]>
git.ipfire.org Git - thirdparty/snort3.git/log
Russ Combs (rucombs) [Thu, 25 Aug 2022 19:09:38 +0000 (19:09 +0000)]
Pull request #3569: build: generate and tag 3.1.40.0
Merge in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.40.0 to master
Squashed commit of the following:
commit
87252bdadd41d0fe90a95319dd25688c43adf299
Author: russ <rucombs@cisco.com>
Date: Thu Aug 25 10:08:50 2022 -0400
build: generate and tag 3.1.40.0
Shanmugam S (shanms) [Wed, 24 Aug 2022 05:04:19 +0000 (05:04 +0000)]
Pull request #3549: crashhandler: Crashandler signal handling path Fix
Merge in SNORT/snort3 from ~MSONEJA/snort3:crash_handler_fix to master
Squashed commit of the following:
commit
c880afa890d8b451968f1dd7aa895ccbaf57f689
Author: msoneja <msoneja@cisco.com>
Date: Wed Aug 10 11:36:34 2022 +0000
helpers: make install_oops_handle and remove_oops_handle so_public, install process.h and sigsafe.h
Steven Baigal (sbaigal) [Tue, 23 Aug 2022 17:14:05 +0000 (17:14 +0000)]
Pull request #3564: daq: Remove duplicate entries from static module list
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:daqcmakefix to master
Squashed commit of the following:
commit
9bd81840fdec5361257a729c0c54e70c39cd126c
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Aug 19 11:41:19 2022 -0400
daq: Remove duplicate entries from static module list
thanks to GitHub user raging-loon for reporting the issue
Tom Peters (thopeter) [Mon, 22 Aug 2022 07:34:29 +0000 (07:34 +0000)]
Pull request #3562: http_inspect: add doc for http_num_cookies
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:doc_num_cookies to master
Squashed commit of the following:
commit
e83e4def10dd889341a635c28c2b80a2db0afcd2
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Aug 18 10:50:14 2022 -0400
http_inspect: add doc for http_num_cookies
Pull request #3550: utils: Add ext_script checks to </script> tokens
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:js_norm_end_tag to master
Squashed commit of the following:
commit
0450c203be60a18457f4cab5882b80e0cacfc256
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Aug 10 15:06:34 2022 +0300
utils: allow closing tag in external scripts
An appropriate built-in alert will be generated without
stopping the normalization.
Tom Peters (thopeter) [Thu, 18 Aug 2022 16:42:02 +0000 (16:42 +0000)]
Pull request #3563: Github PR 266 - fix typo in stream dev_notes
Merge in SNORT/snort3 from ~MDAGON/snort3:stream_dev to master
Squashed commit of the following:
commit
ed618e05176036128dace4e2a8a4053e1670442c
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu Aug 18 11:28:00 2022 -0400
stream: typo in dev_notes, fix by RobinLanglois
Pull request #3559: http_inspect: add more identifiers to js_norm lists
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:js_ident_upd to master
Squashed commit of the following:
commit
ccd9e35e96370cecdfbeb53a6ec980d506cd6b86
Author: Vitalii <vhorbato@cisco.com>
Date: Thu Aug 4 13:57:34 2022 +0300
http_inspect: add more identifiers to js_norm lists
Tom Peters (thopeter) [Wed, 17 Aug 2022 23:52:41 +0000 (23:52 +0000)]
Pull request #3555: http_inspect: parameters for header alerts
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:header_params to master
Squashed commit of the following:
commit
beed48e8b60e9631ff9001b79db3dfd9df3e4285
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Aug 8 17:06:08 2022 -0400
http_inspect: parameters for header alerts
Sreeja Athirkandathil Narayanan [Tue, 2 Aug 2022 17:54:37 +0000 (13:54 -0400)]
appid: activate appid debug object before printing logs from http event handler
Adrian Mamolea [Wed, 3 Aug 2022 19:14:42 +0000 (15:14 -0400)]
http_inspect: http_num_cookies rule option
russ [Wed, 3 Aug 2022 16:39:05 +0000 (12:39 -0400)]
doc: add section on commit messages to the dev guide
russ [Wed, 27 Jul 2022 18:05:53 +0000 (14:05 -0400)]
hyperscan: add warning when deserialization fails that includes error code
russ [Mon, 25 Jul 2022 20:20:26 +0000 (16:20 -0400)]
ffi: add get_module_version(name, type) for conditional config
russ [Fri, 22 Jul 2022 12:27:47 +0000 (08:27 -0400)]
ip_proto: enable match on PDUs
russ [Tue, 19 Jul 2022 17:41:42 +0000 (13:41 -0400)]
help: enclose --help-config string defaults in single quotes
russ [Mon, 18 Jul 2022 19:55:42 +0000 (15:55 -0400)]
telnet: use the same splitter as ftp_server
russ [Fri, 15 Jul 2022 18:32:18 +0000 (14:32 -0400)]
vlan: add configurable TPIDs
russ [Fri, 15 Jul 2022 16:11:27 +0000 (12:11 -0400)]
parameter: add int_list
russ [Fri, 15 Jul 2022 15:48:22 +0000 (11:48 -0400)]
parameter: simplify multi validation
russ [Fri, 8 Jul 2022 12:13:57 +0000 (08:13 -0400)]
ChangeLog: change to md format
russ [Wed, 6 Jul 2022 15:14:58 +0000 (11:14 -0400)]
style: change max line length to 120 including \n
russ [Tue, 5 Jul 2022 16:09:52 +0000 (12:09 -0400)]
doc: specify parallelization in make in tutorial
russ [Tue, 5 Jul 2022 16:03:22 +0000 (12:03 -0400)]
gid: upper bound changed to match event_filter and rate_filter implementation limits
Ron Dempster (rdempste) [Fri, 5 Aug 2022 14:37:00 +0000 (10:37 -0400)]
reputation: make reputation handle flow setup, reloaded, and packet without flow events
Ron Dempster (rdempste) [Fri, 5 Aug 2022 14:38:01 +0000 (10:38 -0400)]
managers: only publish the reloaded flow event for existing flows with an old policy
Ron Dempster (rdempste) [Wed, 3 Aug 2022 18:08:12 +0000 (14:08 -0400)]
appid: do not clear client version when deleting appid session data
Ron Dempster (rdempste) [Wed, 3 Aug 2022 18:07:17 +0000 (14:07 -0400)]
flow: fix deferred trust for trust followed by defer
Steve Chew [Wed, 10 Aug 2022 16:08:56 +0000 (12:08 -0400)]
build: generate and tag 3.1.39.0
Oleksandr Serhiienko [Thu, 4 Aug 2022 09:51:17 +0000 (12:51 +0300)]
utils: fix JS split to reflect tokens correction and re-normalization
Steven Baigal (sbaigal) [Wed, 3 Aug 2022 18:27:14 +0000 (14:27 -0400)]
cmake: add --enable-luajit-static option to enable LuaJit linked statically
Juweria Ali Imran [Mon, 1 Aug 2022 14:45:06 +0000 (10:45 -0400)]
rna: Added log message for missing 'rna.conf' path
Pull request #3542: ips_options: remove obfuscate_pii caching in sd_pattern option
Merge in SNORT/snort3 from ~VHORBATO/snort3:pii_cache to master
Squashed commit of the following:
commit
38ecd019f507df15b9411a265099f81f7dc307b9
Author: Vitalii <vhorbato@cisco.com>
Date: Wed Aug 3 17:18:27 2022 +0300
ips_options: remove obfuscate_pii caching in sd_pattern option
Pull request #3537: JS Normalizer: Escaped JavaScript Identifiers
Merge in SNORT/snort3 from ~OSERHIIE/snort3:js_unescape_ident to master
Squashed commit of the following:
commit
2b192d53735b7f6b346c17581adc28c1ee395b56
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Aug 1 11:16:11 2022 +0300
utils: fix compilation warning [-Wcomma]
commit
ad2285d11ea0b1408937a7688179e7d65946031f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Aug 1 11:15:00 2022 +0300
utils: validate escaped JavaScript identifiers
Michael Matirko [Mon, 25 Jul 2022 15:51:17 +0000 (11:51 -0400)]
netflow: pass a flag if the initiator and responder were swapped
Maya Dagon [Mon, 1 Aug 2022 14:46:11 +0000 (10:46 -0400)]
http_inspect: request and response shouldn't be available for pkt_data
Ron Dempster (rdempste) [Mon, 1 Aug 2022 21:54:10 +0000 (17:54 -0400)]
main, managers: remove the reload_module command
Pull request #3532: parser: remove 138 from builtin GID exceptions
Merge in SNORT/snort3 from ~VHORBATO/snort3:sd_exc to master
Squashed commit of the following:
commit
2ae8f773e1afbc889c69fc283b28d9f3d31e1825
Author: Vitalii <vhorbato@cisco.com>
Date: Mon Jul 25 13:43:35 2022 +0300
parser: remove 138 from builtin GID exceptions
russ [Thu, 28 Jul 2022 13:44:42 +0000 (09:44 -0400)]
build: generate and tag 3.1.38.0
Adrian Mamolea [Tue, 19 Jul 2022 18:34:22 +0000 (14:34 -0400)]
http2_inspect: add support for GOAWAY frames
Sreeja Athirkandathil Narayanan [Thu, 7 Jul 2022 17:29:33 +0000 (13:29 -0400)]
appid: restart inspection for ssl session inside http tunnel
Pull request #3520: Fix tsan warning
Merge in SNORT/snort3 from ~VHORBAN/snort3:fix_tsan_warning to master
Squashed commit of the following:
commit
2b4ebd297a3b7088f6b4ba46e1b12698d876423f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Sat Jul 16 18:41:34 2022 +0300
utils: add static initialization of norm_names
commit
217831f9c1de3ea40bde105c7efc92e742447941
Author: Volodymyr Horban <vhorban@cisco.com>
Date: Mon Jul 18 15:20:58 2022 +0300
http_inspect: remove dependency of JS normalization depth on HTTP depth
Pull request #3511: detection: fix the bug with qualified events
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:detection_child_bug to master
Squashed commit of the following:
commit
5e7bd568b6dd21556bcb305f5f02366e374877ee
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Jul 6 18:52:38 2022 +0300
detection: separate the branch/leaf result to different variables
Evaluation function's return value is for branch results,
while the flag in eval_data is for leaf results.
Pull request #3525: http_inspect: script tag type check
Merge in SNORT/snort3 from ~ASERBENI/snort3:script_mime to master
Squashed commit of the following:
commit
8b16e57c27cc3ce8dfce56fbe29a8876f8eadb2d
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Fri Jul 22 13:10:35 2022 +0300
http_inspect: add more explicit js type values to otag type check
Vitalii [Fri, 15 Jul 2022 14:54:43 +0000 (17:54 +0300)]
snort2lua: change the conversion of sensitive data rules
Pull request #3527: JavaScript Normalizer: normalize JavaScript after opening tag
Merge in SNORT/snort3 from ~OSERHIIE/snort3:js_fix_otag to master
Squashed commit of the following:
commit
28534c108a56e40b76310a6076820739b82e7e4a
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Jul 19 20:53:56 2022 +0300
utils: continue JS normalization after opening tag seen
* utils: normalize JavaScript after any opening tag seen
* utils: re-normalize explicit opening tag by common rules
* utils: throw opening tag built-in alert for inline scripts only
* utils: remove opening tag return code
* http_inspect: do not stop normalization in case of opening script tag
* http_inspect: update trace messages
Steven Baigal (sbaigal) [Fri, 22 Jul 2022 22:04:02 +0000 (22:04 +0000)]
Pull request #3528: stream: Removed all instances of 'cap_weight' config parameter
Merge in SNORT/snort3 from ~JALIIMRA/snort3:cap_weight to master
Squashed commit of the following:
commit
a84b7ca578ed80e247a64ef8fa729623c0a740b9
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Mon Jul 18 16:17:20 2022 -0400
stream: Removed all instances of 'cap_weight' config parameter
stream: Removed macro references for 'cap_weight' config parameter
Tom Peters (thopeter) [Fri, 22 Jul 2022 19:55:27 +0000 (19:55 +0000)]
Pull request #3516: http2_inspect: add support for PRIORITY frames
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:priority_frames to master
Squashed commit of the following:
commit
fb64edf07d7b0506cc32513b58612eb8cc57adb1
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Jul 11 12:20:07 2022 -0400
http2_inspect: add support for PRIORITY frames
Tom Peters (thopeter) [Fri, 22 Jul 2022 18:20:21 +0000 (18:20 +0000)]
Pull request #3506: http_inspect directly calls detection
Merge in SNORT/snort3 from ~THOPETER/snort3:nhttp164 to master
Squashed commit of the following:
commit
0b70bc4f11ef4639ef8fa5cd33bcfd9b0d80b57d
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jun 27 13:19:09 2022 -0400
http_inspect: directly call detection
commit
792288626c150c068752c053d2de20d39845c74b
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 5 16:15:35 2022 -0400
http2_inspect: Interface to http_inspect now uses real reassembled packet
Ron Dempster (rdempste) [Thu, 21 Jul 2022 17:06:55 +0000 (17:06 +0000)]
Pull request #3521: pub_sub: add definitions for ssl block and block with reset messages
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:event_driven_xff to master
Squashed commit of the following:
commit
94cd95079f8377ae56dc8b2750afcbe539f09476
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jul 15 07:42:53 2022 -0400
pub_sub: add definitions for ssl block and block with reset messages
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 20 Jul 2022 21:53:07 +0000 (21:53 +0000)]
Pull request #3524: appid: set persistent flag for sunrpc expected session
Merge in SNORT/snort3 from ~SATHIRKA/snort3:persistent_flag_sunrpc_ff to master
Squashed commit of the following:
commit
16568a1b61156bc63a96accb373e42f53b9e75e6
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Jul 18 13:32:32 2022 -0400
appid: set persistent flag for sunrpc expected session
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 20 Jul 2022 20:47:45 +0000 (20:47 +0000)]
Pull request #3514: appid: send more packets to third-party for FTP user name extraction
Merge in SNORT/snort3 from ~BSACHDEV/snort3:ftp_uname to master
Squashed commit of the following:
commit
e6475795888c007ad66de2985bfc6fbef482561d
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Jul 11 16:51:50 2022 -0400
appid: send more packets to third-party for FTP user name extraction
Russ Combs (rucombs) [Tue, 19 Jul 2022 10:42:26 +0000 (10:42 +0000)]
Pull request #3522: build: generate and tag 3.1.37.0
Merge in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.37.0 to master
Squashed commit of the following:
commit
8c50976531c3012679e8c982d32e1b8f1689ad80
Author: russ <rucombs@cisco.com>
Date: Mon Jul 18 16:27:54 2022 -0400
build: generate and tag 3.1.37.0
Pull request #3518: utils: fix Unicode LS PS handling in JavaScript
Merge in SNORT/snort3 from ~OSERHIIE/snort3:js_fix_lsps to master
Squashed commit of the following:
commit
0a5bd2f42ba011e233b4e4cef21e7530f005b97f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jul 14 13:58:19 2022 +0300
utils: fix Unicode LS PS handling in JavaScript
Steven Baigal (sbaigal) [Fri, 15 Jul 2022 17:39:14 +0000 (17:39 +0000)]
Pull request #3504: print LogMessage in reputation only when in verbose mode
Merge in SNORT/snort3 from ~ALLEWI/snort3:print_reputation_verbose to master
Squashed commit of the following:
commit
75b02e22b601500d660eb342215159b5e1bc5551
Author: allewi@cisco.com <allewi@cisco.com>
Date: Wed Jul 6 17:43:49 2022 -0400
reputation: print LogMessage in reputation only when in verbose mode
Steve Chew (stechew) [Thu, 14 Jul 2022 19:10:34 +0000 (19:10 +0000)]
Pull request #3517: build: generate and tag 3.1.36.0
Merge in SNORT/snort3 from ~STECHEW/snort3:build_3.1.36.0 to master
Squashed commit of the following:
commit
62aaa4fecbcb95dfcaa548907ab43cc0bb48f3df
Author: Steve Chew <stechew@cisco.com>
Date: Thu Jul 14 13:56:24 2022 -0400
build: generate and tag 3.1.36.0
Pull request #3509: JS_Norm: distinct arrow functions handling
Merge in SNORT/snort3 from ~ASERBENI/snort3:arrow_scope to master
Squashed commit of the following:
commit
fa93f3dd0ff971447de8b2d85876b514a33dee85
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 11 15:31:19 2022 +0300
utils: fix arrow functions parsing
Pull request #3495: Fix clearing peg counters on sum_stats
Merge in SNORT/snort3 from ~VHORBATO/snort3:peg_count_sum to master
Squashed commit of the following:
commit
897cb567559ca5739e307e6531a411d68c6b831d
Author: Vitalii <vhorbato@cisco.com>
Date: Fri Jul 1 16:54:30 2022 +0300
normalizer: make normalizer and tcp_normalizer peg counts shared
commit
99ebc98d1fb649acfa052da5cf03126a4746f670
Author: Vitalii <vhorbato@cisco.com>
Date: Fri Jul 1 16:50:06 2022 +0300
stream: fix stats cleanup
commit
ce477b1c3ccc00d4d293a6e79fd15475bed7308e
Author: Vitalii <vhorbato@cisco.com>
Date: Fri Jul 1 16:49:36 2022 +0300
dce_smb: fix stats cleanup
commit
7d1e38d5a94bff506237a06fa7626c113cf5ba50
Author: Vitalii <vhorbato@cisco.com>
Date: Thu Jun 30 20:06:00 2022 +0300
appid: fix stats cleanup
commit
e0bd6f142fa2ee9e81dc8038eb4a88d5c104c357
Author: Vitalii <vhorbato@cisco.com>
Date: Thu Jun 30 20:05:43 2022 +0300
file_api: fix stats cleanup
Tom Peters (thopeter) [Mon, 11 Jul 2022 20:43:04 +0000 (20:43 +0000)]
Pull request #3503: http_inspect: do not abort midstream pickups
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:midstream_pickup to master
Squashed commit of the following:
commit
bc82cbb5677d46a254251022c7aebf01625a05c9
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri Jul 1 15:36:43 2022 -0400
http_inspect: do not abort midstream pickups
Pull request #3493: JS Normalizer: fix decimal number pattern
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:jsn_fix_id to master
Squashed commit of the following:
commit
25041bc840a69dff344199c1ab86e315edfea5f7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Jul 1 15:06:01 2022 +0300
utils: fix parsing of decimal number literals
Russ Combs (rucombs) [Fri, 8 Jul 2022 18:17:15 +0000 (18:17 +0000)]
Pull request #3507: build: generate and tag 3.1.35.0
Merge in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.35.0 to master
Squashed commit of the following:
commit
5274ec47130aff36ec8edea62cb0a6c0c6ebb2b3
Author: russ <rucombs@cisco.com>
Date: Fri Jul 8 14:08:49 2022 -0400
build: generate and tag 3.1.35.0
Russ Combs (rucombs) [Fri, 8 Jul 2022 17:25:43 +0000 (17:25 +0000)]
Pull request #3505: sandbox: must propagate file_id for includer logic
Merge in SNORT/snort3 from ~RUCOMBS/snort3:quick_sand to master
Squashed commit of the following:
commit
94541d79e83322cf81f0bdf87b6ad7803947f024
Author: russ <rucombs@cisco.com>
Date: Fri Jul 8 12:17:56 2022 -0400
sandbox: must propagate file_id for includer logic
Russ Combs (rucombs) [Thu, 7 Jul 2022 18:37:03 +0000 (18:37 +0000)]
Pull request #3501: build: generate and tag 3.1.34.0
Merge in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.34.0 to master
Squashed commit of the following:
commit
3638397d75a75c46d6691ebf9cf80aab9b7c2ec7
Author: russ <rucombs@cisco.com>
Date: Thu Jul 7 12:10:19 2022 -0400
build: generate and tag 3.1.34.0
Russ Combs (rucombs) [Thu, 7 Jul 2022 13:34:04 +0000 (13:34 +0000)]
Pull request #3496: file_id: fix rules_file path resolution
Merge in SNORT/snort3 from ~RUCOMBS/snort3:file_magic_path to master
Squashed commit of the following:
commit
07d6ee41b541ffa39b5d4be6c9f034f104246431
Author: russ <rucombs@cisco.com>
Date: Wed Jul 6 15:39:01 2022 -0400
file_id: fix rules_file path resolution
Steven Baigal (sbaigal) [Tue, 5 Jul 2022 14:21:52 +0000 (14:21 +0000)]
Pull request #3485: Fix config logger
Merge in SNORT/snort3 from ~VHORBAN/snort3:fix_config_logger to master
Squashed commit of the following:
commit
4ce90eea0b6b7c75f4321c3cabdc6781178291a9
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Jun 15 17:21:26 2022 +0300
build: remove unnecessary type casts
commit
6cda44321578d31de30524a5b8a50ce7713ecea9
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Jun 15 17:02:52 2022 +0300
log: add log_value and log_limit overloads with built-in integer types
Using built-in integer types in overloads of ConfigLogger::log_value
and ConfigLogger::log_limit resolves possible ambiguity over different
platforms in case of platform-dependent integer types like size_t
Steven Baigal (sbaigal) [Tue, 5 Jul 2022 14:19:24 +0000 (14:19 +0000)]
Pull request #3492: utils: make shutdown timing stats more precise (github PR #184)
Merge in SNORT/snort3 from ~ASERBENI/snort3:github_issue_184 to master
Squashed commit of the following:
commit
776e276faf3cc86b3d9cd3675cca558a24271e57
Author: trevor tao <trevor.tao@arm.com>
Date: Mon May 24 21:09:15 2021 +0800
utils: make shutdown timing stats more precise
Thanks to trevor tao <trevor.tao@arm.com> for the update.
Tom Peters (thopeter) [Fri, 1 Jul 2022 20:40:36 +0000 (20:40 +0000)]
Pull request #3483: http2_inspect: consider continuation when checking headers length
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:scan_total to master
Squashed commit of the following:
commit
7e8952c3a39590fd7dff1d637b189ded8da70ce9
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Jun 22 11:27:53 2022 -0400
http2_inspect: consider continuation when checking headers length
Bhargava Jandhyala (bjandhya) [Fri, 1 Jul 2022 15:35:08 +0000 (15:35 +0000)]
Pull request #3489: dce_rpc: set presistent flag for dcerpc pinhole session
Merge in SNORT/snort3 from ~PRERAMA2/snort3:pinhole_flag to master
Squashed commit of the following:
commit
eddf849fc2839626dec59918da7f8e42351502e8
Author: Preethi Ramachandra <prerama2@cisco.com>
Date: Wed Jun 29 12:04:01 2022 +0530
dce_rpc: set presistent flag for dcerpc pinhole session
Mike Stepanek (mstepane) [Thu, 30 Jun 2022 12:57:36 +0000 (12:57 +0000)]
Pull request #3491: build: generate and tag 3.1.33.0
Merge in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.33.0 to master
Squashed commit of the following:
commit
7937d2f539bd331601f6a7303764766f760e86e1
Author: Mike Stepanek <mstepane@cisco.com>
Date: Thu Jun 30 07:44:50 2022 -0400
build: generate and tag 3.1.33.0
Mike Stepanek (mstepane) [Wed, 29 Jun 2022 20:32:38 +0000 (20:32 +0000)]
Pull request #3490: lua: updating sid and rev fields
Merge in SNORT/snort3 from ~BJANDHYA/snort3:file_magic to master
Squashed commit of the following:
commit
bbdd16189a0bfb454e18fd5a4b5b4c03edbff9e5
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date: Wed Jun 29 15:04:34 2022 -0400
lua: updating sid and rev fields
Mike Stepanek (mstepane) [Wed, 29 Jun 2022 17:06:53 +0000 (17:06 +0000)]
Pull request #3404: File type finding using IPS rules
Merge in SNORT/snort3 from ~BJANDHYA/snort3:poc_file_type to master
Squashed commit of the following:
commit
bc98bab3ec3f6e42ef512f2729c8e8940b49b770
Author: krishnakanth <vkambala@cisco.com>
Date: Mon Jun 27 10:34:11 2022 +0530
framework: update base API version to 14
commit
48da0d392030ec7af45bb0fde117acc2e216d844
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date: Fri Dec 3 06:54:35 2021 -0500
file_api: file type identification over ips engine
modified: src/framework/cursor.cc
Masud Hasan (mashasan) [Tue, 28 Jun 2022 19:28:13 +0000 (19:28 +0000)]
Pull request #3488: netflow: fix v5 header time value
Merge in SNORT/snort3 from ~MMATIRKO/snort3:netflow_odds_and_ends to master
Squashed commit of the following:
commit
6cc63741d7f3cee1d0ce8feb449df868d8b9f947
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Jun 28 14:38:57 2022 -0400
netflow: fix v5 header time value
Tom Peters (thopeter) [Tue, 28 Jun 2022 17:05:00 +0000 (17:05 +0000)]
Pull request #3487: http2_inspect: unit tests depending on REG_TEST
Merge in SNORT/snort3 from ~THOPETER/snort3:nhttp165 to master
Squashed commit of the following:
commit
d3b038594dc5118c6114f29a998f8c71aa4518f1
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jun 27 15:57:42 2022 -0400
http2_inspect: unit tests depending on REG_TEST
Masud Hasan (mashasan) [Tue, 28 Jun 2022 16:55:31 +0000 (16:55 +0000)]
Pull request #3466: rna: allow rna to fire an event when a new netflow connection is detected
Merge in SNORT/snort3 from ~MMATIRKO/snort3:netflow_conn_events to master
Squashed commit of the following:
commit
d5a2c8c4a6217cc3dba89a8b25efae1d72e729f5
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Jun 7 13:37:12 2022 -0400
rna: allow rna to fire an event when a new netflow connection is detected
Mike Stepanek (mstepane) [Mon, 27 Jun 2022 12:22:07 +0000 (12:22 +0000)]
Pull request #3486: wizard: add proto option for wizard
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:wizard_proto to master
Squashed commit of the following:
commit
44c44188e18a24a6744a2b45c9791d8420e9223f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jun 16 17:22:30 2022 +0300
wizard: update wizard's patterns to follow the proto option
Updated framework to parse correctly the patterns in pair with proto
option. For each proto type should be created seperated collection of
patterns based on config file.
Ron Dempster (rdempste) [Mon, 27 Jun 2022 12:21:26 +0000 (12:21 +0000)]
Pull request #3482: ftp_telnet: make active ftp expected session in the correct direction
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:active_ftp to master
Squashed commit of the following:
commit
9067434d7bf6bef3f21f935beb54833a4cdfed50
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jun 17 15:05:18 2022 -0400
ftp_telnet: make active ftp expected session in the correct direction
Mike Stepanek (mstepane) [Mon, 27 Jun 2022 10:47:40 +0000 (10:47 +0000)]
Pull request #3477: Refactor: move trace related files from main to trace folder
Merge in SNORT/snort3 from ~ASERBENI/snort3:trace_refactor to master
Squashed commit of the following:
commit
2e074bcbe3732bdc06c3cc6d2cbfb4c1a80e84a7
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Wed Jun 15 13:34:38 2022 +0300
main: move trace related code to trace folder
Russ Combs (rucombs) [Fri, 24 Jun 2022 21:11:19 +0000 (21:11 +0000)]
Pull request #3484: hyperscan: delete databases upon error
Merge in SNORT/snort3 from ~RUCOMBS/snort3:hs_db_err to master
Squashed commit of the following:
commit
15d0fd1b9fe26fc2cd5b873726f51b013daecc2f
Author: russ <rucombs@cisco.com>
Date: Wed Jun 22 11:11:08 2022 -0400
hyperscan: delete databases upon error
Masud Hasan (mashasan) [Thu, 23 Jun 2022 19:13:43 +0000 (19:13 +0000)]
Pull request #3481: rna: Use the longest user agent fingerprint among multiple matches
Merge in SNORT/snort3 from ~MASHASAN/snort3:longest_ua_match to master
Squashed commit of the following:
commit
b4dbadacd3b980129546806c411de4da6f96e5ff
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Jun 17 10:31:03 2022 -0400
rna: Use the longest user agent fingerprint among multiple matches
Tom Peters (thopeter) [Thu, 23 Jun 2022 16:26:28 +0000 (16:26 +0000)]
Pull request #3461: http_inspect: uniform alerts when splitter aborts
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:uniform_alerts_for_abort to master
Squashed commit of the following:
commit
9a69be6c333453ce2cac6e9df8d06b4008a69653
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu May 26 14:59:09 2022 -0400
http_inspect: uniform alerts when splitter aborts
Steven Baigal (sbaigal) [Thu, 23 Jun 2022 15:14:09 +0000 (15:14 +0000)]
Pull request #3480: Fix SEGFAULT in suppress module
Merge in SNORT/snort3 from ~VHORBAN/snort3:fix_segfauld_in_suppress_module to master
Squashed commit of the following:
commit
a28a35b361421fc8287c1cd896545076a35216c6
Author: Volodymyr Horban <vhorban@cisco.com>
Date: Fri Jun 17 14:46:03 2022 +0300
filters: check if a configured gid value is supported by filter's implementation
Mike Stepanek (mstepane) [Thu, 23 Jun 2022 12:37:40 +0000 (12:37 +0000)]
Pull request #3472: Fix port var not reduced bug
Merge in SNORT/snort3 from ~VHORBAN/snort3:fix_port_var_not_reduse_bug to master
Squashed commit of the following:
commit
73eb4880d0b83dffecf31053d1972c3e656ed42a
Author: Volodymyr Horban <vhorban@cisco.com>
Date: Tue Jun 14 23:25:11 2022 +0300
parser: update do_hash() function to work correctly with port variables
Mike Stepanek (mstepane) [Tue, 21 Jun 2022 12:43:13 +0000 (12:43 +0000)]
Pull request #3471: parser: string-ify ExpandVars
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:expand_vars to master
Squashed commit of the following:
commit
ea934e0f3d339916be87ccc60ffd880eeb06b398
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Jun 14 13:07:24 2022 +0300
parser: use std::string in ExpandVars
Steve Chew (stechew) [Thu, 16 Jun 2022 22:01:53 +0000 (22:01 +0000)]
Pull request #3475: build: generate and tag 3.1.32.0
Merge in SNORT/snort3 from ~STECHEW/snort3:build_3.1.32.0 to master
Squashed commit of the following:
commit
2905c73152e863100139167d5e5efaa5c03a0806
Author: Steve Chew <stechew@cisco.com>
Date: Wed Jun 15 09:58:05 2022 -0400
build: generate and tag 3.1.32.0
Steve Chew (stechew) [Thu, 16 Jun 2022 13:27:55 +0000 (13:27 +0000)]
Pull request #3476: log: Fixed missing include for Clear Linux build.
Merge in SNORT/snort3 from ~STECHEW/snort3:clear_linux_time_fix to master
Squashed commit of the following:
commit
cf68d294a3b41057eb8969f648391c7fc78aadd0
Author: Steve Chew <stechew@cisco.com>
Date: Wed Jun 15 16:44:40 2022 -0400
log: Fixed missing include for Clear Linux build.
Masud Hasan (mashasan) [Tue, 14 Jun 2022 18:13:42 +0000 (18:13 +0000)]
Pull request #3435: stream_tcp: fix splitter abort handling
Merge in SNORT/snort3 from ~SMINUT/snort3:stream_splitter_abort to master
Squashed commit of the following:
commit
286a7c81fcf8209c10a67ee81af5b51891354ca4
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jun 10 18:16:56 2022 -0400
stream_tcp: flip the server_side flag in fallback() and assert what it should be
commit
f5890f307f300c2a71f8c3906ccbf9d19602faf2
Author: Silviu Minut <sminut@cisco.com>
Date: Thu May 19 11:51:29 2022 -0400
stream_tcp: fix splitter abort handling
Mike Stepanek (mstepane) [Tue, 14 Jun 2022 14:13:44 +0000 (14:13 +0000)]
Pull request #3463: Fixit handling
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:fixit_handling to master
Squashed commit of the following:
commit
0941456ee529069d60f8edd1725ccbda3dbfb015
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Jun 7 12:58:02 2022 +0300
utils, parser: remove redundant fixits
Remove FIXIT-L@js_normalizer_test.cc:4249
US created to handle the fixit
Remove FIXIT-M@parser.cc:702
The issue was handled in
2414d8b9d22 ,
but the FIXIT comment was left
Reword FIXIT-M@parse-conf.cc:210
Masud Hasan (mashasan) [Tue, 14 Jun 2022 13:31:09 +0000 (13:31 +0000)]
Pull request #3460: openssl: Openssl minimum version is set to 1.1.1
Merge in SNORT/snort3 from ~OSTEPANO/snort3:openssl_version_check to master
Squashed commit of the following:
commit
08d6c9f9168f357f3c245c110864dc253fdb9b18
Author: ostepano <ostepano@cisco.com>
Date: Mon Jun 6 09:14:36 2022 -0400
openssl: Openssl minimum version is set to 1.1.1
Mike Stepanek (mstepane) [Tue, 14 Jun 2022 12:40:12 +0000 (12:40 +0000)]
Pull request #3470: detection: remove redundant FIXIT
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:detection_fix to master
Squashed commit of the following:
commit
f80bb5d5b3bdf39b8ccbb5c9ef2789917571cf8a
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Jun 8 16:09:10 2022 +0300
detection: remove redundant FIXIT
Mike Stepanek (mstepane) [Tue, 14 Jun 2022 11:07:39 +0000 (11:07 +0000)]
Pull request #3468: ips_options: improve code coverage
Merge in SNORT/snort3 from ~ASERBENI/snort3:ips_options_cov to master
Squashed commit of the following:
commit
e560ef95fb156dc6ddfdf8844f3a50fbbc5f4fa7
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Thu Jun 9 11:24:44 2022 +0300
ips_options: improve ips_hash and ips_cvs code coverage
Mike Stepanek (mstepane) [Mon, 13 Jun 2022 10:39:20 +0000 (10:39 +0000)]
Pull request #3464: JS Normalizer: fix regex literal parsing
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:js_regex_fix to master
Squashed commit of the following:
commit
a819e45513bfdde092a859b5f0234e706e3c15a7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 9 15:03:19 2022 +0300
utils: remove redundant checks in regex groups
In regex literal a group and a character class do not intersect.
commit
70ede6db27e10957b7464587734e54502676c597
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 9 13:35:30 2022 +0300
utils: remove curly brace parsing from regex literals
Curly braces inside a regex literal are not a point of interest, since they
don't form a class or a group.
Shanmugam S (shanms) [Fri, 10 Jun 2022 13:30:29 +0000 (13:30 +0000)]
Pull request #3469: ftp_telnet: handle all space characters as a separator between FTP request command and arguments
Merge in SNORT/snort3 from ~ABHPAL/snort3:ftp_no_encrypt to master
Squashed commit of the following:
commit
4ef21c0f3c7b90b57c42d6075add9f80029e1ae4
Author: Abhijit Pal(abhpal) <abhpal@cisco.com>
Date: Fri Jun 10 13:59:41 2022 +0530
ftp_telnet: handle all space characters as a seperator between FTP request command and arguments
Shanmugam S (shanms) [Fri, 10 Jun 2022 05:37:23 +0000 (05:37 +0000)]
Pull request #3458: ftp_telnet: correct the implementation for check_encrypted and encrypted_data config, handle form-feed as non-encrypted traffic
Merge in SNORT/snort3 from ~ABHPAL/snort3:ftp_no_encrypt to master
Squashed commit of the following:
commit
a32b054c106c71b116ef7c7ec279ad877cadce6a
Author: Abhijit Pal(abhpal) <abhpal@cisco.com>
Date: Tue Jun 7 10:48:05 2022 +0530
ftp_telnet: correct the implementation for check_encrypted and encrypted_data config, handle form-feed as non-encrypted traffic
Masud Hasan (mashasan) [Thu, 9 Jun 2022 19:16:05 +0000 (19:16 +0000)]
Pull request #3462: netflow: supporting memcap reconfiguration upon reload
Merge in SNORT/snort3 from ~MASHASAN/snort3:netflow_reload to master
Squashed commit of the following:
commit
653f9bee6693c19554061c1297db0236687172be
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Jun 3 21:53:43 2022 -0400
netflow: supporting memcap reconfiguration upon reload
Mike Stepanek (mstepane) [Wed, 8 Jun 2022 10:54:40 +0000 (10:54 +0000)]
Pull request #3455: JS Normalizer: add explicit check for HTML script opening tag ending
Merge in SNORT/snort3 from ~OSERHIIE/snort3:js_inline_scripts to master
Squashed commit of the following:
commit
f8e2c07bc730f705941d659fb8eb2e70c8e4c00d
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jun 2 15:28:06 2022 +0300
http_inspect: add explicit check for HTML script opening tag ending
Mike Stepanek (mstepane) [Wed, 8 Jun 2022 10:19:22 +0000 (10:19 +0000)]
Pull request #3459: wizard: Use const reference instead of copying
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:wizard_vtune_perf_fix to master
Squashed commit of the following:
commit
b08b178af712f78da901496e6252b21f0c4037e8
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Jun 7 13:04:19 2022 +0300
wizard: use const reference instead of copying
Tom Peters (thopeter) [Tue, 7 Jun 2022 19:16:39 +0000 (19:16 +0000)]
Pull request #3457: Mime phase 2
Merge in SNORT/snort3 from ~THOPETER/snort3:mime_phase_2 to master
Squashed commit of the following:
commit
fe36683acc1a83d5e93ce55ab806ce0c9edcf8f0
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jun 6 16:20:52 2022 -0400
http_inspect: remove unneeded header inclusions and improve cleanup before trailers
commit
39da40c13fb24edd3204b7a780cd597d6832b29f
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jun 3 13:50:16 2022 -0400
mime: cleanup
Mike Stepanek (mstepane) [Tue, 7 Jun 2022 13:13:23 +0000 (13:13 +0000)]
Pull request #3454: modules: resolve int type mismatch in config options
Merge in SNORT/snort3 from ~VHORBATO/snort3:opt_ranges to master
Squashed commit of the following:
commit
5e068e9c20ff3c5871aa423a54d3677a9ac1f058
Author: Vitalii <vhorbato@cisco.com>
Date: Thu Jun 2 16:40:07 2022 +0300
modules: resolve int type mismatch in config options
- dce_smb: reduce smb_max_credit range to avoid uint16_t overflow
- profiler: fix issue with negative number cast to unsigned for max_depth
- rna: reduce range for ttl, fix cast for df, minor and major options
Thanks to liangxwa01 for pointing this out!
Pranav Bhalerao (prbhaler) [Tue, 7 Jun 2022 09:30:18 +0000 (09:30 +0000)]
Pull request #3448: Ips bug port
Merge in SNORT/snort3 from ~KDEWANGA/snort3:ips_bug_port to master
Squashed commit of the following:
commit
f55b2bc2a1e3384cd53f4fed5c2c797ec31fc73f
Author: kdewanga <kdewanga@cisco.com>
Date: Sun May 22 10:38:38 2022 +0000
logger: added reload function to create new files when snort reloads
Masud Hasan (mashasan) [Tue, 7 Jun 2022 04:04:32 +0000 (04:04 +0000)]
Pull request #3440: Netflow host/service discovery
Merge in SNORT/snort3 from ~MMATIRKO/snort3:netflow_disco to master
Squashed commit of the following:
commit
60339cfeb1a5142a114415a1f451c752bb614297
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed May 11 16:11:33 2022 -0400
netflow: implement RNA integration for host/service discovery
Masud Hasan (mashasan) [Mon, 6 Jun 2022 20:46:46 +0000 (20:46 +0000)]
Pull request #3456: appid: config for logging eve process to client mappings
Merge in SNORT/snort3 from ~SATHIRKA/snort3:eve_process_client_mapping_log to master
Squashed commit of the following:
commit
d30d6a49e5e64f14b96d461eb9d284ebf6d9a2ce
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jun 3 15:02:36 2022 -0400
appid: config for logging eve process to client mappings
projects / thirdparty / snort3.git / log
