]>
git.ipfire.org Git - thirdparty/snort3.git/log
Steve Chew (stechew) [Tue, 15 Jun 2021 22:10:26 +0000 (22:10 +0000)]
Merge pull request #2945 in SNORT/snort3 from ~SBAIGAL/snort3:shell3 to master
Squashed commit of the following:
commit
3a742fa01840835d4c7f92caac80e8ded9176d1b
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Jun 15 09:08:33 2021 -0400
control: remove SHELL compile flag from header
Shravan Rangarajuvenkata (shrarang) [Tue, 15 Jun 2021 17:56:10 +0000 (17:56 +0000)]
Merge pull request #2938 in SNORT/snort3 from ~SHRARANG/snort3:vdb_ci to master
Squashed commit of the following:
commit
ba7463da922459e8a37fd2b04114f89c181ea80c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jun 14 22:01:11 2021 -0400
appid: remove error message when userappid.conf is not present
commit
b6e776d4eed4389886195847fe878f842e668a45
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Jun 10 23:26:55 2021 -0400
appid: remove unused metadata offset functionality
commit
3a4a71e8787986f41947811106d632c5a917704c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jun 9 17:30:24 2021 -0400
appid: support fragmented metadata
Mike Stepanek (mstepane) [Tue, 15 Jun 2021 10:10:26 +0000 (10:10 +0000)]
Merge pull request #2944 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_js2 to master
Squashed commit of the following:
commit
e5dde2ff73f6fc89be263273aa2981d1f1c6079c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 15 12:32:18 2021 +0300
doc: remove 'sticky buffer' from manual
Steve Chew (stechew) [Mon, 14 Jun 2021 21:38:26 +0000 (21:38 +0000)]
Merge pull request #2911 in SNORT/snort3 from ~RAMANKS/snort3:geneve to master
Squashed commit of the following:
commit
f0c32fd35d5763b7e32f1c04b03f5fa457d3552f
Author: Raman Krishnan <ramanks@cisco.com>
Date: Fri Jun 11 19:52:06 2021 -0700
codecs: geneve: incorporate review comments
commit
abf8a20f05b7a2be16af0472b0d98b4cddded7be
Author: Raman Krishnan <ramanks@cisco.com>
Date: Sat Jun 5 23:09:27 2021 -0700
codecs: geneve: add vni to alert_csv and alert_json
commit
fb516639ed8f29972df650b782fb5c721c946e60
Author: Raman Krishnan <ramanks@cisco.com>
Date: Tue Apr 13 15:13:59 2021 -0700
codecs: geneve: Support for Geneve encapsulation
Mike Stepanek (mstepane) [Mon, 14 Jun 2021 19:04:21 +0000 (19:04 +0000)]
Merge pull request #2943 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_js to master
Squashed commit of the following:
commit
a24accc260061aecc80c35861248ed2913629cf5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 14 15:31:03 2021 +0300
http_inspect: add JS Normalizer to dev_notes
commit
d675003d85f98da62d77f989b5daecb6eec9f742
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 14 15:30:41 2021 +0300
doc: update JS normalizer options
Mike Stepanek (mstepane) [Mon, 14 Jun 2021 13:20:36 +0000 (13:20 +0000)]
Merge pull request #2940 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_opts to master
Squashed commit of the following:
commit
2369f1fe6526c58ac35aa51f394526bc26a7ea46
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 15:50:00 2021 +0300
trace: place trace options under the DEBUG_MSGS macro
Excluding:
* trace.modules.snort.inspector_manager
* trace.modules.wizard
Check that option index is not out-of-bounds.
dev_notes.txt updated.
commit
34e1b91e91cc7c973aa132bd60f4b9fc5a238d3f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 14:55:58 2021 +0300
iec104: delete trailing spaces
Tom Peters (thopeter) [Fri, 11 Jun 2021 20:18:17 +0000 (20:18 +0000)]
Merge pull request #2939 in SNORT/snort3 from ~KATHARVE/snort3:httpevent_uri_host to master
Squashed commit of the following:
commit
4de5aba60ebef55abb31bec0be889f3431bfd0f2
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 10 15:04:13 2021 -0400
pub_sub: add get_uri_host() to HttpEvent
Tom Peters (thopeter) [Thu, 10 Jun 2021 14:54:17 +0000 (14:54 +0000)]
Merge pull request #2934 in SNORT/snort3 from ~KATHARVE/snort3:http_host_fix to master
Squashed commit of the following:
commit
1ae238c8b83ea926d2b3843f8715743abda678e0
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 8 12:55:20 2021 -0400
pub_sub: update HttpEvent::get_host to get_authority - now always includes port if there is one
Pranav Bhalerao (prbhaler) [Wed, 9 Jun 2021 17:28:56 +0000 (17:28 +0000)]
Merge pull request #2924 in SNORT/snort3 from ~AMARNAYA/snort3:sunRPC_port_based_binder to master
Squashed commit of the following:
commit
86d3a6674f7dc15467d9cc4513226d11b2fe3d25
Author: Amarnath Nayak <amarnaya@cisco.com>
Date: Fri Jun 4 13:16:52 2021 -0400
ips_options: fix intrusion alerts generation for tcp rpc PORTMAP traffic when rpc_decode is bound to the flow
Mike Stepanek (mstepane) [Wed, 9 Jun 2021 16:02:56 +0000 (16:02 +0000)]
Merge pull request #2935 in SNORT/snort3 from ~OSHUMEIK/snort3:revert to master
Squashed commit of the following:
commit
4114c60f610929b86db30d4e34730f76cb6c4ff2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jun 9 17:42:39 2021 +0300
build: reverting back
adb5e30c101fb2b7ea54a5df3d5b6a1cf68a1cb7
Shravan Rangarajuvenkata (shrarang) [Wed, 9 Jun 2021 15:10:01 +0000 (15:10 +0000)]
Merge pull request #2919 in SNORT/snort3 from ~SATHIRKA/snort3:telemetry_stats to master
Squashed commit of the following:
commit
a756810f7043722ebb25d5b2abb974758ab3b26d
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jun 2 13:44:52 2021 -0400
time: make Periodic class SO_PUBLIC
Mike Stepanek (mstepane) [Wed, 9 Jun 2021 13:38:41 +0000 (13:38 +0000)]
Merge pull request #2931 in SNORT/snort3 from ~OSERHIIE/snort3:dump_config to master
Squashed commit of the following:
commit
ddc9f5cae9538ae04a1ce6f161a457b4bb217b53
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Jun 7 12:50:48 2021 +0300
main: fix config dump for list-based inspector aliases
Bhargava Jandhyala (bjandhya) [Wed, 9 Jun 2021 06:30:14 +0000 (06:30 +0000)]
Merge pull request #2933 in SNORT/snort3 from ~DIPANDIT/snort3:multichannel_shared_ptr to master
Squashed commit of the following:
commit
98177702616043e80f1c7c20df6b4731696c763a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Jun 8 13:37:02 2021 -0400
dce_rpc: store shared pointer of session tracker
commit
e6a88c3afe70c9d690489cd5f004ce2782bab9b6
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Jun 8 07:47:55 2021 -0400
dce_rpc: handle reload prune for smb session cache
Steve Chew (stechew) [Tue, 8 Jun 2021 22:07:23 +0000 (22:07 +0000)]
Merge pull request #2932 in SNORT/snort3 from ~SBAIGAL/snort3:fix_test_cppchk to master
Squashed commit of the following:
commit
60df4227963eea528ca74439b4a98d074f82457d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Jun 8 09:58:12 2021 -0400
host_cache: remove unused lua mock code from the tests
Tom Peters (thopeter) [Tue, 8 Jun 2021 15:54:45 +0000 (15:54 +0000)]
Merge pull request #2928 in SNORT/snort3 from ~ARMANDAV/snort3:filter to master
Squashed commit of the following:
commit
3b834ec3d3dcdd849f7bb730bc7bdc8018e78160
Author: snorty <snorty@localhost.localdomain>
Date: Tue Jun 8 00:48:34 2021 -0400
protocols: Remove inline specifiers for functions defined within a structure declaration
commit
a85fd8ace95bdfafcf697d36ccc873b51e5aa3bc
Author: snorty <snorty@localhost.localdomain>
Date: Fri Jun 4 14:42:12 2021 -0400
filters: Support rate filter to work with PDUs
Tom Peters (thopeter) [Tue, 8 Jun 2021 15:43:48 +0000 (15:43 +0000)]
Merge pull request #2926 in SNORT/snort3 from ~KATHARVE/snort3:hi_zlib_mem_tracking to master
Squashed commit of the following:
commit
b4eaceae64f5e73979c4faedf183df491044ba62
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jun 4 16:47:27 2021 -0400
http_inspect: track memory footprint of zlib inflation
Mike Stepanek (mstepane) [Tue, 8 Jun 2021 11:08:37 +0000 (11:08 +0000)]
Merge pull request #2929 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_opts_build to master
Squashed commit of the following:
commit
b5ae30b8b24685b4d5bc90ba0cbfff08c56e4f70
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 7 13:39:03 2021 +0300
trace: update the dev_notes.txt
TraceOption description and how it should be used.
commit
ab4c20664b34db9c45f0be3f222988b553165da0
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 15:50:00 2021 +0300
trace: place trace options under the DEBUG_MSGS macro
Excluding:
* trace.modules.snort.inspector_manager
* trace.modules.wizard
commit
305b2e740c65951ffbd5a3a23e871053086b7af4
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 14:55:58 2021 +0300
iec104: delete trailing spaces
Mike Stepanek (mstepane) [Tue, 8 Jun 2021 10:22:25 +0000 (10:22 +0000)]
Merge pull request #2915 in SNORT/snort3 from ~SVLASIUK/snort3:js_external_script to master
Squashed commit of the following:
commit
ec3d59e7ec908f71cddb89782e6c9c5d76379d2d
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon May 24 19:03:11 2021 +0300
http_inspect: add JS normalization for external scripts
Support multiple PDUs and partial detection
Support existing JS built-in rules
Add new built-in rule when script body after script-src attribute is not comments
Tom Peters (thopeter) [Mon, 7 Jun 2021 05:26:01 +0000 (05:26 +0000)]
Merge pull request #2918 in SNORT/snort3 from ~NIHDESAI/snort3:nhi_section_size to master
Squashed commit of the following:
commit
ac6c621966284a445cc295569842129e24517951
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Jun 2 15:02:09 2021 -0400
http_inspect: limit section size target for file processing
Lokesh Bevinamarad (lbevinam) [Sun, 6 Jun 2021 15:17:12 +0000 (15:17 +0000)]
Merge pull request #2927 in SNORT/snort3 from ~BSACHDEV/snort3:fix_ci_smb to master
Squashed commit of the following:
commit
0f5b34c33a5fe358754cbf8f696b1e629e7fb365
Author: bsachdev <bsachdev@cisco.com>
Date: Sat Jun 5 08:25:53 2021 -0400
dce_rpc: Fixed warnings
Signed-off-by: bsachdev <bsachdev@cisco.com>
Shravan Rangarajuvenkata (shrarang) [Sat, 5 Jun 2021 22:23:01 +0000 (22:23 +0000)]
Merge pull request #2900 in SNORT/snort3 from ~ADIKAPOO/snort3:adikapoo-extradata to master
Squashed commit of the following:
commit
20a235eea96f40bf1d8af2c44f7b502934370830
Author: adikapoo <adikapoo@cisco.com>
Date: Fri Jun 4 14:42:36 2021 -0400
mime: store extra data in stash
Tom Peters (thopeter) [Fri, 4 Jun 2021 21:57:28 +0000 (21:57 +0000)]
Merge pull request #2922 in SNORT/snort3 from ~MDAGON/snort3:hpack to master
Squashed commit of the following:
commit
e59cf270b46659a38b44dc92091deb10e7c3e593
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed Jun 2 10:40:50 2021 -0400
http2_inspect: track dynamic table memory allocation
Bhargava Jandhyala (bjandhya) [Fri, 4 Jun 2021 21:44:56 +0000 (21:44 +0000)]
Merge pull request #2876 in SNORT/snort3 from ~DIPANDIT/snort3:multichannel to master
Squashed commit of the following:
commit
3efdf0d7995c31a869edcfc34f1a57bf42cbed0a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Sun May 30 12:00:55 2021 -0400
dce_rpc: SMB multichannel - handle negotiate command to create expected flow
commit
5bb575762f0ea11171a167deb59e199177576ae9
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Mar 23 03:31:05 2021 -0400
dce_rpc: SMB multichannel - own memory tracking in global cache
commit
82b15dd65de7c4d44b36622c3ffd15f3199b877e
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Wed May 5 10:11:55 2021 -0400
dce_rpc: SMB multichannel - added smb multichannel file support
commit
bc61306af569d4dd0b4d865db70597d590760efd
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Wed Feb 17 07:25:36 2021 -0500
dce_rpc: SMB multichannel - make session cache global
commit
c24c372ee61232a27cff1e0a5d92734b96aa106d
Author: Dipto Pandit <dipandit@cisco.com>
Date: Thu Oct 8 06:55:59 2020 -0400
dce_rpc: SMB multichannel - introduce locks
Russ Combs (rucombs) [Fri, 4 Jun 2021 16:09:29 +0000 (16:09 +0000)]
Merge pull request #2923 in SNORT/snort3 from ~SBAIGAL/snort3:shell2 to master
Squashed commit of the following:
commit
d6c6e803d46423198b4a7bed1c610ea10db799c5
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 4 10:13:26 2021 -0400
control: cleanup cppcheck issues
Steve Chew (stechew) [Fri, 4 Jun 2021 04:23:06 +0000 (04:23 +0000)]
Merge pull request #2891 in SNORT/snort3 from ~RAMANKS/snort3:ifnat to master
Squashed commit of the following:
commit
dc99b72290f72631d5bf16b2a4ea4096e8386fd4
Author: Raman Krishnan <ramanks@cisco.com>
Date: Mon May 17 14:20:37 2021 -0700
codecs: support inner flor NAT
Steve Chew (stechew) [Thu, 3 Jun 2021 20:11:01 +0000 (20:11 +0000)]
Merge pull request #2921 in SNORT/snort3 from ~SBAIGAL/snort3:shelldef to master
Squashed commit of the following:
commit
43e72c52e4464cad36fefe63742db279192dfc66
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jun 3 11:04:11 2021 -0400
control: allow compile with shell disabled
Tom Peters (thopeter) [Thu, 3 Jun 2021 00:03:31 +0000 (00:03 +0000)]
Merge pull request #2912 in SNORT/snort3 from ~MDAGON/snort3:rst_stream to master
Squashed commit of the following:
commit
15ad62d816e69a377d649563b5adf609ae11872a
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 17:06:54 2021 -0400
http2_inspect: don't perform valid sequence check on rst_stream frame
Tom Peters (thopeter) [Wed, 2 Jun 2021 23:56:43 +0000 (23:56 +0000)]
Merge pull request #2920 in SNORT/snort3 from ~MDAGON/snort3:fix_platform_rt to master
Squashed commit of the following:
commit
c4541b26a1e895d7674f3a52bdfabef9a25072a0
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed Jun 2 17:13:12 2021 -0400
http_inspect: update test mock api
Ron Dempster (rdempste) [Wed, 2 Jun 2021 19:31:42 +0000 (19:31 +0000)]
Merge pull request #2908 in SNORT/snort3 from ~SMULKA/snort3:si_ip to master
Squashed commit of the following:
commit
afd5ac41ba87a6a2bfd8321fe8c18947bca0e907
Author: smulka <smulka@cisco.com>
Date: Tue May 25 18:33:45 2021 -0400
reputation: daq trace log
Bhargava Jandhyala (bjandhya) [Wed, 2 Jun 2021 19:25:56 +0000 (19:25 +0000)]
Merge pull request #2916 in SNORT/snort3 from ~DIPANDIT/snort3:flow_from_file_context to master
Squashed commit of the following:
commit
5272707f8728164a2996e8e128bf6fa34ba05741
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Sun May 30 15:30:49 2021 -0400
file_api: store processing flow in context
Bhargava Jandhyala (bjandhya) [Wed, 2 Jun 2021 18:36:33 +0000 (18:36 +0000)]
Merge pull request #2914 in SNORT/snort3 from ~DIPANDIT/snort3:enable_multi_pinhole to master
Squashed commit of the following:
commit
6c01d79f5fe0e1a8f97273eeda35c35fa4d9b834
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:17:32 2021 -0400
stream: enable support for multiple expected sessions
commit
3a4a0ef78eeec528f37a95ac0da488f54084af5f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:14:04 2021 -0400
flow: enable support for multiple expected sessions
commit
b4bdb05a1c69c9e4db890447d0fa67e160a64880
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:04:00 2021 -0400
packet_io: enable expected session flags
Shravan Rangarajuvenkata (shrarang) [Wed, 2 Jun 2021 17:31:30 +0000 (17:31 +0000)]
Merge pull request #2906 in SNORT/snort3 from ~KAMURTHI/snort3:strm_id_h2i_publish_req_body to master
Squashed commit of the following:
commit
4d1cffd596d448faaa47076d2f2182587122310d
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon May 24 16:16:12 2021 -0400
appid: perform detection on request body for HTTP2 traffic.
commit
de11bcc69069ec43181e32a7cb91bcc60ba657d7
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Apr 12 16:29:09 2021 -0400
http_inspect: publish event for http/2 request bodies
Steve Chew (stechew) [Wed, 2 Jun 2021 16:47:38 +0000 (16:47 +0000)]
Merge pull request #2847 in SNORT/snort3 from ~SBAIGAL/snort3:control to master
Squashed commit of the following:
commit
f796ba1326bf9713867d2bde5234273887282f98
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Apr 22 14:56:59 2021 -0400
control: expose ContrlConn API
commit
3d0c000b8d0652bec02df2a08db9f23d2be971ec
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Feb 23 12:38:31 2021 -0500
control: Remove unused IdleProcessing functionality
commit
90df551fac422ae1bf5ddee21a0d040dd111373c
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Nov 14 12:05:10 2019 -0500
control: refactor control channel management to better handle control responses
commit
5d017cb4965f875f80dc5bf8edc3d074128f4c4e
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Feb 10 12:05:49 2021 -0500
Revert "Merge pull request #2639 in SNORT/snort3 from ~STECHEW/snort3:control_request_fix_shared_ptr to master"
This reverts commit
e7250bd6995941337e37529fd8594093de4db2ef .
Shravan Rangarajuvenkata (shrarang) [Tue, 1 Jun 2021 23:31:45 +0000 (23:31 +0000)]
Merge pull request #2917 in SNORT/snort3 from ~SHRARANG/snort3:appid_aux_ip to master
Squashed commit of the following:
commit
9eadae760d41137e95f28f10dddd07751088e2c7
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue May 11 11:00:56 2021 -0400
appid: extract auxiliary ip when uri is provided by third-party
Tom Peters (thopeter) [Tue, 1 Jun 2021 21:49:44 +0000 (21:49 +0000)]
Merge pull request #2907 in SNORT/snort3 from ~MDAGON/snort3:nhi_memory to master
Squashed commit of the following:
commit
5dc2f46fb2ec58c29d8760bc74274cdb51571da7
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 14:06:39 2021 -0400
Code Review
commit
ef675a1befeccbd27e3f0fd208a0726da17483ef
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 12:22:06 2021 -0400
code review
commit
b0cd942dddef767021e96dfbed2d47b0cc9c20c2
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed May 26 11:56:50 2021 -0400
Remove sizeof(uint8_t) for consistency
commit
97cd8ecca1a45aa80c65ad31a2b54e91fff0209b
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 24 13:27:48 2021 -0400
http_inspect: additional memory tracking
Shravan Rangarajuvenkata (shrarang) [Tue, 1 Jun 2021 19:44:21 +0000 (19:44 +0000)]
Merge pull request #2910 in SNORT/snort3 from ~AMARNAYA/snort3:sun_RPC_pinhole to master
Squashed commit of the following:
commit
3131b9eacfc44357e312a0a74260b3d21b2bb429
Author: Amarnath Nayak <amarnaya@cisco.com>
Date: Thu May 27 10:12:06 2021 -0400
appid: use 32 bits for storing protocol field in RPC port map message
Shanmugam S (shanms) [Tue, 1 Jun 2021 03:28:50 +0000 (03:28 +0000)]
Merge pull request #2903 in SNORT/snort3 from ~APOORAJ/snort3:gtp_prime_check to master
Squashed commit of the following:
commit
2e3375e0e41661091889f1aa9aa204bebd572ee2
Author: Apoorv Raj <apooraj@cisco.com>
Date: Mon May 24 05:56:05 2021 -0700
gtp : check protocol type according to gtp version
Pranav Bhalerao (prbhaler) [Mon, 31 May 2021 12:46:22 +0000 (12:46 +0000)]
Merge pull request #2897 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_CSCvy23818 to master
Squashed commit of the following:
commit
b347ac156107b59a54a2779b4bbcf242eddda540
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Tue May 18 07:06:46 2021 -0400
ftp: creating additional expected session if negotiated ip is different from server IP on packet
Mike Stepanek (mstepane) [Fri, 28 May 2021 20:07:20 +0000 (20:07 +0000)]
Merge pull request #2913 in SNORT/snort3 from ~OSHUMEIK/snort3:fix_empty_stmnt to master
Squashed commit of the following:
commit
f4320ca09ec0f9189a588aa58843bc721ce20948
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri May 28 21:40:54 2021 +0300
utils: fix warning about empty statement
A macros which expanded to curly braces should not be followed by semicolon.
Steve Chew (stechew) [Fri, 28 May 2021 18:02:25 +0000 (18:02 +0000)]
Merge pull request #2901 in SNORT/snort3 from ~DERAMADA/snort3:set_packet_context to master
Squashed commit of the following:
commit
78dd1cbbc6e4f52c0616652f38855ecdc5054290
Author: Deepak Ramadass <deramada@cisco.com>
Date: Fri May 21 11:06:39 2021 -0400
stream_tcp: populate flow contents in context for non-wire packets
Masud Hasan (mashasan) [Fri, 28 May 2021 17:13:27 +0000 (17:13 +0000)]
Merge pull request #2894 in SNORT/snort3 from ~MASHASAN/snort3:aux_ip_reload to master
Squashed commit of the following:
commit
c99146d5876c23277920b795a9dd7c6d8f6d9df3
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue May 18 20:54:15 2021 -0400
reputation: Supporting auxiliary IP matching upon reload
Mike Stepanek (mstepane) [Fri, 28 May 2021 15:25:37 +0000 (15:25 +0000)]
Merge pull request #2904 in SNORT/snort3 from ~OSHUMEIK/snort3:js_mpdu to master
Squashed commit of the following:
commit
33f6bc94d027eb9db5680b3bb3eeba0a2944f8c7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon May 24 11:22:15 2021 +0300
http_inspect: support partial detect for Javascripts
Normalizer context is allocated and freed once per PDU inspection.
As a partial flush happens at the closing script tag,
it enables context reusage in the following normalizations.
Chunked data is supported as well (by resetting the context).
commit
89043ad68d74323cfb2d4a64a6558929dae9b534
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue May 18 11:15:31 2021 +0300
utils: refactor JSTokenizer
Parsing is done mostly by the lexer's rules.
Temporary buffer (for unicode) reworked.
commit
f0952f4f9565e2f61c0bbcd76bf06474147ab90c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 13 16:02:47 2021 +0300
http_inspect: extend built-in alerts for Javascript processing
Alerts follow:
- nested opening tag
- closing tag seen in an unexpected place
- bad token happened
commit
e6d50626331e7bc8d30a07905ef8c8341bc0d1c7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 29 14:38:38 2021 +0300
utils: rework JSNormalizer class
JSNormalizer can be instantiated meaningfully.
It returns the state via the return codes.
JSNormalizer context is placed on the flow (if needed).
Normalization depth is the property of the context.
Flow memory usage is updated.
UNIT_TEST_BUILD macro added.
The inline script count is increased upon the opening tag seeing.
commit
6a8cad0fc881f94318b4679396e1364cb82ba012
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 21 14:11:24 2021 +0300
http_inspect: improve MPSE in HttpJsNorm (script start conditions)
Naming and code style.
Rework match callback functions.
Combine some patterns in the opening tag into a single search.
Allocate the output buffer only if it is needed.
Masud Hasan (mashasan) [Thu, 27 May 2021 18:55:39 +0000 (18:55 +0000)]
Merge pull request #2909 in SNORT/snort3 from ~MASHASAN/snort3:filter_dhcp to master
Squashed commit of the following:
commit
e98fe541ff4d5972373d2a8c5124fb1b727fa3a3
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue May 25 17:10:00 2021 -0400
rna: Filtering DHCP events and some refactoring
Bhargava Jandhyala (bjandhya) [Wed, 26 May 2021 20:41:01 +0000 (20:41 +0000)]
Merge pull request #2878 in SNORT/snort3 from ~DIPANDIT/snort3:thread_wise_resume to master
Squashed commit of the following:
commit
30f9f9897dd34aba4a6743c499cbf0dea39dda5f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri May 7 06:39:14 2021 -0400
main: added support for resuming particular thread
Bhargava Jandhyala (bjandhya) [Tue, 25 May 2021 13:30:56 +0000 (13:30 +0000)]
Merge pull request #2898 in SNORT/snort3 from ~BSACHDEV/snort3:file_count to master
Squashed commit of the following:
commit
5cfba19416d2f864eb6fb9e1bc490ba66a499c4a
Author: bsachdev <bsachdev@cisco.com>
Date: Fri May 21 07:23:10 2021 -0400
file_api: increase file count only once per file
Signed-off-by: bsachdev <bsachdev@cisco.com>
Tom Peters (thopeter) [Mon, 24 May 2021 20:26:37 +0000 (20:26 +0000)]
Merge pull request #2899 in SNORT/snort3 from ~NIHDESAI/snort3:h2_rule_options to master
Squashed commit of the following:
commit
eee6084bae7e383f5b2dce1728b324cd2a4dd2e4
Author: Nihal Desai <nihdesai@cisco.com>
Date: Sun May 16 23:32:05 2021 -0400
http2_inspect: rule options and doc clean up
Masud Hasan (mashasan) [Mon, 24 May 2021 17:50:35 +0000 (17:50 +0000)]
Merge pull request #2896 in SNORT/snort3 from ~ARMANDAV/snort3:ratefilter to master
Squashed commit of the following:
commit
381fb7df3faa8e3185c6c6fc29cba022031260bd
Author: Arun Mandava <armandav@cisco.com>
Date: Wed May 12 14:37:59 2021 -0400
filters: Change rate filter to use network policy id instead of ips policy id
Tom Peters (thopeter) [Mon, 24 May 2021 16:27:50 +0000 (16:27 +0000)]
Merge pull request #2882 in SNORT/snort3 from ~KATHARVE/snort3:h2i_start_line to master
Squashed commit of the following:
commit
c11b631dee6a73b0b2190b1bfe65383e5ac10842
Author: Katura Harvey <katharve@cisco.com>
Date: Mon May 10 12:47:20 2021 -0400
http2_inspect: improve request line generation and checks
Masud Hasan (mashasan) [Thu, 20 May 2021 20:41:32 +0000 (20:41 +0000)]
Merge pull request #2892 in SNORT/snort3 from ~MMATIRKO/snort3:last_seen_fix to master
Squashed commit of the following:
commit
a320cce2f258f3390fbddca2993c19ca108a6ff5
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Apr 20 11:38:37 2021 -0400
rna: update last seen time on deleted host rediscovery
Russ Combs (rucombs) [Thu, 20 May 2021 20:36:00 +0000 (20:36 +0000)]
Merge pull request #2895 in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.5.0 to master
Squashed commit of the following:
commit
b637ab5f94cd7a24fdae969509bb183f3fa2a6c8
Author: Russ Combs <rucombs@cisco.com>
Date: Thu May 20 13:55:40 2021 -0400
build: Generate and tag 3.1.5.0
Tom Peters (thopeter) [Wed, 19 May 2021 20:08:05 +0000 (20:08 +0000)]
Merge pull request #2890 in SNORT/snort3 from ~MDAGON/snort3:memory to master
Squashed commit of the following:
commit
506959d13ea92852540f493e0d3818ed3977e6e4
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 17 13:15:59 2021 -0400
memory: free_space cleanup
Masud Hasan (mashasan) [Tue, 18 May 2021 22:22:52 +0000 (22:22 +0000)]
Merge pull request #2886 in SNORT/snort3 from ~MMATIRKO/snort3:monitor_but_better to master
Squashed commit of the following:
commit
72c8a3dc6e826e107e11ff901c9d14f6bb9f5ed2
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu May 13 12:07:52 2021 -0400
reputation: track monitor ID via flow; minor code cleanup
Tom Peters (thopeter) [Tue, 18 May 2021 21:05:04 +0000 (21:05 +0000)]
Merge pull request #2885 in SNORT/snort3 from ~MDAGON/snort3:res_depth to master
Squashed commit of the following:
commit
94b659b9e667930660a9434d0c9a514d3b187617
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Apr 23 11:03:32 2021 -0400
http2_inspect: optimize processing after reaching flow depth
Tom Peters (thopeter) [Tue, 18 May 2021 17:03:57 +0000 (17:03 +0000)]
Merge pull request #2887 in SNORT/snort3 from ~MDAGON/snort3:update_print to master
Squashed commit of the following:
commit
d58a66cbe0559ed5394f49cfef620cb65b237833
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 17 15:41:18 2021 -0400
http2_inspect: update discard print
Steve Chew (stechew) [Mon, 17 May 2021 19:47:08 +0000 (19:47 +0000)]
Merge pull request #2877 in SNORT/snort3 from ~DERAMADA/snort3:load_lua_exit to master
Squashed commit of the following:
commit
5a4ccf3e529c7f3b96b4330c0dad66a3d3d14d57
Author: Deepak Ramadass <deramada@cisco.com>
Date: Thu Apr 29 16:25:03 2021 -0400
shell: exit gracefully when sanbox lua is misconfigured
Tom Peters (thopeter) [Fri, 14 May 2021 22:06:26 +0000 (22:06 +0000)]
Merge pull request #2884 in SNORT/snort3 from ~MDAGON/snort3:cleanup to master
Squashed commit of the following:
commit
c5b9bb50ce47a73a4928b3d4d50c7d97bdee9546
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri May 7 12:12:53 2021 -0400
http2_inspect: update state and delete streams after reaching flow
depth
Steve Chew (stechew) [Fri, 14 May 2021 20:53:12 +0000 (20:53 +0000)]
Merge pull request #2872 in SNORT/snort3 from ~SHASLAD/snort3:netflow_guard to master
Squashed commit of the following:
commit
2d8c1d90b2a54190da723464a1ead61a8d1106be
Author: Shashi Lad <shaslad@cisco.com>
Date: Tue May 4 10:33:50 2021 -0400
netflow: additional check before v5/v9 decode
Russ Combs (rucombs) [Thu, 13 May 2021 15:11:30 +0000 (15:11 +0000)]
Merge pull request #2881 in SNORT/snort3 from ~BRASTULT/snort3:dcerpc_expected_session to master
Squashed commit of the following:
commit
a9e8adf33d65d0686f58bd67f88013e59402cb7c
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri May 7 16:28:50 2021 -0400
dce_rpc: fix expected session protocol id
Tom Peters (thopeter) [Thu, 13 May 2021 03:43:09 +0000 (03:43 +0000)]
Merge pull request #2883 in SNORT/snort3 from ~KATHARVE/snort3:h2i_clang_fix to master
Squashed commit of the following:
commit
4ff274cf1142d175009c649f6e7372ed7f18711c
Author: Katura Harvey <katharve@cisco.com>
Date: Mon May 10 16:57:29 2021 -0400
http2_inspect: fix non-standard c++
Tom Peters (thopeter) [Mon, 10 May 2021 06:21:45 +0000 (06:21 +0000)]
Merge pull request #2880 in SNORT/snort3 from ~MDAGON/snort3:h2i_detection to master
Squashed commit of the following:
commit
2801cccf27ed16733f8ffa5c6054f845c39b56a6
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri May 7 14:20:06 2021 -0400
http_inspect: don't disable detection for flow if it's an HTTP/2 flow
Tom Peters (thopeter) [Sat, 8 May 2021 00:12:36 +0000 (00:12 +0000)]
Merge pull request #2875 in SNORT/snort3 from ~MDAGON/snort3:depth_trailer to master
Squashed commit of the following:
commit
194cedcca2a396e44522607dfd9add653f829367
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu Apr 29 13:00:41 2021 -0400
http2_inspect: handle trailer after reaching flow depth
Steve Chew (stechew) [Fri, 7 May 2021 19:40:06 +0000 (19:40 +0000)]
Merge pull request #2879 in SNORT/snort3 from ~DIPANDIT/snort3:fix_spell to master
Squashed commit of the following:
commit
9208671b7b5a8e8c474a925eb6c9a5aa5297428b
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri May 7 12:54:42 2021 -0400
file_api: fix spell source error
Tom Peters (thopeter) [Fri, 7 May 2021 16:15:23 +0000 (16:15 +0000)]
Merge pull request #2873 in SNORT/snort3 from ~THOPETER/snort3:memory1 to master
Squashed commit of the following:
commit
787709393819a2729392f2292707cb8503f7d999
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Apr 30 17:27:24 2021 -0400
flow: memory tracking updates
Bhargava Jandhyala (bjandhya) [Fri, 7 May 2021 09:14:15 +0000 (09:14 +0000)]
Merge pull request #2846 in SNORT/snort3 from ~SMULKA/snort3:ips_log to master
Squashed commit of the following:
commit
e3d48073b8acbba1694383b0a56e6fb00f36cdd4
Author: smulka <smulka@cisco.com>
Date: Fri Apr 16 02:23:50 2021 -0400
packet_tracer: IPS daq trace log
Bhargava Jandhyala (bjandhya) [Fri, 7 May 2021 08:13:32 +0000 (08:13 +0000)]
Merge pull request #2837 in SNORT/snort3 from ~AJMANDAD/snort3:trace_file_module to master
Squashed commit of the following:
commit
4c5715c8e5785fe12a92218dfe44981a002deeb3
Author: Ajay Mandadi <ajmandad@cisco.com>
Date: Thu Apr 8 04:11:07 2021 -0400
packet_tracer: file daq trace log
Signed-off-by: Ajay Mandadi <ajmandad@cisco.com>
Shravan Rangarajuvenkata (shrarang) [Tue, 4 May 2021 17:39:52 +0000 (17:39 +0000)]
Merge pull request #2871 in SNORT/snort3 from ~SATHIRKA/snort3:mercury_debug to master
Squashed commit of the following:
commit
625b7fa920e751eee95585235f106101a0cb15e1
Author: cljudge <cljudge@cisco.com>
Date: Wed Apr 28 07:44:29 2021 -0400
appid: Publish an event when appid debug command is issued
Bhargava Jandhyala (bjandhya) [Tue, 4 May 2021 07:15:04 +0000 (07:15 +0000)]
Merge pull request #2864 in SNORT/snort3 from ~DIPANDIT/snort3:smb_deadlock_main to master
Squashed commit of the following:
commit
0e71ce321233e6c850d5fb2af7d0ec7e9b854091
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon Apr 26 03:17:22 2021 -0400
dce_rpc: use find_else_insert in smb session cache to avoid deadlock
commit
247e355e2d1ea43051f5e2e508857c4227dc29e3
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon Apr 26 02:44:30 2021 -0400
hash: add new insert method in lru_cache_shared
Steve Chew (stechew) [Tue, 4 May 2021 00:33:13 +0000 (00:33 +0000)]
Merge pull request #2818 in SNORT/snort3 from ~SHASLAD/snort3:netflow_v9_i1 to master
Squashed commit of the following:
commit
d2de5f0fae25d9c53da51166c0a525243abffc2f
Author: Shashi Lad <shaslad@cisco.com>
Date: Fri Mar 19 09:56:13 2021 -0400
netflow: version 9 decoding and filtering
Mike Stepanek (mstepane) [Fri, 30 Apr 2021 17:25:41 +0000 (17:25 +0000)]
Merge pull request #2869 in SNORT/snort3 from ~SVLASIUK/snort3:fix_custom_variable_set to master
Squashed commit of the following:
commit
16ceb01981c70f5c53432c7e588ebb780184bebb
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Apr 27 13:02:36 2021 +0300
parser: reduce RTNs only after states applied
Port groups get updated with reduced RTNs.
Tom Peters (thopeter) [Thu, 29 Apr 2021 21:36:05 +0000 (21:36 +0000)]
Merge pull request #2868 in SNORT/snort3 from ~KATHARVE/snort3:h2i_window_update to master
Squashed commit of the following:
commit
f80eef948c70811e81155a64745aeb9e92be74e3
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Apr 23 10:20:09 2021 -0400
http2_inspect: implement window_update frame
Russ Combs (rucombs) [Thu, 29 Apr 2021 18:00:22 +0000 (18:00 +0000)]
Merge pull request #2866 in SNORT/snort3 from ~BRASTULT/snort3:base64_relative to master
Squashed commit of the following:
commit
e485d60864b6a756b84d548a619445377ed1b916
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Apr 27 15:55:28 2021 -0400
ips_options: fix relative base64_decode
Mike Stepanek (mstepane) [Wed, 28 Apr 2021 19:53:34 +0000 (19:53 +0000)]
Merge pull request #2867 in SNORT/snort3 from ~OSERHIIE/snort3:pcre_jit_supp to master
Squashed commit of the following:
commit
39facc13eccc8dc6c29599d30afdd268d62be329
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Apr 28 15:02:57 2021 +0300
ips_pcre: re-enable JIT
Shravan Rangarajuvenkata (shrarang) [Wed, 28 Apr 2021 17:20:29 +0000 (17:20 +0000)]
Merge pull request #2863 in SNORT/snort3 from ~SHRARANG/snort3:mem_accounting to master
Squashed commit of the following:
commit
272257dd20a103ff68536d5437387fc3eadbb39a
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Apr 23 13:32:32 2021 -0400
appid: do memory accounting of api stash object, dns/tls/third-party sessions
Masud Hasan (mashasan) [Wed, 28 Apr 2021 15:25:56 +0000 (15:25 +0000)]
Merge pull request #2844 in SNORT/snort3 from ~MASHASAN/snort3:close_stream to master
Squashed commit of the following:
commit
2eaee2752af6e487c4ccf59940fd2a0ac6875c75
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Apr 23 08:58:09 2021 -0400
stream_tcp: Using window base for reset validation
commit
1526f0d93ba1d1ce04b40b46faf7304b0eb6b307
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Apr 13 18:36:58 2021 -0400
stream_tcp: Deleting session when both talker and listener are closed
Tom Peters (thopeter) [Tue, 27 Apr 2021 20:54:52 +0000 (20:54 +0000)]
Merge pull request #2852 in SNORT/snort3 from ~MDAGON/snort3:stream_limit to master
Squashed commit of the following:
commit
68169e41ce122a7368f076755edf7c1dc854d789
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Apr 16 16:39:05 2021 -0400
http2_inspect: concurrent streams limit is configurable
Masud Hasan (mashasan) [Tue, 27 Apr 2021 17:52:44 +0000 (17:52 +0000)]
Merge pull request #2820 in SNORT/snort3 from ~MASHASAN/snort3:match_aux_ip to master
Squashed commit of the following:
commit
9bd621b4b6104b9e0699b664d53e7d134ee3c905
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Mar 11 16:52:02 2021 -0500
flow: Enhancing APIs to stash auxiliary IP
commit
fe9fcb2eaf1a2af9ffcca1a46fd638f63ad78ff2
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Feb 15 16:02:13 2021 -0500
http_inspect: IP reputation support
commit
173a34c1c6d897203c201dbd33802ec8befc24e3
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Feb 9 10:30:21 2021 -0500
flow: Adding stash API to save auxiliary IP
Mike Stepanek (mstepane) [Tue, 27 Apr 2021 10:12:26 +0000 (10:12 +0000)]
Merge pull request #2860 in SNORT/snort3 from ~DKYRYLOV/snort3:dump_rule_signature_fix to master
Squashed commit of the following:
commit
ac143943fff79eb95f80d84c05416f0c13c4d18b
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Apr 20 13:49:46 2021 +0300
parser: Remove rule merge in dump mode
Bhargava Jandhyala (bjandhya) [Tue, 27 Apr 2021 06:40:35 +0000 (06:40 +0000)]
Merge pull request #2861 in SNORT/snort3 from ~DIPANDIT/snort3:smb_memtrack to master
Squashed commit of the following:
commit
865dfc8eeccc40795e559c9d8bb21f82700055b1
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri Apr 23 09:51:38 2021 -0400
dce_rpc: update memory tracking for smb session data
Mike Stepanek (mstepane) [Mon, 26 Apr 2021 20:49:27 +0000 (20:49 +0000)]
Merge pull request #2865 in SNORT/snort3 from ~OSERHIIE/snort3:grind_fix to master
Squashed commit of the following:
commit
fdc6ce333548025807666c016e3466781ebca153
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Apr 26 07:13:23 2021 +0300
ips_pcre: disable JIT
Tom Peters (thopeter) [Mon, 26 Apr 2021 19:32:26 +0000 (19:32 +0000)]
Merge pull request #2857 in SNORT/snort3 from ~KATHARVE/snort3:h2i_stream_mem to master
Squashed commit of the following:
commit
fbbf12946446eadad1d6e643bec3bda1e310ae7d
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Apr 21 17:02:24 2021 -0400
http2_inspect: track stream memory incrementally instead of all up front
Shravan Rangarajuvenkata (shrarang) [Fri, 23 Apr 2021 17:36:54 +0000 (17:36 +0000)]
Merge pull request #2859 in SNORT/snort3 from ~KAMURTHI/snort3:3rd_pty_unknown_payload to master
Squashed commit of the following:
commit
7de785661b313f522ae52bb35e7250ab817de19b
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu Apr 22 15:49:25 2021 -0400
appid: mark payload detection as done after either http request or response is inspected
Tom Peters (thopeter) [Fri, 23 Apr 2021 16:07:00 +0000 (16:07 +0000)]
Merge pull request #2862 in SNORT/snort3 from ~KATHARVE/snort3:h2_clear to master
Squashed commit of the following:
commit
1dd6a2569c6edef71833921ce744cb4a8548eb26
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Apr 23 09:27:30 2021 -0400
http2_inspect: add assert in clear
Shravan Rangarajuvenkata (shrarang) [Fri, 23 Apr 2021 01:25:35 +0000 (01:25 +0000)]
Merge pull request #2858 in SNORT/snort3 from ~SHRARANG/snort3:appid_lua_future_flow to master
Squashed commit of the following:
commit
431ca4da86d7a950586cb89d983abd10e1eb1685
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Apr 21 23:43:59 2021 -0400
appid: set monitor flags on future flows
Steve Chew (stechew) [Wed, 21 Apr 2021 20:06:22 +0000 (20:06 +0000)]
Merge pull request #2855 in SNORT/snort3 from ~RUCOMBS/snort3:3_1_4_0 to master
Squashed commit of the following:
commit
033b703311c607c7790437ab216b40e8b7cf1b48
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Apr 21 12:31:35 2021 -0400
build: Generate and tag 3.1.4.0
Mike Stepanek (mstepane) [Wed, 21 Apr 2021 17:39:43 +0000 (17:39 +0000)]
Merge pull request #2848 in SNORT/snort3 from ~OSERHIIE/snort3:js_inline_scripts to master
Squashed commit of the following:
commit
8d130d92807ecc480c3832e7e85697883bf1ae42
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Apr 16 12:48:49 2021 +0300
http_inspect: add js_inline_scripts peg count
commit
07beb04a28389e09bc0e77f672e86f58e5ef4194
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Apr 16 10:31:01 2021 +0300
http_inspect: identify external javascripts
commit
b4e77cf2d524ecc076eb6007d9e1f4743b2852e4
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Apr 16 01:34:30 2021 +0300
http_inspect: add built-in alert for unexpected tags within inline javascript
Russ Combs (rucombs) [Wed, 21 Apr 2021 13:16:00 +0000 (13:16 +0000)]
Merge pull request #2811 in SNORT/snort3 from ~RUCOMBS/snort3:nfp to master
Squashed commit of the following:
commit
0349a07ec2d2ff74a3810a2952c8f642b7f0fd44
Author: russ <rucombs@cisco.com>
Date: Thu Apr 1 09:37:30 2021 -0400
pcre: revert change that disabled jit
commit
3e5c3aa8a6115c14b1fe2cad67a290c8c0ce8a0b
Author: russ <rucombs@cisco.com>
Date: Tue Mar 23 11:38:38 2021 -0400
ips: allow null detection trees with negated lists
Masud Hasan (mashasan) [Tue, 20 Apr 2021 16:56:30 +0000 (16:56 +0000)]
Merge pull request #2854 in SNORT/snort3 from ~SMINUT/snort3:hpq_reload_time to master
Squashed commit of the following:
commit
6fce6e70fea873975295861ac8963c4246319fe8
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Apr 20 10:20:14 2021 -0400
stream: fix race condition in HPQReloadTuner
Steve Chew (stechew) [Tue, 20 Apr 2021 05:57:06 +0000 (05:57 +0000)]
Merge pull request #2851 in SNORT/snort3 from ~STECHEW/snort3:hold_packet_ip_frag to master
Squashed commit of the following:
commit
8f56099ea176bcca27e743c632a4e2728f273e42
Author: Steve Chew <stechew@cisco.com>
Date: Mon Apr 19 13:41:45 2021 -0400
stream: IP frag packets won't have a flow so do not try to hold them.
Bhargava Jandhyala (bjandhya) [Mon, 19 Apr 2021 12:22:13 +0000 (12:22 +0000)]
Merge pull request #2849 in SNORT/snort3 from ~DIPANDIT/snort3:lru_dead_lock to master
Squashed commit of the following:
commit
57c873106b055daf409b5a712a98f67d642c8d1a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon Apr 19 02:43:27 2021 -0400
hash: prepond object creation in LRU cache find_else_create
Bhargava Jandhyala (bjandhya) [Mon, 19 Apr 2021 12:13:17 +0000 (12:13 +0000)]
Merge pull request #2850 in SNORT/snort3 from ~BSACHDEV/snort3:dcerpc_share_type to master
Squashed commit of the following:
commit
ccd53ac3f861d158e1a93e92b5ebea23b4d4cc1e
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Apr 19 02:56:13 2021 -0400
dce_rpc: Added a cleanup condition for DCERPC in close request
Signed-off-by: bsachdev <bsachdev@cisco.com>
Brian Morris (bmorris2) [Fri, 16 Apr 2021 16:45:56 +0000 (16:45 +0000)]
Merge pull request #2838 in SNORT/snort3 from ~OSIRYI/snort3:osiryi_ips to master
Squashed commit of the following:
commit
82bce21c9a702abec288bd9bebeb62ba1688956b
Author: Oleksandr Siryi <osiryi@cisco.com>
Date: Thu Apr 15 14:49:52 2021 +0300
ssl: refactoring SSLData out so it can be reused
Russ Combs (rucombs) [Thu, 15 Apr 2021 16:40:50 +0000 (16:40 +0000)]
Merge pull request #2843 in SNORT/snort3 from ~OSIRYI/snort3:appid_version_warning to master
Squashed commit of the following:
commit
1efe29874535e5825846136c83a71d4ee66eaa61
Author: Oleksandr Siryi <osiryi@cisco.com>
Date: Thu Apr 15 18:53:38 2021 +0300
appid: (style) Local variable 'version' shadows outer variable
Tom Peters (thopeter) [Thu, 15 Apr 2021 01:08:06 +0000 (01:08 +0000)]
Merge pull request #2833 in SNORT/snort3 from ~MDAGON/snort3:oom to master
Squashed commit of the following:
commit
ff5bc520f269912b3589fbe4adb1cab946ad9775
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu Apr 1 15:55:16 2021 -0400
http2_inspect: free streams in completed/error state
Lokesh Bevinamarad (lbevinam) [Wed, 14 Apr 2021 15:07:29 +0000 (15:07 +0000)]
Merge pull request #2821 in SNORT/snort3 from ~BJANDHYA/snort3:feature/dcerpc to master
Squashed commit of the following:
commit
bddb8e4ce8aac8e8d78f3f62bf973228ac56994c
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date: Wed Mar 31 12:21:44 2021 -0400
dce_rpc: DCERPC Support over SMBv2
Shravan Rangarajuvenkata (shrarang) [Tue, 13 Apr 2021 22:13:32 +0000 (22:13 +0000)]
Merge pull request #2841 in SNORT/snort3 from ~SHRARANG/snort3:appid_dns_payload to master
Squashed commit of the following:
commit
d3ce08a3600f610d3053c82da85bce8fafd61dda
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Apr 9 16:18:19 2021 -0400
appid: detect payload based on dns host
Shravan Rangarajuvenkata (shrarang) [Tue, 13 Apr 2021 20:39:26 +0000 (20:39 +0000)]
Merge pull request #2836 in SNORT/snort3 from ~SHRARANG/snort3:appid_refactor_tp to master
Squashed commit of the following:
commit
826a256d28984cd56be15f6e93a95ef179be8eb9
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Apr 7 16:17:49 2021 -0400
appid: remove detectors which are available in odp
commit
0e4d330ddcdfac8e0add3fcac0286034229d9271
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Apr 7 11:30:23 2021 -0400
appid: remove duplicate rtmp code
commit
a6d0a4b77c99662f65a67037a856bed547a1178a
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Apr 7 10:41:22 2021 -0400
appid: refactor to set http scan flags in one place
Shravan Rangarajuvenkata (shrarang) [Mon, 12 Apr 2021 18:09:05 +0000 (18:09 +0000)]
Merge pull request #2842 in SNORT/snort3 from ~KAMURTHI/snort3:dhp_new_leash to master
Squashed commit of the following:
commit
1e1db8db55fffc7e4d0d4efffe88234aae80a8f9
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Apr 12 10:17:05 2021 -0400
appid: clean-up parameters in service_bootp
Mike Stepanek (mstepane) [Mon, 12 Apr 2021 17:21:09 +0000 (17:21 +0000)]
Merge pull request #2839 in SNORT/snort3 from ~OSERHIIE/snort3:build_flex to master
Squashed commit of the following:
commit
e644105f5c593f23cabcf6486d1c32e4ce87472e
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Apr 9 14:17:58 2021 +0300
build: add better support for flex lexer
Thanks to Özkan KIRIK and Moin for reporting the issue.
commit
67548b869fa80173561b141b1733e0da41da84bf
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Apr 8 21:22:21 2021 +0300
utils: enable Flex C++ mode via its option
Tom Peters (thopeter) [Fri, 9 Apr 2021 20:44:21 +0000 (20:44 +0000)]
Merge pull request #2835 in SNORT/snort3 from ~THOPETER/snort3:script_detection_reload to master
Squashed commit of the following:
commit
c47bbd6354de354dc2f297e4c32eeae407d03ff4
Author: russ <rucombs@cisco.com>
Date: Thu Apr 1 23:30:47 2021 -0400
http_inspect: fix end of script match after reload
Tom Peters (thopeter) [Fri, 9 Apr 2021 19:14:00 +0000 (19:14 +0000)]
Merge pull request #2834 in SNORT/snort3 from ~MDAGON/snort3:goaway to master
Squashed commit of the following:
commit
184702db041232b8f7f1dda1c1bd61e7f5774fa3
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed Mar 24 11:12:18 2021 -0400
payload_injector: send go away frame
projects / thirdparty / snort3.git / log
