cf
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Dec 8 19:10:33 2016 -0500

    build: Illumos build fixes

commit | commitdiff | tree

Russ Combs (rucombs) [Fri, 9 Dec 2016 23:12:05 +0000 (18:12 -0500)]

Merge pull request #745 in SNORT/snort3 from cppchk2 to master

Squashed commit of the following:

commit fae5565f41fb7db83287999210d7dda6457b5685
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Dec 9 16:27:32 2016 -0500

    fix cppcheck warning in ftp params

commit f41129dd4622688af4899c1faf9e45b33d90162a
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Dec 9 15:12:15 2016 -0500

    convert stream u2 maps arg to reference

commit 3347756cf56413da5a5fdd4210918bb7257a2f86
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Dec 9 12:53:28 2016 -0500

    fix int vs size_t format issue

commit 01ab793e28c8971e2d1094a4b1ea44bf7f68d943
Author: Russ Combs <rucombs@cisco.com>
Date:   Fri Dec 9 12:34:51 2016 -0500

    remove vestigial extra stream debug foo

commit | commitdiff | tree

Russ Combs [Fri, 9 Dec 2016 17:08:22 +0000 (12:08 -0500)]

build 221

commit | commitdiff | tree

Russ Combs [Thu, 8 Dec 2016 13:45:02 +0000 (08:45 -0500)]

cppcheck cleanup

commit | commitdiff | tree

Michael Altizer [Thu, 8 Dec 2016 18:47:44 +0000 (13:47 -0500)]

doc/style: Fix macro name typo

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 8 Dec 2016 18:44:33 +0000 (13:44 -0500)]

Merge pull request #742 in SNORT/snort3 from macros_doc to master

Squashed commit of the following:

commit 8d2d0b87dd0dfe416fa7991f6c7c8b3e1501d8af
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Dec 8 13:15:13 2016 -0500

utils: License and document CPP padding guard macros.

commit | commitdiff | tree

Shawn Turner (shaturne) [Thu, 8 Dec 2016 16:42:42 +0000 (11:42 -0500)]

Merge pull request #740 in SNORT/snort3 from thread_local2 to master

Squashed commit of the following:

commit 0e098bc439fea33fe8dafd4c07c6767630370441
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Dec 7 12:50:51 2016 -0500

fixed dynamic build issues by forcing cross-unit THREAD_LOCAL access through functions

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 8 Dec 2016 03:50:36 +0000 (22:50 -0500)]

Merge pull request #741 in SNORT/snort3 from macros to master

Squashed commit of the following:

commit dd8de11b48dd18c5dbbd8d0d093b40028771b296
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Dec 7 16:44:33 2016 -0500

build: Rework key structure padding guard macros

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 7 Dec 2016 00:27:41 +0000 (19:27 -0500)]

Merge pull request #739 in SNORT/snort3 from cppcheck_fixes to master

Squashed commit of the following:

commit 0842be13d69f74dee314966e11ceb742d451da17
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Dec 5 12:51:39 2016 -0500

cppcheck error fixes

commit | commitdiff | tree

Michael Altizer (mialtize) [Tue, 6 Dec 2016 22:39:14 +0000 (17:39 -0500)]

Merge pull request #731 in SNORT/snort3 from sfip to master

Squashed commit of the following:

commit 7d6beaa500576fd94654482baea2841c626094ea
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Oct 17 21:39:28 2016 -0400

    sfip: Refactoring and split from SfCidr

commit 0910494ac22e82569b8faf2b041828b31708f5d7
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 20 13:16:00 2016 -0400

    sf_vartable: Initial conversion to Catch unit tests

commit 17c20f297605fbe954c26e0d2061fa258af7bf49
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Nov 30 14:07:25 2016 -0500

    main: Mark main_read() as static

commit 30c7b6fd9413f0f338cd22f37dc37e79657054b5
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Nov 23 12:04:42 2016 -0500

    appid: Remove unused API HTTP field functions

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 6 Dec 2016 16:26:48 +0000 (11:26 -0500)]

Merge pull request #737 in SNORT/snort3 from doc_dce to master

Squashed commit of the following:

commit 8f2a3e91369b4692dd4638067d4b493950c85b82
Author: huica <huica@cisco.com>
Date: Mon Dec 5 12:48:26 2016 -0500

Add manual for dcerpc

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 6 Dec 2016 15:11:37 +0000 (10:11 -0500)]

Merge pull request #735 in SNORT/snort3 from sip_strings to master

Squashed commit of the following:

commit fa7daec1f2e0064bc4cd14cafe028bfedf0d8c9e
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Dec 5 14:28:22 2016 -0500

    added copies to sip detector so strings are valid after the current packet disappears

commit 35bb540e26ed79d50a0f00299b9d993dde1cbc7d
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Dec 2 16:04:17 2016 -0500

    all SipEvent strings now handled wih char arrays

commit | commitdiff | tree

Michael Altizer (mialtize) [Tue, 6 Dec 2016 03:28:18 +0000 (22:28 -0500)]

Merge pull request #738 in SNORT/snort3 from curse_uaf to master

Squashed commit of the following:

commit 11760bf923bbbe087b21330f6319d279908c8a6f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 5 19:24:51 2016 -0500

wizard: Refactor curses to prevent use-after-free of service name

commit | commitdiff | tree

Russ Combs (rucombs) [Mon, 5 Dec 2016 15:56:06 +0000 (10:56 -0500)]

Merge pull request #736 in SNORT/snort3 from exec_swap to master

Squashed commit of the following:

commit 8d68ca38e3e0a8bf7d66b1bb7805c1cbf0329ea7
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Dec 2 13:40:28 2016 -0500

issue asynchronous swaps

commit | commitdiff | tree

Russ Combs [Fri, 2 Dec 2016 12:05:19 +0000 (07:05 -0500)]

build 220

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 1 Dec 2016 22:41:07 +0000 (17:41 -0500)]

Merge pull request #734 in SNORT/snort3 from doc_manual to master

Squashed commit of the following:

commit 89ac929f14c99e3aa3f2a3f072b83b8385992146
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 30 21:09:27 2016 -0500

refactor overview and features sections

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 1 Dec 2016 21:09:03 +0000 (16:09 -0500)]

Merge pull request #733 in SNORT/snort3 from appid_spaces to master

Squashed commit of the following:

commit 173463dad3d45eb063097764374f396aa07f5356
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Dec 1 12:04:25 2016 -0500

    removed underscores from all pegs outside of appid

commit d696ac7ee5ac0d1b4be029e610f344b04ef3568b
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Nov 23 15:25:44 2016 -0500

    removed '_' from appid pegs

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 1 Dec 2016 02:09:43 +0000 (21:09 -0500)]

Merge pull request #730 in SNORT/snort3 from sdf-doc to master

Squashed commit of the following:

commit 8944a32cad0a92c79c3b7ff2a546c8b55880316c
Author: Victor Roemer <viroemer@cisco.com>
Date: Wed Nov 30 10:50:26 2016 -0500

SDF-Doc take 2

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 1 Dec 2016 02:07:58 +0000 (21:07 -0500)]

Merge pull request #728 in SNORT/snort3 from alert_135_2 to master

Squashed commit of the following:

commit bbd04a472f5eb899ee3d2a90e967032948ec1c54
Author: huica <huica@cisco.com>
Date: Mon Nov 28 16:24:53 2016 -0500

Alert 135:2 when a 3-way handshake is completed

commit | commitdiff | tree

Russ Combs (rucombs) [Thu, 1 Dec 2016 02:07:29 +0000 (21:07 -0500)]

Merge pull request #732 in SNORT/snort3 from lockfix1 to master

Squashed commit of the following:

commit 45aa613f821d70b0e8e7cfb1d884c8047bd385c8
Author: Steve Chew <stechew@cisco.com>
Date: Wed Nov 30 19:40:19 2016 -0500

Removed unneeded lock.

commit | commitdiff | tree

Hui Cao (huica) [Wed, 30 Nov 2016 18:58:59 +0000 (13:58 -0500)]

Merge pull request #729 in SNORT/snort3 from appid_x509_memleak to master

Squashed commit of the following:

commit 1d47856b2d2f0f69c3d53550e3a9cff236ffdbed
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Mon Nov 28 15:37:18 2016 -0500

    cleanup openssl resources when snort exits to eliminate memory leaks

    only call openssl cleanup functions required to clean crypto* api usage, move cleanup to plugin terminate api function, improve service ssl code style

commit | commitdiff | tree

Hui Cao (huica) [Tue, 29 Nov 2016 20:00:21 +0000 (15:00 -0500)]

Merge pull request #726 in SNORT/snort3 from appid_ptypes_scan_patch to master

Squashed commit of the following:

commit cfbad0aea0e04b034f7bcd70d07de6fcfc36dc73
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Mon Nov 28 10:50:23 2016 -0500

    delete auto ptr used to point to member variable of the AppIdSession class, just use the member variable directly.  Some coding style improvements

commit 616baeb1eae80e6d4954c0a1e85db4d34085a13e
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Mon Nov 28 15:06:26 2016 -0500

    make ptype_scan_counts a field of the httpSession struct

commit fef9bdf71276aa9b8966609c49743f6df3136bcd
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Mon Nov 28 14:41:55 2016 -0500

    Add mutex lock around calls into crypto lib for X509 cert processing, crypto lib not thread safe so calls into this lib from multiple packet threads appear to be causing random failures

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 28 Nov 2016 15:37:44 +0000 (10:37 -0500)]

Merge pull request #724 in SNORT/snort3 from gtp_duplicates to master

Squashed commit of the following:

commit abde9b0d9432302fc1ad7dc1a776d92525116564
Author: allewi <allewi@cisco.com>
Date: Sun Nov 27 13:08:38 2016 -0500

added line to prevent duplicate gtp configurations from being printed

commit | commitdiff | tree

Michael Altizer (mialtize) [Mon, 28 Nov 2016 15:37:29 +0000 (10:37 -0500)]

Merge pull request #725 in SNORT/snort3 from modbus_duplicates to master

Squashed commit of the following:

commit 6f6e45378a305b45648ebcaf052660a9d7ad79b3
Author: allewi <allewi@cisco.com>
Date: Sun Nov 27 13:27:40 2016 -0500

adding change to prevent duplicate modbus configurations

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 23 Nov 2016 22:45:02 +0000 (17:45 -0500)]

Merge pull request #721 in SNORT/snort3 from double_lua to master

Squashed commit of the following:

commit b5229dc110c61a58eb586c2a6ef681001dcfacc1
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Nov 21 15:05:39 2016 -0500

added multiple passes to lua so variables are always set before used

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 23 Nov 2016 21:24:58 +0000 (16:24 -0500)]

Merge pull request #722 in SNORT/snort3 from appid_stl_thread_safety to master

Squashed commit of the following:

commit 991eb29ae7f85b1e9e1b72f334eb96536c568b10
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Wed Nov 23 14:09:00 2016 -0500

    use std::lock_guard to manage life cycle of mutex ownership when accessing app info tables.

commit a09a573489bf2b69930b6aa58006699fd3ab0681
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Wed Nov 23 10:33:49 2016 -0500

    add lock around read accesses to app info tables.  there is a single lock that is global to all app info tables, more granular locking on a per table basis may be implemented in the future to improve performance

    remove caching AppIdServiceIDState object pointers in the AppIdSession object.  The service state object may get deleted without the knowledge of appid sessions that have cached the pointer.  For now a get using the ip/port/protocol tuple of the destination is used to get the service state object.  This is short term solution until a move to the host cache can be implemented.

commit | commitdiff | tree

Russ Combs (rucombs) [Wed, 23 Nov 2016 12:46:31 +0000 (07:46 -0500)]

Merge pull request #719 in SNORT/snort3 from ecb_alt_fast_pattern to master

Squashed commit of the following:

commit b89eb774fcc4a5ac076304db6dab6dd31f5ddf99
Author: mdagon <mdagon@cisco.com>
Date:   Fri Nov 18 13:28:03 2016 -0500

    alternate pattern for dce_udp iface rule option

    Code review fixes

    Remove an extra 'using namespace std'

    Refactoring

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 22 Nov 2016 22:54:41 +0000 (17:54 -0500)]

Merge pull request #720 in SNORT/snort3 from cut_down to master

Squashed commit of the following:

commit f3bb19f43167cdda20698247fa21ba25f77b6dc5
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Nov 22 14:29:52 2016 -0500

    refactor dce_smb.cc

commit d61f30962fd70cfbb2ec66c0cbe017760f5a42a9
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Nov 22 12:54:31 2016 -0500

    refactor smb message definitions

commit 806617d70753418e348724443d0b655bc63d91b8
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Nov 22 11:50:24 2016 -0500

    split hi_client.cc init methods into separate file

commit | commitdiff | tree

Hui Cao (huica) [Tue, 22 Nov 2016 21:40:14 +0000 (16:40 -0500)]

Merge pull request #718 in SNORT/snort3 from sdf_documenation to master

Squashed commit of the following:

commit 3cfa955237b9a1e87ca3cd08a9f8c8d2d7c81a8d
Author: Victor Roemer <viroemer@cisco.com>
Date: Tue Nov 15 14:50:01 2016 -0500

sd_pattern user documentation

commit | commitdiff | tree

Hui Cao (huica) [Tue, 22 Nov 2016 21:39:29 +0000 (16:39 -0500)]

Merge pull request #717 in SNORT/snort3 from file_reg to master

Squashed commit of the following:

commit 692030b8b6e8bee8ed0ca083cb74c2f5faa10dbd
Author: huica <huica@cisco.com>
Date:   Mon Nov 21 15:30:07 2016 -0500

    Fixed uu and qp decode issue
    Fixed file signature calculation for ftp
    Fixed file resume blocking

commit | commitdiff | tree

Russ Combs (rucombs) [Tue, 22 Nov 2016 12:07:40 +0000 (07:07 -0500)]

Merge pull request #715 in SNORT/snort3 from appid_fflow3 to master

Squashed commit of the following:

commit a9e3e7de8612efb242df0f21d32d0654e647d90c
Merge: 31d0bf7 61a685b
Author: Steve Chew <stechew@cisco.com>
Date:   Mon Nov 21 23:50:53 2016 -0500

    Merge branch 'appid_fflow3' of ssh://bitbucket-eng-rtp1.cisco.com:7999/snort/snort3 into appid_fflow3

    Conflicts:
     src/network_inspectors/appid/detector_plugins/detector_http.cc

commit 31d0bf78b51445976b335f705e25be0b0f744794
Author: Steve Chew <stechew@cisco.com>
Date:   Mon Nov 21 22:52:16 2016 -0500

    Remove future flow appid feature for http since there is no known use
    case.

commit 61a685bfd603fe098c64589162acbe2f838d2629
Author: Steve Chew <stechew@cisco.com>
Date:   Mon Nov 21 22:52:16 2016 -0500

    Remove future flow appid feature for http since there is no known use
    case.

Mirror of https://github.com/snort3/snort3.git

RSS Atom