]>
git.ipfire.org Git - thirdparty/snort3.git/log
Mike Stepanek (mstepane) [Thu, 16 Sep 2021 15:18:15 +0000 (15:18 +0000)]
Merge pull request #3058 in SNORT/snort3 from ~SVLASIUK/snort3:clang_tests_fix to master
Squashed commit of the following:
commit
5e0b2df7cce8a2dd802bf41fa7c3af47c7120e76
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Wed Sep 8 17:11:02 2021 +0300
utils: avoid using pubsetbuf which is STL implementation dependent
Masud Hasan (mashasan) [Thu, 16 Sep 2021 00:07:58 +0000 (00:07 +0000)]
Merge pull request #3057 in SNORT/snort3 from ~SMINUT/snort3:tcp_session_timeout to master
Squashed commit of the following:
commit
c4a246fa22f060d6201b8ec2427d864a1de7ab0c
Author: Silviu Minut <sminut@cisco.com>
Date: Mon Sep 13 13:10:26 2021 -0400
stream: change session_timeout default for tcp, ip, icmp and user
Mike Stepanek (mstepane) [Wed, 15 Sep 2021 14:47:26 +0000 (14:47 +0000)]
Merge pull request #3059 in SNORT/snort3 from ~OSERHIIE/snort3:fix_typo to master
Squashed commit of the following:
commit
ccc93065764b03a0941dc590dcf4fbf8b8d1c777
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Sep 15 13:07:35 2021 +0300
utils: fix typo in js_normalizer_test
Tom Peters (thopeter) [Tue, 14 Sep 2021 20:04:37 +0000 (20:04 +0000)]
Merge pull request #3053 in SNORT/snort3 from ~KATHARVE/snort3:file_new_api_http to master
Squashed commit of the following:
commit
e3fa45d99222f475663ab5ed74f906179dedf8c2
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Sep 3 11:48:51 2021 -0400
http_inspect: pass file_api the uri with the filename and extract the filename from the uri path
commit
e2811f85a07a783cd88e55206d4bd5baf4817e08
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Sep 1 07:29:44 2021 -0400
file_api: new api added for url
Signed-off-by: bsachdev <bsachdev@cisco.com>
Bhargava Jandhyala (bjandhya) [Tue, 14 Sep 2021 06:33:00 +0000 (06:33 +0000)]
Merge pull request #3051 in SNORT/snort3 from ~BSACHDEV/snort3:smb_crash to master
Squashed commit of the following:
commit
8ce04eac431afcc03615fd2e6cda04d6a88522d3
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Sep 8 00:43:10 2021 -0400
smb: added a null check when current_flow is not present
Signed-off-by: bsachdev <bsachdev@cisco.com>
Bhargava Jandhyala (bjandhya) [Mon, 13 Sep 2021 05:44:54 +0000 (05:44 +0000)]
Merge pull request #3055 in SNORT/snort3 from ~BSACHDEV/snort3:old_commit to master
Squashed commit of the following:
commit
e739ce037ad55f14198c92d5d2537bca5b3cdcfa
Author: bsachdev <bsachdev@cisco.com>
Date: Thu Sep 9 11:14:37 2021 -0400
Revert "Merge pull request #2916 in SNORT/snort3 from ~DIPANDIT/snort3:flow_from_file_context to master"
This reverts commit
1c499b3816b3f1435d2b56f5ee0912bd0586cc68 .
Russ Combs (rucombs) [Thu, 9 Sep 2021 13:03:50 +0000 (13:03 +0000)]
Merge pull request #3052 in SNORT/snort3 from ~RUCOMBS/snort3:snort2lua_version to master
Squashed commit of the following:
commit
1d21d526cceb9298793a9edc73a40c7d88077530
Author: Alessandro Pisani <alessandropisani19@gmail.com>
Date: Wed Sep 8 00:32:15 2021 -0700
snort2lua: Fixed version output (issue #213)
Thanks to A-Pisani for the fix.
Mike Stepanek (mstepane) [Thu, 9 Sep 2021 12:24:48 +0000 (12:24 +0000)]
Merge pull request #3048 in SNORT/snort3 from ~OSERHIIE/snort3:doc_catch_benchmark to master
Squashed commit of the following:
commit
ab7f95b9bd22a757db2d6649721b13c4815d92f7
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Sep 7 22:01:32 2021 +0300
doc: update user tutorial with '--enable-benchmark-tests' option
Mike Stepanek (mstepane) [Thu, 9 Sep 2021 12:22:57 +0000 (12:22 +0000)]
Merge pull request #3045 in SNORT/snort3 from ~OSERHIIE/snort3:catch_benchmark to master
Squashed commit of the following:
commit
fad1033e09ad17dd0d52c9f351770cc066e763b3
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Sep 7 21:53:26 2021 +0300
utils: add reference and description for ClamAV test cases
commit
4e4d7fe2d3f4e97128331b0319d97b3a3d72bef1
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Sep 1 16:41:19 2021 +0300
utils: add benchmark tests for JSNormalizer
commit
2a9ad15365ed73732ff0777886e1fbc239efbf72
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Aug 30 12:59:31 2021 +0300
catch: enable benchmarking
Mike Stepanek (mstepane) [Thu, 9 Sep 2021 12:16:03 +0000 (12:16 +0000)]
Merge pull request #3047 in SNORT/snort3 from ~YVELYKOZ/snort3:time_t_fix_freebsd to master
Squashed commit of the following:
commit
d53766499ed4ffd57a1a401ce3b65f55656fa1bb
Author: Vitalii <vhorbato@cisco.com>
Date: Tue Sep 7 18:00:45 2021 +0300
control: explicitly include ctime header in control.h
Tom Peters (thopeter) [Wed, 8 Sep 2021 23:17:38 +0000 (23:17 +0000)]
Merge pull request #3049 in SNORT/snort3 from ~THOPETER/snort3:nhttp159 to master
Squashed commit of the following:
commit
c11ec4a9e5280dafeb1bb33ade3dcad61583fca4
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Sep 3 14:32:01 2021 -0400
http_inspect: http_raw_trailer fast pattern
Russ Combs (rucombs) [Wed, 8 Sep 2021 18:03:37 +0000 (18:03 +0000)]
Merge pull request #3044 in SNORT/snort3 from ~RUCOMBS/snort3:shock_top to master
Squashed commit of the following:
commit
85b754bcf81f1444e34ade76f35a6c574e33ccb8
Author: russ <rucombs@cisco.com>
Date: Fri Aug 27 17:13:10 2021 -0400
stream: fix session timeout of expired flows
commit
bbce60041761886c547ef3790a5a17ba29260d96
Author: russ <rucombs@cisco.com>
Date: Thu Aug 26 18:24:46 2021 -0400
detection: add fast patterns only once per service group
Mike Stepanek (mstepane) [Wed, 8 Sep 2021 17:47:58 +0000 (17:47 +0000)]
Merge pull request #3050 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.12.0 to master
Squashed commit of the following:
commit
681fe9c6a11db766ac04a96e183d2e0b192946be
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Sep 8 06:43:19 2021 -0400
build: generate and tag 3.1.12.0
Masud Hasan (mashasan) [Tue, 7 Sep 2021 22:57:35 +0000 (22:57 +0000)]
Merge pull request #3006 in SNORT/snort3 from ~MASHASAN/snort3:tcp_queue_limit to master
Squashed commit of the following:
commit
2f3254c69d4a43567561a58be055623abbcb229a
Author: russ <rucombs@cisco.com>
Date: Mon Aug 16 12:53:36 2021 -0400
stream_tcp: add pegs for maximum observed queue size
commit
6369d870a5914eee19deee4af0c927ea93ae09a8
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed Aug 18 11:09:00 2021 -0400
stream_tcp: Set sequence number in trimmed packets up to the queue limit and increase defaults
commit
515a0150397fd289eb5fff9135fdfc306411a63d
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jul 26 01:00:38 2021 -0400
stream_tcp: Normalize data when queue limits are enabled
commit
47c851ff0db0019bcd16a8f40fd9555fd9455fb9
Author: russ <rucombs@cisco.com>
Date: Fri Jul 30 10:43:34 2021 -0400
stream_tcp: only update window on right edge acks
Mike Stepanek (mstepane) [Tue, 7 Sep 2021 15:52:14 +0000 (15:52 +0000)]
Merge pull request #3039 in SNORT/snort3 from ~OSHUMEIK/snort3:js_trace to master
Squashed commit of the following:
commit
e3a3e9bdb3fe9939334474775fc323bf38280fad
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Aug 20 18:07:16 2021 +0300
http_inspect: enable traces for JS Normalizer
This presents Trace framework to NHI.
Dev/User documentation updated with config option description and
trace verbosity levels.
Mike Stepanek (mstepane) [Tue, 31 Aug 2021 09:54:37 +0000 (09:54 +0000)]
Merge pull request #3040 in SNORT/snort3 from ~OSERHIIE/snort3:perf to master
Squashed commit of the following:
commit
ce52f396cb63d4db814560cd2964813032c134c0
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Aug 25 02:17:08 2021 +0300
http_inspect: reduce void space in HttpFlowData
In order to reduce LLC-load-misses and improve performance,
the HttpFlowData fields were reordered to cut out the void space
Tom Peters (thopeter) [Fri, 27 Aug 2021 17:59:08 +0000 (17:59 +0000)]
Merge pull request #3037 in SNORT/snort3 from ~MDAGON/snort3:w_cookies to master
Squashed commit of the following:
commit
67af4c4f35b7c61a53ef9ac5e5653348420cd4ab
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon Aug 23 09:53:15 2021 -0400
http_inspect: http_raw_header includes cookies
Brian Morris (bmorris2) [Fri, 27 Aug 2021 17:39:33 +0000 (17:39 +0000)]
Merge pull request #3033 in SNORT/snort3 from ~RAMANKS/snort3:nat66 to master
Squashed commit of the following:
commit
83111633eb3dc9fae737690f3a26380e0e3c73d6
Author: Raman Krishnan <ramanks@cisco.com>
Date: Thu Aug 19 14:18:00 2021 -0700
decoder: icmp6: use source and destination addresses from packet to compute icmp6 checksum when NAT is in effect
Steve Chew (stechew) [Thu, 26 Aug 2021 19:17:41 +0000 (19:17 +0000)]
Merge pull request #3041 in SNORT/snort3 from ~STECHEW/snort3:build_3.1.11.0 to master
Squashed commit of the following:
commit
b6adb6b8f275d005823b0932758e45fd42424650
Author: Steve Chew <stechew@cisco.com>
Date: Thu Aug 26 11:34:45 2021 -0400
build: generate and tag 3.1.11.0
Russ Combs (rucombs) [Wed, 25 Aug 2021 23:17:02 +0000 (23:17 +0000)]
Merge pull request #3021 in SNORT/snort3 from ~RUCOMBS/snort3:action_map to master
Squashed commit of the following:
commit
98cbf75ac6c2c93835df7cee33a2914c4e88ee92
Author: russ <rucombs@cisco.com>
Date: Wed Aug 25 17:27:50 2021 -0400
framework: update base API version to 8
commit
63354f132bde27324718640042aed840650db512
Author: russ <rucombs@cisco.com>
Date: Thu Aug 5 10:55:20 2021 -0400
ips: add action_override which applies to all rules
commit
16f24b55aefc2fb995a2f0dd3e842f6645d14b48
Author: russ <rucombs@cisco.com>
Date: Wed Aug 4 15:23:18 2021 -0400
ips: add action_map table to map rule types, eg block -> alert
Russ Combs (rucombs) [Wed, 25 Aug 2021 22:08:24 +0000 (22:08 +0000)]
Merge pull request #3023 in SNORT/snort3 from ~RUCOMBS/snort3:pub_order to master
Squashed commit of the following:
commit
e1f7f82009202b4dd5f3f2f8a72b82b95decc0e6
Author: russ <rucombs@cisco.com>
Date: Wed Aug 25 16:29:47 2021 -0400
framework: update base API version to 7
commit
f465cfcbfeace58569b37b00b62db54daa766ca2
Author: russ <rucombs@cisco.com>
Date: Fri Aug 6 11:40:46 2021 -0400
policy: reorganize for sanity
commit
86df6f2bf31b78cc5251c42df5dbfaa6943b8cc7
Author: russ <rucombs@cisco.com>
Date: Fri Aug 6 11:32:37 2021 -0400
policy: put inspection policy accessors in public space
commit
56a76559b84bff6437f5e412f807ba27c8e3bf98
Author: russ <rucombs@cisco.com>
Date: Sat Jul 31 09:51:31 2021 -0400
data_bus: support ordered call of handlers
Each handler can set a desired order which defaults to zero meaning
last. One would be first, and so on. The sequence in which handlers with
the same order are called is unspecified.
binder sets order 100 for flow setup events to apply policy. (That makes
it effectively first since by default everything else is zero / last.)
plugins which want to predictably set policy on flow setup can run
before or after binder by setting an appropriate order.
Russ Combs (rucombs) [Wed, 25 Aug 2021 21:09:49 +0000 (21:09 +0000)]
Merge pull request #2902 in SNORT/snort3 from ~RUCOMBS/snort3:cleanup to master
Squashed commit of the following:
commit
21d87e82a398504981aafc80de89f7c94ba2ea56
Author: russ <rucombs@cisco.com>
Date: Wed Aug 11 16:23:14 2021 -0400
build: update help for --enable-tsc-clock to include arm
Thanks to liangxwa01 for reporting the issue.
commit
1bc12be15964930e688c8ee28593ba4687e6f21a
Author: russ <rucombs@cisco.com>
Date: Sat Jun 5 20:10:49 2021 -0400
style: remove C style (void) arglists
commit
e03855cbd592afe0717d68cf96157379e61277bc
Author: russ <rucombs@cisco.com>
Date: Sat May 29 05:43:05 2021 -0400
sip: deprecate max_requestName_len in favor of max_request_name_len
commit
ed31851fd733ef36f30042492bc692ae8a73943e
Author: Russ Combs <rucombs@cisco.com>
Date: Fri May 21 11:51:00 2021 -0400
dns, ssh: remove obsolete stream insert checks
commit
18b15b46f42fe83d3ba0bc5da332f951681e8d6d
Author: Russ Combs <rucombs@cisco.com>
Date: Fri May 21 11:45:17 2021 -0400
style: remove or update crufty preprocessor comments
commit
9dfff0600fac18652f3be6a5ee7025b79e04ce92
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 12 15:51:13 2021 -0400
README: mention vars in default config
commit
c6baa917361b3651e30d7ec63f37c696ef29512c
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 12 15:50:17 2021 -0400
lua: update comments in the default config
commit
ad0ae3d85affd820f4534704bca732e2129752ca
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 12 15:24:27 2021 -0400
style: remove crufty comments
Russ Combs (rucombs) [Wed, 25 Aug 2021 20:16:53 +0000 (20:16 +0000)]
Merge pull request #2998 in SNORT/snort3 from ~PRBHALER/snort3:sip to master
Squashed commit of the following:
commit
7a9104eaafb9a37030540bd69a354bd95b371520
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Mon Jul 26 11:13:19 2021 -0400
flow: introduce bidirectional flag for expected session.
Russ Combs (rucombs) [Wed, 25 Aug 2021 19:29:51 +0000 (19:29 +0000)]
Merge pull request #3030 in SNORT/snort3 from ~RUCOMBS/snort3:frag_wiz to master
Squashed commit of the following:
commit
915930c0405ceaa40b6c6ca640160f9bbcc3b0f6
Author: russ <rucombs@cisco.com>
Date: Tue Aug 17 20:23:32 2021 -0400
inspection: process wizard matches on defragged packets
Tom Peters (thopeter) [Tue, 24 Aug 2021 22:08:50 +0000 (22:08 +0000)]
Merge pull request #3038 in SNORT/snort3 from ~KATHARVE/snort3:http_infractions to master
Squashed commit of the following:
commit
bee622927d4fcf9379b28024d0320ad694ac28ef
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Aug 24 15:00:32 2021 -0400
http_inspect: hard-code infraction enum numbers
Tom Peters (thopeter) [Tue, 24 Aug 2021 18:01:50 +0000 (18:01 +0000)]
Merge pull request #3026 in SNORT/snort3 from ~KATHARVE/snort3:perf_builtin to master
Squashed commit of the following:
commit
e50bf65a7c4c0ad53abe230fec94e7f053afb9d9
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Aug 13 12:18:53 2021 -0400
http_inspect: add builtin rule for consecutive commas in accept-encoding header
Tom Peters (thopeter) [Tue, 24 Aug 2021 17:52:30 +0000 (17:52 +0000)]
Merge pull request #3029 in SNORT/snort3 from ~KATHARVE/snort3:norm_config_fix to master
Squashed commit of the following:
commit
72bc20166071cdb6b4b19e97ad1f048793f61887
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Aug 12 17:11:44 2021 -0400
normalize: remove tcp.trim config
Tom Peters (thopeter) [Mon, 23 Aug 2021 20:34:06 +0000 (20:34 +0000)]
Merge pull request #3027 in SNORT/snort3 from ~THOPETER/snort3:nhttp157 to master
Squashed commit of the following:
commit
f9c2cf8e5f7832950c20c2aa049ce37c48b78240
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 8 16:08:50 2021 -0400
http_inspect: two new built-in rules
Tom Peters (thopeter) [Mon, 23 Aug 2021 18:42:21 +0000 (18:42 +0000)]
Merge pull request #3036 in SNORT/snort3 from ~THOPETER/snort3:vers_back to master
Squashed commit of the following:
commit
758a003c2d8f5efd015058c89052ef270b02695c
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Aug 23 13:28:06 2021 -0400
framework: version rollback
Tom Peters (thopeter) [Fri, 20 Aug 2021 22:12:31 +0000 (22:12 +0000)]
Merge pull request #3032 in SNORT/snort3 from ~THOPETER/snort3:nhttp158 to master
Squashed commit of the following:
commit
dc970325178f3d16227e3c1f44f22a32ccb1fa70
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Aug 19 17:23:25 2021 -0400
http_inspect: support more infractions and events
Mike Stepanek (mstepane) [Thu, 19 Aug 2021 14:58:22 +0000 (14:58 +0000)]
Merge pull request #3025 in SNORT/snort3 from ~VHORBATO/snort3:other_methods to master
Squashed commit of the following:
commit
4be7d2ba74641413c7f390345377942f09ed9c29
Author: Vitalii <vhorbato@cisco.com>
Date: Mon Aug 16 13:32:00 2021 +0300
wizard: support more HTTP and SIP methods
Mike Stepanek (mstepane) [Thu, 19 Aug 2021 14:55:45 +0000 (14:55 +0000)]
Merge pull request #3016 in SNORT/snort3 from ~OSHUMEIK/snort3:over_pdus to master
Squashed commit of the following:
commit
2c30e5ef0968f45b98b9618342f5311b32146c97
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jul 26 14:59:35 2021 +0300
utils: support streamed processing of JS text
Unit tests added.
Custom streambuf introduced, so Normalizer will see the next chunk
as a continuation.
The capacity of the tracking stack is set to 8, since Lexer has '.' pattern
for identifiers, and a single character could form a complete token (in Lexer terms).
commit
96f844e272943906c4373790c69f4236a8799be7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Aug 9 14:52:08 2021 +0300
utils: address compiler warning
commit
9511296dd877a85da574b146ef43689713369d41
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jul 26 14:34:35 2021 +0300
http_inspect: check if Normalizer has consumed input
The inspector logic expects that Normalizer must consume input bytes.
If not the normalization is aborted, since there is no other consumer available.
Russ Combs (rucombs) [Thu, 19 Aug 2021 13:06:37 +0000 (13:06 +0000)]
Merge pull request #3031 in SNORT/snort3 from ~RDEMPSTE/snort3:rule_set to master
Squashed commit of the following:
commit
6b3ca22e8a2b259e07236b5c548452757144671b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Aug 18 19:38:24 2021 -0400
flow: set the client initiated flag before publishing the flow state setup event
Tom Peters (thopeter) [Wed, 18 Aug 2021 18:14:00 +0000 (18:14 +0000)]
Merge pull request #3012 in SNORT/snort3 from ~MDAGON/snort3:normalized2 to master
Squashed commit of the following:
commit
7ee4093ba647ab0af9d606c4b122f2ee43f289ca
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon Aug 9 09:33:48 2021 -0400
http_inspect: http_raw_header, http_raw_trailer field support
commit
201821de8e7c23ac00d5305a74e188242e37a04f
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Aug 6 07:09:15 2021 -0400
http_inspect: refactor NormalizedHeader
Bhargava Jandhyala (bjandhya) [Wed, 18 Aug 2021 05:42:11 +0000 (05:42 +0000)]
Merge pull request #3028 in SNORT/snort3 from ~VKAMBALA/snort3:pkt_thread to master
Squashed commit of the following:
commit
a40f41d770a0cee1d574dfb383a53f622decfad7
Author: krishnakanth <vkambala@cisco.com>
Date: Tue Aug 17 04:08:06 2021 -0400
smb: Invoke SMB debug in destructor when packet thread available
Tom Peters (thopeter) [Tue, 17 Aug 2021 19:30:35 +0000 (19:30 +0000)]
Merge pull request #3024 in SNORT/snort3 from ~MDAGON/snort3:modbus to master
Squashed commit of the following:
commit
7acce7440173cad642c64684fabf9c713da42de4
Author: Maya Dagon <mdagon@cisco.com>
Date: Tue Aug 10 13:26:47 2021 -0400
modbus: check record length for write file record command
Mike Stepanek (mstepane) [Tue, 17 Aug 2021 13:28:04 +0000 (13:28 +0000)]
Merge pull request #3004 in SNORT/snort3 from ~DKYRYLOV/snort3:doc_js_norm_template_literals to master
Squashed commit of the following:
commit
d27729bee803b4f869f80ba0ba725da06fe6282d
Author: dkyrylov <dkyrylov@cisco.com>
Date: Thu Jul 29 11:11:52 2021 +0300
doc: Add js_norm_max_template_nesting description
Mike Stepanek (mstepane) [Tue, 17 Aug 2021 13:25:57 +0000 (13:25 +0000)]
Merge pull request #2996 in SNORT/snort3 from ~DKYRYLOV/snort3:js_norm_template_literals to master
Squashed commit of the following:
commit
0272c1a9b1d0b449b197120df5283fef1a9d2ee0
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Jul 21 15:44:37 2021 +0300
http_inspect: Add JavaScript template literals normalization
Tom Peters (thopeter) [Mon, 16 Aug 2021 21:07:28 +0000 (21:07 +0000)]
Merge pull request #3019 in SNORT/snort3 from ~KATHARVE/snort3:inject_fix to master
Squashed commit of the following:
commit
8ae8769a1c706cdc3806bfc19258fa9c57357ae6
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Aug 9 10:41:02 2021 -0400
payload_injector: check if stream is established on flow rather than the packet flag to handle retries
commit
1c061264b0e81afb23ec85b055b546565a081c62
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Aug 9 10:37:45 2021 -0400
stream_tcp: update API called by payload_injector to check for unflushed queued TCP segments
Brian Morris (bmorris2) [Wed, 11 Aug 2021 18:14:37 +0000 (18:14 +0000)]
Merge pull request #3017 in SNORT/snort3 from ~RAMANKS/snort3:geneve to master
Squashed commit of the following:
commit
1bfa47cf887b1f72dd2a324f05a325520793600d
Author: Raman Krishnan <ramanks@cisco.com>
Date: Tue Aug 10 20:00:45 2021 -0700
codec: geneve: fix incorrect parsing of option header length
Mike Stepanek (mstepane) [Wed, 11 Aug 2021 14:13:56 +0000 (14:13 +0000)]
Merge pull request #3018 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.10.0 to master
Squashed commit of the following:
commit
806d5a1481672022a70738ee17506341f1c09ceb
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Aug 11 07:48:19 2021 -0400
build: generate and tag 3.1.10.0
Russ Combs (rucombs) [Tue, 10 Aug 2021 19:58:25 +0000 (19:58 +0000)]
Merge pull request #2946 in SNORT/snort3 from ~BRASTULT/snort3:dns_splitter to master
Squashed commit of the following:
commit
b40a755375381c084237a3113cc74a74857aabb3
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Jun 15 17:31:03 2021 -0400
dns: add DNS splitter
Shravan Rangarajuvenkata (shrarang) [Tue, 10 Aug 2021 11:23:24 +0000 (11:23 +0000)]
Merge pull request #3002 in SNORT/snort3 from ~DANMCGAR/snort3:ssh-bug-fixes to master
Squashed commit of the following:
commit
fc1527ee54af92eea9444658cc3ff6a5df6e3fb2
Author: Daniel McGarvey <danmcgar@cisco.com>
Date: Fri Aug 6 13:57:31 2021 -0400
ssh: handle traffic with invalid version string
commit
dca39e7620d22ea633db0851bc0c4fcc6a6fd8af
Author: Daniel McGarvey <danmcgar@cisco.com>
Date: Fri Aug 6 13:49:26 2021 -0400
ssh: handle version string packets that also contain key exchange data
Mike Stepanek (mstepane) [Mon, 9 Aug 2021 10:32:11 +0000 (10:32 +0000)]
Merge pull request #2993 in SNORT/snort3 from ~OSERHIIE/snort3:doc_js_identifier_norm to master
Squashed commit of the following:
commit
d90e8b5dd8961a932f872b65a97d99c84b8f3443
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jul 22 15:24:21 2021 +0300
doc: update user for identifier normalization
Mike Stepanek (mstepane) [Mon, 9 Aug 2021 10:30:22 +0000 (10:30 +0000)]
Merge pull request #2992 in SNORT/snort3 from ~OSERHIIE/snort3:js_identifier_norm to master
Squashed commit of the following:
commit
6cbd5f096fd4531ec454edbbadc707919258e847
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Jul 12 13:39:20 2021 +0300
http_inspect: add JavaScript identifiers normalization
* utils: add identifiers normalization to js_tokenizer and js_identifier_ctx as a context of identifiers normalization
* utils: adjust js_normalizer_test unit tests
* utils: add js_identifier_ctx_test unit tests
* http_inspect: add js_norm_identifier_depth config option
* http_inspect: add JS_IDENTIFIER_OVERFLOW built-in alert
* http_inspect: add js_identifiers and js_identifier_overflows peg counts
* http_inspect: update dev_notes.txt
Masud Hasan (mashasan) [Fri, 6 Aug 2021 14:50:01 +0000 (14:50 +0000)]
Merge pull request #3010 in SNORT/snort3 from ~MASHASAN/snort3:skip_old_segment to master
Squashed commit of the following:
commit
c5482358cf1437daeab531673b1f96cb96580ea3
Author: Masud Hasan <mashasan@cisco.com>
Date: Sat Jul 24 23:54:31 2021 -0400
stream_tcp: Skip unordered segments if last flushed position already moved past
Shravan Rangarajuvenkata (shrarang) [Thu, 5 Aug 2021 19:36:52 +0000 (19:36 +0000)]
Merge pull request #2986 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_smb_payload_apps_2 to master
Squashed commit of the following:
commit
15b0fda7076f8c35fb4a0ad95c048ed4f40a3889
Author: cljudge <cljudge@cisco.com>
Date: Mon Jul 19 04:41:17 2021 -0400
appid: update netbios-ss (SMB) detector to extract SMB domain from SMBv2, and more intelligently handle payload appid detection.
Shravan Rangarajuvenkata (shrarang) [Thu, 5 Aug 2021 18:53:12 +0000 (18:53 +0000)]
Merge pull request #3007 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_change_req_body to master
Squashed commit of the following:
commit
d2ff026b81050ec472acd1fdb29369a5e4fc23e0
Author: cljudge <cljudge@cisco.com>
Date: Thu Jul 29 10:31:26 2021 -0400
http_inspect: Change the default value of request_body_app_detection config parameter to true.
Shravan Rangarajuvenkata (shrarang) [Thu, 5 Aug 2021 18:43:24 +0000 (18:43 +0000)]
Merge pull request #3001 in SNORT/snort3 from ~SATHIRKA/snort3:sip_odp_reload to master
Squashed commit of the following:
commit
2b6790982998f014959301f7665f05dc388e6996
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jul 16 16:34:12 2021 -0400
appid: use packet thread odp context while creating SIP session
Mike Stepanek (mstepane) [Wed, 4 Aug 2021 16:49:03 +0000 (16:49 +0000)]
Merge pull request #3005 in SNORT/snort3 from ~SVLASIUK/snort3:wizard_options_move to master
Squashed commit of the following:
commit
4781785cec1ec20013758611cea6628db253d5c2
Author: russ <rucombs@cisco.com>
Date: Thu May 6 09:54:51 2021 -0400
wizard: add wizard max_pattern option and update HTTP/SIP aware methods patterns
commit
a80b39187048cbab9bdcb70d59273aff773c7bff
Author: russ <rucombs@cisco.com>
Date: Thu May 6 12:59:33 2021 -0400
smtp: remove unused defines
commit
2bc14ed5ebee6aa818b60959432e0f22fb7651e3
Author: russ <rucombs@cisco.com>
Date: Thu May 6 13:00:16 2021 -0400
telnet: correct help for ayt_attack_thresh
commit
c695c3092b7ef955e81de6090c6d6683e1946195
Author: russ <rucombs@cisco.com>
Date: Thu May 6 13:00:57 2021 -0400
ftp: remove unused defines and crufty comments
Bhargava Jandhyala (bjandhya) [Tue, 3 Aug 2021 14:33:44 +0000 (14:33 +0000)]
Merge pull request #3008 in SNORT/snort3 from ~VKAMBALA/snort3:ftracker to master
Squashed commit of the following:
commit
6e194f67c65ce7825345ab82ead4fe92861ecabe
Author: krishnakanth <vkambala@cisco.com>
Date: Fri Jul 30 12:08:04 2021 -0400
dce_smb: Restoring File tracker size post deletion
Shravan Rangarajuvenkata (shrarang) [Sun, 1 Aug 2021 20:03:56 +0000 (20:03 +0000)]
Merge pull request #2036 in SNORT/snort3 from ~SHRARANG/snort3:reorg_dynamic_libs to master
Squashed commit of the following:
commit
7880c187fb22613cf9d8e3910146b58a3cbbbc30
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 28 15:49:30 2020 -0500
build: install DAQ modules and Snort plugins in separate folders
Bhargava Jandhyala (bjandhya) [Fri, 30 Jul 2021 19:42:43 +0000 (19:42 +0000)]
Merge pull request #3003 in SNORT/snort3 from ~BSACHDEV/snort3:file_trace_infra to master
Squashed commit of the following:
commit
a2d100df370abe5cbb31ae22d6221ba766d417e9
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Jul 7 01:52:33 2021 -0400
file_api: Added infra and file debugs to existing debugging framework
Mike Stepanek (mstepane) [Wed, 28 Jul 2021 13:26:35 +0000 (13:26 +0000)]
Merge pull request #3000 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.9.0 to master
Squashed commit of the following:
commit
b68d4a2da45b3c27f5ceab8bec0d64d359a27a71
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jul 28 06:18:02 2021 -0400
build: generate and tag 3.1.9.0
Steve Chew (stechew) [Tue, 27 Jul 2021 21:00:01 +0000 (21:00 +0000)]
Merge pull request #2999 in SNORT/snort3 from ~STECHEW/snort3:events_id2 to master
Squashed commit of the following:
commit
a8e58353979b450e801b29d0e080dc64151db382
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 25 16:38:13 2021 -0400
events: Use instance_id to make event_id unique across threads.
Mike Stepanek (mstepane) [Tue, 27 Jul 2021 17:47:27 +0000 (17:47 +0000)]
Merge pull request #2976 in SNORT/snort3 from ~SVLASIUK/snort3:fix_reject_inline_u2 to master
Squashed commit of the following:
commit
a2fec11b2fe6016bc4cc2c342c3db5e5ed3af3b4
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 23 10:06:58 2021 +0300
framework: update base API version to 4
commit
4a3afcd4aeda61ac6ced9527582cee5601f2d6c7
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 9 16:32:22 2021 +0300
actions: session data stay accessible for loggers for reject rule action
Reject action does reset session. Reset session includes drop flow in particular
destruct HttpFlowData object. Alerts may include addiotional information from flow
in case of unified2 events it aggregates http headers. To avoid bad access exceptions,
flow data should be available in place of generating alerts and cleaned up after.
Tom Peters (thopeter) [Mon, 26 Jul 2021 16:48:37 +0000 (16:48 +0000)]
Merge pull request #2997 in SNORT/snort3 from ~KATHARVE/snort3:issues_fix to master
Squashed commit of the following:
commit
b616ac88a9716e843939404d638da82c71aabd62
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jul 26 10:28:24 2021 -0400
http2_inspect: remove unused variables
Mike Stepanek (mstepane) [Mon, 26 Jul 2021 09:56:57 +0000 (09:56 +0000)]
Merge pull request #2991 in SNORT/snort3 from ~YVELYKOZ/snort3:fix_byte_options to master
Squashed commit of the following:
commit
60ab3f1566c6697f4ebd3baee0de8e4104f69100
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 22 23:24:12 2021 +0300
ips_options: address compiler warnings
Tom Peters (thopeter) [Fri, 23 Jul 2021 20:30:30 +0000 (20:30 +0000)]
Merge pull request #2990 in SNORT/snort3 from ~KATHARVE/snort3:h2i_partial_buffer_fix to master
Squashed commit of the following:
commit
288ed022ae6a31f5bb2b98e84b8a42cc2bff7b5e
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 20 14:33:28 2021 -0400
http_inspect: don't allocate 0-length partial inspection buffer
Tom Peters (thopeter) [Fri, 23 Jul 2021 15:09:47 +0000 (15:09 +0000)]
Merge pull request #2978 in SNORT/snort3 from ~KATHARVE/snort3:h2i_hpack_fix to master
Squashed commit of the following:
commit
2001a8e9a9d3fdb5417ae1b3d24aebc5806f07f0
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jul 7 16:49:55 2021 -0400
http2_inspect: fix HPACK dynamic table size update management
Mike Stepanek (mstepane) [Thu, 22 Jul 2021 12:50:55 +0000 (12:50 +0000)]
Merge pull request #2989 in SNORT/snort3 from ~YVELYKOZ/snort3:fix_byte_options to master
Squashed commit of the following:
commit
4241b0ac03324e23a059408a51e3e35c4ae0ca8e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 22 11:56:35 2021 +0300
ips_options/byte_options: address compiler warnings
Tom Peters (thopeter) [Wed, 21 Jul 2021 17:52:36 +0000 (17:52 +0000)]
Merge pull request #2988 in SNORT/snort3 from ~MDAGON/snort3:complete to master
Squashed commit of the following:
commit
605e1f86c087e13ed7a459cd75559ad6ee7b8b00
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon Jul 12 16:57:25 2021 -0400
http_inspect: add rule option http_raw_header_complete
Mike Stepanek (mstepane) [Wed, 21 Jul 2021 15:51:19 +0000 (15:51 +0000)]
Merge pull request #2974 in SNORT/snort3 from ~YVELYKOZ/snort3:ips_byte_options_update to master
Squashed commit of the following:
commit
acf28ee21eba548ff0eae5119e57eb70683c52d7
Author: VytalyGorbatov <vytalygorbatovwork@gmail.com>
Date: Mon May 17 09:14:21 2021 +0300
ips_options: refactor byte_extract, byte_test, byte_math, byte_jump and related tests
Move common logic to extract.cc.
commit
65523a0c2b8c6c8ac7dc6629ed7ab697776642d5
Author: Crowy-o <egor1velikogon@gmail.com>
Date: Thu May 13 14:22:34 2021 +0300
ips_options: add catch tests for byte_test, byte_jump, byte_math, byte_extract
Tom Peters (thopeter) [Wed, 21 Jul 2021 15:28:48 +0000 (15:28 +0000)]
Merge pull request #2985 in SNORT/snort3 from ~KATHARVE/snort3:http2_wizard to master
Squashed commit of the following:
commit
f62e3474a5d5a2e6991082af8bd87b203a118496
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jul 19 14:09:30 2021 -0400
lua: update HTTP/2 default_wizard hex with S2C pattern match
Steve Chew (stechew) [Tue, 20 Jul 2021 20:18:36 +0000 (20:18 +0000)]
Merge pull request #2975 in SNORT/snort3 from ~SBAIGAL/snort3:control_expire to master
Squashed commit of the following:
commit
69747b5e417ef9603f71dc6bfab54c6885c8ee0d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jul 9 19:02:34 2021 -0400
control: add idle expire removal to control channels
Mike Stepanek (mstepane) [Tue, 20 Jul 2021 12:21:59 +0000 (12:21 +0000)]
Merge pull request #2982 in SNORT/snort3 from ~VHORBATO/snort3:js_bytes_pegcount to master
Squashed commit of the following:
commit
af890287cb5c3b13031b0b018e48c78ff804b7ca
Author: Vitalii <vhorbato@cisco.com>
Date: Wed Jul 14 19:10:31 2021 +0300
http_inspect: add peg count for script bytes processed
Bhargava Jandhyala (bjandhya) [Tue, 20 Jul 2021 08:00:50 +0000 (08:00 +0000)]
Merge pull request #2984 in SNORT/snort3 from ~VKAMBALA/snort3:offset_fix to master
Squashed commit of the following:
commit
8f90cc5f5fff118034b5f55065b0e3ec4b0ce31e
Author: krishnakanth <vkambala@cisco.com>
Date: Fri Jul 16 06:39:49 2021 -0400
file_api: Handling file_cache inspection for non zero offset
Steve Chew (stechew) [Mon, 19 Jul 2021 21:49:09 +0000 (21:49 +0000)]
Merge pull request #2925 in SNORT/snort3 from ~SBAIGAL/snort3:cli to master
Squashed commit of the following:
commit
09519fc596dfb0dd1b406a9ee5bb26b2520c2d32
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 4 12:30:10 2021 -0400
dump_stats: direct output back to command channel
stats: update file and appid stats to use Log functions provided from stats.cc
add LogText for simple string logging without separator logic
Tom Peters (thopeter) [Fri, 16 Jul 2021 02:07:37 +0000 (02:07 +0000)]
Merge pull request #2979 in SNORT/snort3 from ~KATHARVE/snort3:h2i_assert_fix to master
Squashed commit of the following:
commit
8a7d79a6f743f696efe67be5b889cd295108c0a9
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jul 14 16:58:50 2021 -0400
http2_inspect: change xor to or in assert that was failing due to uninitialized variable
Mike Stepanek (mstepane) [Thu, 15 Jul 2021 12:20:40 +0000 (12:20 +0000)]
Merge pull request #2983 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.8.0 to master
Squashed commit of the following:
commit
207c13bac190688826dd2e58271efe0849cc7d20
Author: Mike Stepanek <mstepane@cisco.com>
Date: Thu Jul 15 06:32:44 2021 -0400
build: generate and tag 3.1.8.0
Mike Stepanek (mstepane) [Wed, 14 Jul 2021 18:41:54 +0000 (18:41 +0000)]
Merge pull request #2977 in SNORT/snort3 from ~SHASLAD/snort3:revert_events_id to master
Squashed commit of the following:
commit
a12bc01526b3f1e930c421b398e0a8c82a6b4ab2
Author: Shashi Lad <shaslad@cisco.com>
Date: Wed Jul 14 13:36:03 2021 -0400
Revert "Merge pull request #2957 in SNORT/snort3 from ~STECHEW/snort3:events_id to master"
This reverts commit
a77d77d7f24982b93672b385daef92a9304eec3e .
Steve Chew (stechew) [Tue, 13 Jul 2021 22:46:38 +0000 (22:46 +0000)]
Merge pull request #2957 in SNORT/snort3 from ~STECHEW/snort3:events_id to master
Squashed commit of the following:
commit
4615dadb6a99cdff0b9d2b510fa11fd031ec2de8
Author: Steve Chew <stechew@cisco.com>
Date: Tue Jul 13 14:47:21 2021 -0400
Update
commit
9976e20f54ce0ca6d2d3d3906dd0bb1375bec726
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 25 16:38:13 2021 -0400
events: Use instance_id to make event_id unique across threads.
Bhargava Jandhyala (bjandhya) [Mon, 12 Jul 2021 18:39:23 +0000 (18:39 +0000)]
Merge pull request #2973 in SNORT/snort3 from ~VKAMBALA/snort3:file_segment to master
Squashed commit of the following:
commit
28576ac68af95cca16c672970f01880e1ab661b0
Author: krishnakanth <vkambala@cisco.com>
Date: Wed Jul 7 01:48:20 2021 -0400
file_api: Handling overlap segments
Bhargava Jandhyala (bjandhya) [Sun, 11 Jul 2021 16:03:00 +0000 (16:03 +0000)]
Merge pull request #2972 in SNORT/snort3 from ~DIPANDIT/snort3:pinhole_fix to master
Squashed commit of the following:
commit
846148ae043eb8d919ae152b08ab467f726d55f7
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri Jul 9 12:09:48 2021 -0400
dce_rpc: fix crash when expected session comes after snort reload
Mike Stepanek (mstepane) [Fri, 9 Jul 2021 09:18:31 +0000 (09:18 +0000)]
Merge pull request #2971 in SNORT/snort3 from ~OSHUMEIK/snort3:s2l_rawbytes to master
Squashed commit of the following:
commit
7ee3dce4ab3049449811c4bb4cc933c1c5e5ea1c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jul 8 13:49:40 2021 +0300
snort2lua: set raw_data buffer for rawbytes and B flag in PCRE
Tom Peters (thopeter) [Thu, 8 Jul 2021 20:32:06 +0000 (20:32 +0000)]
Merge pull request #2969 in SNORT/snort3 from ~MDAGON/snort3:unreachable to master
Squashed commit of the following:
commit
a9a7be092a4d4a97fd53dc562e7b27c48ba0d7c6
Author: Maya Dagon <mdagon@cisco.com>
Date: Tue Jul 6 12:10:50 2021 -0400
packet_io: unreachable packets shouldn't be sent for ICMP
Bhargava Jandhyala (bjandhya) [Thu, 8 Jul 2021 13:26:41 +0000 (13:26 +0000)]
Merge pull request #2970 in SNORT/snort3 from ~BSACHDEV/snort3:full_run to master
Squashed commit of the following:
commit
e38eec5ab109c35ad82cc04c1210a9eb853a4536
Author: bsachdev <bsachdev@cisco.com>
Date: Thu Jul 8 07:17:02 2021 -0400
dce_smb: Fixed macro definition for SMB_DEBUG
Signed-off-by: bsachdev <bsachdev@cisco.com>
Mike Stepanek (mstepane) [Thu, 8 Jul 2021 11:55:57 +0000 (11:55 +0000)]
Merge pull request #2967 in SNORT/snort3 from ~OSHUMEIK/snort3:js_shorten_tag to master
Squashed commit of the following:
commit
d853999fc0f48c55f04ab69099abfef234fe8246
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jul 5 14:32:06 2021 +0300
http_inspect: add built-in alert for script tags in a short form
Lokesh Bevinamarad (lbevinam) [Wed, 7 Jul 2021 16:39:03 +0000 (16:39 +0000)]
Merge pull request #2961 in SNORT/snort3 from ~BSACHDEV/snort3:smb_trace_infra to master
Squashed commit of the following:
commit
7351c4a1f14b9b7b2456064fb054e79082458829
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Jun 28 04:19:08 2021 -0400
dce_smb: Added trace messages and multiple level logging for SMB module
Signed-off-by: bsachdev <bsachdev@cisco.com>
Mike Stepanek (mstepane) [Wed, 7 Jul 2021 09:58:07 +0000 (09:58 +0000)]
Merge pull request #2968 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_warning to master
Squashed commit of the following:
commit
d27f3da7bfab2d1f2ca0ebe212967934d3b892d8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jul 6 14:31:32 2021 +0300
doc: fix build warnings
Thanks to jiangrj (github.com/jiangrij) for reporting the issue.
Fixing indention, nested list.
Escaping control characters.
Shravan Rangarajuvenkata (shrarang) [Tue, 6 Jul 2021 18:01:09 +0000 (18:01 +0000)]
Merge pull request #2958 in SNORT/snort3 from ~DANMCGAR/snort3:ssh-client-patterns to master
Squashed commit of the following:
commit
cb11ffef012d75d00e3635a62e652dd5c570d8cb
Author: Daniel McGarvey <danmcgar@cisco.com>
Date: Mon Jun 21 11:57:48 2021 -0400
appid: support SSH client detection through lua detector
Bhargava Jandhyala (bjandhya) [Mon, 5 Jul 2021 06:47:23 +0000 (06:47 +0000)]
Merge pull request #2966 in SNORT/snort3 from ~VKAMBALA/snort3:eicar to master
Squashed commit of the following:
commit
bd1c2d1e18fa3ec4e1efac72f0ea924a9b252407
Author: krishnakanth <vkambala@cisco.com>
Date: Thu Jul 1 05:06:31 2021 -0400
dce_rpc: Handling raw packets
Mike Stepanek (mstepane) [Fri, 2 Jul 2021 10:27:05 +0000 (10:27 +0000)]
Merge pull request #2965 in SNORT/snort3 from ~SVLASIUK/snort3:dump_empty_modules to master
Squashed commit of the following:
commit
8f2aa27901ee6785d6dcf95d7d0012b7845eabff
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Jul 1 15:37:26 2021 +0300
dump_config: support modules without config options in text format
Mike Stepanek (mstepane) [Fri, 2 Jul 2021 10:19:42 +0000 (10:19 +0000)]
Merge pull request #2937 in SNORT/snort3 from ~BRASTULT/snort3:ssh_spell_fix to master
Squashed commit of the following:
commit
675c5d0d624e2b559f504d6b1b9cb982a1e091d2
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Jun 10 12:23:31 2021 -0400
wizard: make SSH spell more specific
Tom Peters (thopeter) [Thu, 1 Jul 2021 19:04:25 +0000 (19:04 +0000)]
Merge pull request #2960 in SNORT/snort3 from ~MDAGON/snort3:reject to master
Squashed commit of the following:
commit
df880cdbcad839afa1d1daac99ea790bf75bed02
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Jun 25 15:15:54 2021 -0400
packet_io: check if unreachable_candidate before sending unreachable
Tom Peters (thopeter) [Wed, 30 Jun 2021 21:34:13 +0000 (21:34 +0000)]
Merge pull request #2962 in SNORT/snort3 from ~KATHARVE/snort3:h2i_flow_depth_fix to master
Squashed commit of the following:
commit
260a2df1f41085de49e947507deb45a4c42f334b
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 29 14:59:48 2021 -0400
http2_inspect: clean data cutter internal state after exhausting flow depth
Mike Stepanek (mstepane) [Wed, 30 Jun 2021 15:07:06 +0000 (15:07 +0000)]
Merge pull request #2963 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.7.0 to master
Squashed commit of the following:
commit
85517e1fb597d0d159fcf7728de68c86fcee39da
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 30 09:53:05 2021 -0400
build: generate and tag 3.1.7.0
Tom Peters (thopeter) [Tue, 29 Jun 2021 21:12:21 +0000 (21:12 +0000)]
Merge pull request #2959 in SNORT/snort3 from ~THOPETER/snort3:version3 to master
Squashed commit of the following:
commit
be78cd5e45d518c782398c453c141b490bf7a9a3
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 29 13:52:56 2021 -0400
framework: update base API version to 3
Tom Peters (thopeter) [Tue, 29 Jun 2021 16:39:28 +0000 (16:39 +0000)]
Merge pull request #2956 in SNORT/snort3 from ~KATHARVE/snort3:http_ooo_injection to master
Squashed commit of the following:
commit
89629a45d15511a400494d22d3921540476036ec
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jun 25 12:31:16 2021 -0400
payload_injector: don't inject if there are unflushed S2C TCP packets queued
Shravan Rangarajuvenkata (shrarang) [Fri, 25 Jun 2021 19:34:59 +0000 (19:34 +0000)]
Merge pull request #2951 in SNORT/snort3 from ~SHRARANG/snort3:appid_update_doc to master
Squashed commit of the following:
commit
84e9e2256994ec90e99fa4e4d8908efe91fee24c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jun 21 23:31:38 2021 -0400
appid: update documentation
Shravan Rangarajuvenkata (shrarang) [Fri, 25 Jun 2021 19:22:39 +0000 (19:22 +0000)]
Merge pull request #2953 in SNORT/snort3 from ~SATHIRKA/snort3:mem_track_mimesession to master
Squashed commit of the following:
commit
d8b5ba3d0e62d020189b2ec9012bb21d63e0240a
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Jun 24 15:44:33 2021 -0400
mime: Track memory for mime sessions
Steve Chew (stechew) [Fri, 25 Jun 2021 17:33:45 +0000 (17:33 +0000)]
Merge pull request #2952 in SNORT/snort3 from ~SBAIGAL/snort3:better to master
Squashed commit of the following:
commit
bf82e65e3296202f7d81e1bd14d7447d1baa25c3
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Jun 23 11:39:45 2021 -0400
control: resolve socket issues due to race conditions
Shravan Rangarajuvenkata (shrarang) [Thu, 24 Jun 2021 14:37:55 +0000 (14:37 +0000)]
Merge pull request #2936 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_smb_payload_apps to master
Squashed commit of the following:
commit
cc9d61b77d6abecef2d2474c3aa66f39e3410d7e
Author: cljudge <cljudge@cisco.com>
Date: Tue Jun 1 01:41:02 2021 -0400
appid: enhance netbios service detector to identify SMB versions as web app.
Lokesh Bevinamarad (lbevinam) [Wed, 23 Jun 2021 09:06:16 +0000 (09:06 +0000)]
Merge pull request #2942 in SNORT/snort3 from ~SMULKA/snort3:si_ip to master
Squashed commit of the following:
commit
ec2eb797ce03425f2c8ebcc0ec5d40313c381f56
Author: smulka <smulka@cisco.com>
Date: Sun Jun 13 21:05:12 2021 -0400
reputation: include list id for daq trace log
Tom Peters (thopeter) [Wed, 23 Jun 2021 04:08:57 +0000 (04:08 +0000)]
Merge pull request #2950 in SNORT/snort3 from ~KATHARVE/snort3:doc_h2i to master
Squashed commit of the following:
commit
d3d998e9162a3ab633e7c321838b496e3b2fcf75
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 22 12:01:03 2021 -0400
doc: updates for http2_inspect
Shravan Rangarajuvenkata (shrarang) [Tue, 22 Jun 2021 15:15:26 +0000 (15:15 +0000)]
Merge pull request #2949 in SNORT/snort3 from ~RDEMPSTE/snort3:dns to master
Squashed commit of the following:
commit
0cb6be3a1f0d87e5f43cf1a812035bff6acb1309
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Jun 21 16:09:49 2021 -0400
appid: Update the DNS detector to support the all record request
Pranav Bhalerao (prbhaler) [Tue, 22 Jun 2021 08:25:49 +0000 (08:25 +0000)]
Merge pull request #2947 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_snort2lua to master
Squashed commit of the following:
commit
42c8ad67b4071a5a0ff649050308462602ee707f
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Wed Jun 16 05:14:25 2021 -0400
snort2lua: Fixing lua conversion of unsupported http preproc options without parameters
Masud Hasan (mashasan) [Mon, 21 Jun 2021 19:18:23 +0000 (19:18 +0000)]
Merge pull request #2930 in SNORT/snort3 from ~MMATIRKO/snort3:snort_docker to master
Squashed commit of the following:
commit
d3a7ea0a8a94c50ca91bd3bb45be34337a8e8721
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Jun 10 11:03:41 2021 -0400
main: implement test_features run flag to enable debug-like output
commit
bdb3926895abb3d78dbc27046430d48c0bdd10cc
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jun 4 11:38:12 2021 -0400
sfip: fix unit tests for non-regtest builds
commit
2afa7a822c85641dbb7acaf9585b86781968baa9
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Jun 3 15:58:32 2021 -0400
snort2lua: remove footprint size config
Masud Hasan (mashasan) [Wed, 16 Jun 2021 20:42:37 +0000 (20:42 +0000)]
Merge pull request #2941 in SNORT/snort3 from ~SMINUT/snort3:is_ack_valid to master
Squashed commit of the following:
commit
c1f81f31a14a16a57e4addc67ea971f39d43f9e5
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Jun 10 17:15:12 2021 -0400
stream: fix is_ack_valid to return true even when current ack is to the left of snd_una, per RFC793
Mike Stepanek (mstepane) [Wed, 16 Jun 2021 17:21:49 +0000 (17:21 +0000)]
Merge pull request #2948 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.6.0 to master
Squashed commit of the following:
commit
dcfadb49048e7fcf325d1e0660092c0d22921b2c
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 16 07:21:42 2021 -0400
build: generate and tag 3.1.6.0
projects / thirdparty / snort3.git / log
