Merge pull request #2800 in SNORT/snort3 from ~BBANTWAL/snort3:ips_actions to master
Squashed commit of the following:
commit
9ea4a671998c7c5270d91ca26ee1cca8228030ff
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri Mar 26 12:08:39 2021 -0400
actions: dynamically construct the default eval order for all the loaded ips actions
commit
39c59c2dd92c4ad3b1ed1d3ac4914c511b5a7edf
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sun Mar 21 13:07:52 2021 -0400
detection: Update the rtn's listHead to reflect the new action set in the rule state
commit
628648057da9d38fc7c212a209427623700efaa3
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Mar 25 09:48:18 2021 -0400
rate_filter: Get the available ips actions dynamically to configure the new_action
commit
15c13d82d360fc37aa83ebf30dea71b2877b5a14
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 17 12:13:06 2021 -0400
snort_config: Remove is_active_enabled and set_active_enabled functions
commit
fce81b9ed016b3aa118371fec104cc3d62c5109b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Mar 16 14:26:49 2021 -0400
snort2lua: delete conversion of disable_replace option
commit
13ad5f9b33620576f11483058425fc8b43031acc
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Mar 9 11:33:31 2021 -0500
actions: Make all IPS actions pluggable
* All actions, including the previously "built-in" actions, have been
refactored into a set of equal IPS action plugins. Each IPS action has
an immediate effect and may or may not contain an active response to be
carried out as a delayed action.
* The reset and reject IPS actions have been merged into a single
reject IPS action. The reject IPS action can no longer be built as a
dynamic plugin.
* All IPS actions will be instantiated in a default state in each IPS
policy where they have not been otherwise explicitly configured via a
module.
* The rewrite IPS action is no longer configurable and has lost its
module. Its active response priority has been corrected to AP_MODIFY.
* Rate filter thresholding has been corrected to apply to any IPS
action that drops traffic.
* Rule evaluation action ordering has been expanded to include all
IPS actions, static and dynamic. Dynamic actions will currently default
to the lowest priority.
projects / thirdparty / snort3.git / commit
