]>
git.ipfire.org Git - thirdparty/snort3.git/log
Shravan Rangarajuvenkata (shrarang) [Thu, 5 Nov 2020 19:54:29 +0000 (19:54 +0000)]
Merge pull request #2594 in SNORT/snort3 from ~KAMURTHI/snort3:http2_https to master
Squashed commit of the following:
commit
05c21e9ad5c54b6cd37ba55ad9e3324a3bb0e290
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Nov 2 12:11:14 2020 -0500
appid: prefix http/2 decrypted url with "https://
Masud Hasan (mashasan) [Mon, 2 Nov 2020 22:12:26 +0000 (22:12 +0000)]
Merge pull request #2592 in SNORT/snort3 from ~SMINUT/snort3:host_cache_ipv6 to master
Squashed commit of the following:
commit
c540602d306a1700efb69a7389cefcd25ee7e8e3
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Oct 30 14:06:18 2020 -0400
host_tracker: ignore IP family when comparing SfIp keys in the host cache
Shravan Rangarajuvenkata (shrarang) [Mon, 2 Nov 2020 21:12:47 +0000 (21:12 +0000)]
Merge pull request #2566 in SNORT/snort3 from ~SHRARANG/snort3:appid_cppcheck to master
Squashed commit of the following:
commit
2770cb1dfb5f4cecedb478b0118df2d42a898de1
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Oct 22 10:43:47 2020 -0400
appid: handle cppcheck warnings
Masud Hasan (mashasan) [Mon, 2 Nov 2020 16:30:39 +0000 (16:30 +0000)]
Merge pull request #2565 in SNORT/snort3 from ~MMATIRKO/snort3:delete_mac to master
Squashed commit of the following:
commit
584d6d7e0b4c65d3bc3ae3decad2f943645e3a17
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Oct 21 13:34:48 2020 -0400
rna: add command to delete MAC hosts and protos
Bhagya Tholpady (bbantwal) [Mon, 2 Nov 2020 16:07:10 +0000 (16:07 +0000)]
Merge pull request #2568 in SNORT/snort3 from ~SVLASIUK/snort3:global_log_quiet to master
Squashed commit of the following:
commit
e3d825a4b74e8c8d806a88bf877204bbf29ebdec
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Wed Oct 28 14:22:20 2020 +0200
main: set up logging flags globally to avoid dependencies on a particular SnortConfig object
Lokesh Bevinamarad (lbevinam) [Mon, 2 Nov 2020 11:46:38 +0000 (11:46 +0000)]
Merge pull request #2593 in SNORT/snort3 from ~KBHANDAN/snort3:crunch_crash to master
Squashed commit of the following:
commit
e515bbe448f601c91e70a283a62b71277e855331
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Sun Nov 1 23:02:04 2020 -0500
flow: Return correct type from the release stub method
Ron Dempster (rdempste) [Fri, 30 Oct 2020 20:57:47 +0000 (20:57 +0000)]
Merge pull request #2591 in SNORT/snort3 from ~RDEMPSTE/snort3:client_initiated to master
Squashed commit of the following:
commit
b7963787f1eef302a1641d66054620152e73bf67
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Oct 30 11:20:16 2020 -0400
flow: Set client initiated flag based on DAQ reverse flow flag, track on syn config, and syn-ack packet
Mike Stepanek (mstepane) [Fri, 30 Oct 2020 20:47:31 +0000 (20:47 +0000)]
Merge pull request #2585 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp3_final to master
Squashed commit of the following:
commit
0c21bbf58fcc70d1e1cbb758589796a442b97ebb
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Oct 15 16:30:25 2020 -0400
http2_inspect: send push_promise frames through http_inspect
Mike Stepanek (mstepane) [Fri, 30 Oct 2020 19:43:09 +0000 (19:43 +0000)]
Merge pull request #2590 in SNORT/snort3 from ~MDAGON/snort3:rm_hdrs to master
Squashed commit of the following:
commit
5f02d52f6d51291501a4021a39535778344d9e0c
Author: mdagon <mdagon@cisco.com>
Date: Fri Oct 23 10:36:35 2020 -0400
payload_injector: remove content length and connection for HTTP/2
Steve Chew (stechew) [Fri, 30 Oct 2020 19:23:08 +0000 (19:23 +0000)]
Merge pull request #2581 in SNORT/snort3 from ~SBAIGAL/snort3:late_starttls to master
Squashed commit of the following:
commit
0becc1e83d942d1bd85cb00b08a368a7264ac054
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Oct 26 16:37:52 2020 -0400
smtp: make sure the ssl search abandoned flag is preserved for reset
Shravan Rangarajuvenkata (shrarang) [Fri, 30 Oct 2020 19:11:29 +0000 (19:11 +0000)]
Merge pull request #2576 in SNORT/snort3 from ~KAMURTHI/snort3:ha_unit_null_ptr to master
Squashed commit of the following:
commit
5d9446101726b7d3fe40b17d5fa0318fc0e160e9
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun Oct 25 23:45:44 2020 -0400
appid: unit test to verify HA data for flow unmonitored by appid.
Masud Hasan (mashasan) [Thu, 29 Oct 2020 23:33:46 +0000 (23:33 +0000)]
Merge pull request #2584 in SNORT/snort3 from ~ARMANDAV/snort3:rna_banner to master
Squashed commit of the following:
commit
df9cb417f28ffe3d630936781d1698bd2ec27bef
Author: Arun Mandava <armandav@cisco.com>
Date: Tue Oct 27 23:13:54 2020 -0400
rna: Discover banner on service version or response events
Masud Hasan (mashasan) [Thu, 29 Oct 2020 20:00:13 +0000 (20:00 +0000)]
Merge pull request #2589 in SNORT/snort3 from ~MASHASAN/snort3:log_tid to master
Squashed commit of the following:
commit
79590d9aa276ef75ad2d58ec0b5772fe852a43ef
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Oct 27 15:17:04 2020 -0400
thread_config: Show thread id when logging binding information
Mike Stepanek (mstepane) [Thu, 29 Oct 2020 19:02:45 +0000 (19:02 +0000)]
Merge pull request #2587 in SNORT/snort3 from ~THOPETER/snort3:h2i14 to master
Squashed commit of the following:
commit
813cf2836d88aaff8f3dd6735dc1a8c04000cadb
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Oct 28 18:07:52 2020 -0400
http2_inspect: multi-segment reassemble discard bug fix
Mike Stepanek (mstepane) [Wed, 28 Oct 2020 15:46:44 +0000 (15:46 +0000)]
Merge pull request #2555 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp2_rebase to master
Squashed commit of the following:
commit
cc9826e066395ea0c703c29dd4572853561e24f8
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Oct 14 10:46:52 2020 -0400
http2_inspect: perform hpack decoding on push_promise frames
Mike Stepanek (mstepane) [Wed, 28 Oct 2020 13:56:37 +0000 (13:56 +0000)]
Merge pull request #2575 in SNORT/snort3 from ~THOPETER/snort3:h2i13 to master
Squashed commit of the following:
commit
0a30ffd77476eb92a410880dbb53769f37496fd1
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Oct 8 19:17:09 2020 -0400
http2_inspect: Data frame redesign
Naveen Gujje (ngujje) [Wed, 28 Oct 2020 05:24:57 +0000 (05:24 +0000)]
Merge pull request #2411 in SNORT/snort3 from ~KBHANDAN/snort3:cant_drop_keep_flow to master
Squashed commit of the following:
commit
6e55f9f908a913e223d29a5dc7c6722a15927437
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Wed Aug 19 15:09:58 2020 -0400
flow: do not remove the flow during pruning/reload during IPS event with block action
Masud Hasan (mashasan) [Wed, 28 Oct 2020 00:00:27 +0000 (00:00 +0000)]
Merge pull request #2580 in SNORT/snort3 from ~ARMANDAV/snort3:rna_banner to master
Squashed commit of the following:
commit
ce08354fcfaf79ee973c489c1ad439fa34657fe5
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Oct 15 20:58:37 2020 -0400
rna: Support banner discovery
Masud Hasan (mashasan) [Tue, 27 Oct 2020 20:18:11 +0000 (20:18 +0000)]
Merge pull request #2582 in SNORT/snort3 from ~DAVMCPHE/snort3:rna_host_type_log_mac to master
Squashed commit of the following:
commit
373c4aec7507a879b7564900c0f462a6badc667d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Oct 23 09:38:39 2020 -0400
rna: log src mac from packet containing CDP message when host type change event is generated
Michael Altizer (mialtize) [Tue, 27 Oct 2020 19:55:27 +0000 (19:55 +0000)]
Merge pull request #2583 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_4 to master
Squashed commit of the following:
commit
8f13561e286e5c834a75c2ef71c24ff8bdd0058e
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 27 14:14:27 2020 -0400
build: Generate and tag 3.0.3 build 4
Bhagya Tholpady (bbantwal) [Tue, 27 Oct 2020 17:05:43 +0000 (17:05 +0000)]
Merge pull request #2522 in SNORT/snort3 from ~OSERHIIE/snort3:custom_vars_wo_suffixes to master
Squashed commit of the following:
commit
368ff259fb2f0e37e297dd82b46ce71a2bbfc1e2
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Sep 24 19:48:37 2020 +0300
ips: move IPS variables to sub-tables which designates type
* main: snort supports ips.variables.nets/.paths/.ports tables to specify custom variables regardless suffixes (_PATH, _PORT, _NET and _SERVER)
* lua: update default_variables with 'nets', 'paths' and 'ports' tables in snort_defaults.lua
* managers, parser, ports: rid-off obsolete code for variables parsing relying on the suffixes
* snort_module: remove support for -S option
* tools: snort2lua converts custom variables into ips.variables.nets/.paths/.ports tables
* doc: update upgrade/differences.txt
Mike Stepanek (mstepane) [Tue, 27 Oct 2020 13:13:31 +0000 (13:13 +0000)]
Merge pull request #2573 in SNORT/snort3 from ~MDAGON/snort3:h2_inject_big to master
Squashed commit of the following:
commit
6cbee883ef13974c2fa3daf7794fda64fc743edb
Author: mdagon <mdagon@cisco.com>
Date: Tue Sep 22 15:12:36 2020 -0400
payload_injector: support page > 16k
Bhagya Tholpady (bbantwal) [Tue, 27 Oct 2020 12:41:30 +0000 (12:41 +0000)]
Merge pull request #2561 in SNORT/snort3 from ~OKHOMIAK/snort3:trace_add_timestamps to master
Squashed commit of the following:
commit
306574431a9c2ddc00edfa11f37ae29d3bd77222
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Mon Oct 12 13:18:36 2020 +0300
trace: add timestamps in trace log messages for stdout logger
Masud Hasan (mashasan) [Mon, 26 Oct 2020 17:44:43 +0000 (17:44 +0000)]
Merge pull request #2564 in SNORT/snort3 from ~MASHASAN/snort3:fp_tcp_cov to master
Squashed commit of the following:
commit
0548a9359cc6bd7c8438ee33ca246c57e7e622e2
Author: Masud Hasan <mashasan@cisco.com>
Date: Sun Oct 18 12:33:23 2020 -0400
rna: Adding unit-tests for tcp fingerprint methods
Mike Stepanek (mstepane) [Mon, 26 Oct 2020 15:48:32 +0000 (15:48 +0000)]
Merge pull request #2570 in SNORT/snort3 from ~MDAGON/snort3:doc_react2 to master
Squashed commit of the following:
commit
5a8126c7228ba454e3e187e2f524e3b8bf6de5a7
Author: mdagon <mdagon@cisco.com>
Date: Wed Oct 21 10:43:04 2020 -0400
actions: react supports HTTP/2
Mike Stepanek (mstepane) [Mon, 26 Oct 2020 15:45:07 +0000 (15:45 +0000)]
Merge pull request #2571 in SNORT/snort3 from ~MDAGON/snort3:react2 to master
Squashed commit of the following:
commit
83f8deb2a7dd18a555f348ae36cf4ee81da612fe
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 28 14:15:25 2020 -0400
actions: react supports HTTP/2
Michael Altizer (mialtize) [Fri, 23 Oct 2020 19:57:39 +0000 (19:57 +0000)]
Merge pull request #2574 in SNORT/snort3 from ~MIALTIZE/snort3:zero_init to master
Squashed commit of the following:
commit
d544e08894a7286b156c886e13c1df1c88b62492
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 23 15:10:34 2020 -0400
src: Clean up zero-initialization of arrays
Michael Altizer (mialtize) [Fri, 23 Oct 2020 18:30:33 +0000 (18:30 +0000)]
Merge pull request #2572 in SNORT/snort3 from ~MIALTIZE/snort3:osx to master
Squashed commit of the following:
commit
0e9e61caa01b08858aa35b4210d4f28bbe054c45
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 23 13:49:02 2020 -0400
build: Various build fixes for OS X
Michael Altizer (mialtize) [Fri, 23 Oct 2020 16:02:07 +0000 (16:02 +0000)]
Merge pull request #2560 in SNORT/snort3 from ~OSERHIIE/snort3:wunused_private_field_fix to master
Squashed commit of the following:
commit
becffddb7df47b21e89766fee3c1d7b5eadd970c
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Oct 21 20:06:58 2020 +0300
appid: fix -Wunused-private-field Clang warning in service_state.h
Bhagya Tholpady (bbantwal) [Fri, 23 Oct 2020 10:54:45 +0000 (10:54 +0000)]
Merge pull request #2563 in SNORT/snort3 from ~OSHUMEIK/snort3:module_of_list_type to master
Squashed commit of the following:
commit
11e56a92ba84f1a3dfb8c7a5a370a889207fe9fc
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Oct 20 16:14:22 2020 +0300
module: fix modules that accept their configuration as a list
The following modules accept their configuration as a list:
FileConnectorModule
TcpConnectorModule
SideChannelModule
commit
683ba5fc7849a3e92991634e4a3f5e34180fb069
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Oct 21 14:29:36 2020 +0300
framework: fix ConnectorConfig dtor to be virtual
Bhargava Jandhyala (bjandhya) [Fri, 23 Oct 2020 05:21:16 +0000 (05:21 +0000)]
Merge pull request #2556 in SNORT/snort3 from ~NEHASH4/snort3:file_capture_crash to master
Squashed commit of the following:
commit
84f72acbf7af1616816bc32330db415f73706eef
Author: Neha Sharma <nehash4@cisco.com>
Date: Thu Oct 15 07:25:33 2020 -0400
file_api: file_mempool deletion removed
Michael Altizer (mialtize) [Thu, 22 Oct 2020 17:48:05 +0000 (17:48 +0000)]
Merge pull request #2567 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_3 to master
Squashed commit of the following:
commit
7831cf47677e9dcc582b749506a3c8ac4511e907
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Oct 22 13:12:40 2020 -0400
build: Generate and tag 3.0.3 build 3
commit
3825914a2ec69fbafc36f821698e98a9f80b9996
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Oct 22 12:58:02 2020 -0400
doc: Tweak the template regex in get_differences.rb
commit
eb26281082e259f883394785728215eff7217d38
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Oct 22 11:29:11 2020 -0400
style: Clean up accumulated tabs and trailing whitespace
Bhagya Tholpady (bbantwal) [Wed, 21 Oct 2020 13:55:05 +0000 (13:55 +0000)]
Merge pull request #2544 in SNORT/snort3 from ~SVLASIUK/snort3:snort_upgrade_doc to master
Squashed commit of the following:
commit
67d68cd61b13cf5c10f0e19a1df3923c064576a4
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon Oct 12 18:38:49 2020 +0300
snort2lua: update comments for deleted rule_state options
Bhagya Tholpady (bbantwal) [Tue, 20 Oct 2020 23:51:03 +0000 (23:51 +0000)]
Merge pull request #2534 in SNORT/snort3 from ~SELYSENK/snort3:wizard_dump_config to master
Squashed commit of the following:
commit
c9a30bcd84350ec29b7e05a10dadf0740605a25d
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Oct 8 16:35:43 2020 +0300
dump_config: don't print names for list elements
Steve Chew (stechew) [Tue, 20 Oct 2020 20:33:48 +0000 (20:33 +0000)]
Merge pull request #2527 in SNORT/snort3 from ~STECHEW/snort3:ips_infinite_loop to master
Squashed commit of the following:
commit
acc6832a9d351f2376404f3be7596c29e93993f8
Author: Steve Chew <stechew@cisco.com>
Date: Thu Oct 1 15:45:47 2020 -0400
ips_options: Fix retry calculation in IPS content when handling "within" field.
Masud Hasan (mashasan) [Tue, 20 Oct 2020 19:22:05 +0000 (19:22 +0000)]
Merge pull request #2535 in SNORT/snort3 from ~SMINUT/snort3:host_cache_delete to master
Squashed commit of the following:
commit
32ab85e5f1d63379315b7af44570c31b397b5f08
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Oct 8 16:24:16 2020 -0400
host_cache: delete host, network protocol, transport protocol, client, service, tcp fingerprint and user agent fingerprint commands
host_tracker: implement client and server delete commands
Steve Chew (stechew) [Tue, 20 Oct 2020 18:15:24 +0000 (18:15 +0000)]
Merge pull request #2558 in SNORT/snort3 from ~SBAIGAL/snort3:ftps_fix_datach to master
Squashed commit of the following:
commit
1afc79c97017e8d5b26ced00f6c4e868a4669066
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Oct 19 15:05:31 2020 -0400
ftp_data: add can_start_tls() support and generate ssl search abandoned event for unencrypted data channels
Bhagya Tholpady (bbantwal) [Tue, 20 Oct 2020 17:52:37 +0000 (17:52 +0000)]
Merge pull request #2521 in SNORT/snort3 from ~SELYSENK/snort3:trace_segfault to master
Squashed commit of the following:
commit
dcb8788f355a62d51885ee1d399a7cab90f4ed45
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Mon Oct 5 17:26:20 2020 +0300
trace: skip trace reload if no initial config present
Masud Hasan (mashasan) [Mon, 19 Oct 2020 20:34:31 +0000 (20:34 +0000)]
Merge pull request #2545 in SNORT/snort3 from ~MMATIRKO/snort3:payload_disco_2 to master
Squashed commit of the following:
commit
926aadab5dd20e0373a92b425d31fae49a4385e8
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Oct 8 16:26:44 2020 -0400
rna: change logic for payload discovery, eventing
Michael Altizer (mialtize) [Mon, 19 Oct 2020 19:07:21 +0000 (19:07 +0000)]
Merge pull request #2557 in SNORT/snort3 from ~MIALTIZE/snort3:default_variables to master
Squashed commit of the following:
commit
1a8c1d7df4088bf0db4531f71ebd8ed21b1396e4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Oct 19 12:19:57 2020 -0400
lua: Use default IPS variables in the default config
Shravan Rangarajuvenkata (shrarang) [Mon, 19 Oct 2020 18:46:43 +0000 (18:46 +0000)]
Merge pull request #2542 in SNORT/snort3 from ~KAMURTHI/snort3:posix_tar_archive to master
Squashed commit of the following:
commit
eceedb48a0ab5f7eeb8e6d5cde64b103dd299b74
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Oct 12 00:45:07 2020 -0400
file-magic: Update POSIX tar archive pattern
Shravan Rangarajuvenkata (shrarang) [Fri, 16 Oct 2020 19:44:41 +0000 (19:44 +0000)]
Merge pull request #2550 in SNORT/snort3 from ~SATHIRKA/snort3:continue_inspection_after_tp to master
Squashed commit of the following:
commit
de757ccedcdc38e0b9f718bf62f64c5814abe5bc
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Oct 14 14:54:00 2020 -0400
appid: Continue appid inspection after third-party identifies an application
Cynthia Leonard (cyleonar) [Fri, 16 Oct 2020 18:54:26 +0000 (18:54 +0000)]
Merge pull request #2554 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master
Squashed commit of the following:
commit
ac3e739769eacb12b31ca004b1ec2caea5ca5e8e
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Fri Oct 16 01:29:39 2020 -0400
Revert "Merge pull request #2541 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master"
This reverts commit
09e1a0e14d0c4db64dbcd20f8899a9b9c45b7524 .
Mike Stepanek (mstepane) [Fri, 16 Oct 2020 13:27:27 +0000 (13:27 +0000)]
Merge pull request #2540 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp1 to master
Squashed commit of the following:
commit
27d03d91f9629cd4565cfb17ebaf3b85fac978d0
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Oct 9 10:00:19 2020 -0400
http2_inspect: handle stream creation for push promise frames
Mike Stepanek (mstepane) [Fri, 16 Oct 2020 12:28:25 +0000 (12:28 +0000)]
Merge pull request #2552 in SNORT/snort3 from ~NIHDESAI/snort3:pim to master
Squashed commit of the following:
commit
d80d48ee5341b105dbef5069a44a9c2f57bb8cc9
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Oct 14 06:50:39 2020 -0400
codecs: remove PIM and Mobility from bad protocol lists
Shravan Rangarajuvenkata (shrarang) [Fri, 16 Oct 2020 00:38:43 +0000 (00:38 +0000)]
Merge pull request #2551 in SNORT/snort3 from ~SHRARANG/snort3:appid_tpconn_reset_on_reload to master
Squashed commit of the following:
commit
f699f86be852c8896e9f3cc08a4e8c1fafa10575
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Oct 14 15:02:11 2020 -0400
appid: do not reset third-party session after third-party reload
Michael Altizer (mialtize) [Fri, 16 Oct 2020 00:02:51 +0000 (00:02 +0000)]
Merge pull request #2483 in SNORT/snort3 from ~SUNIMUKH/snort3:vrf_ph2 to master
Squashed commit of the following:
commit
a6066ad3964cd8f9e9287421bf3e74784e8606d5
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Fri Sep 18 05:34:39 2020 -0400
packet: Added two new apis to parse ingress/egress group from packet's daq pkt_hdr
commit
4be4fe1d00366a6783c0983721e3664aa49d95ca
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Sep 14 10:03:31 2020 -0400
appid: Added service group and asid in AppIdServiceStateKey
commit
be8a7e982bed5463972190d148280e69e2a27238
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Sep 14 09:59:01 2020 -0400
port_scan: Added group and asid in PS_HASH_KEY
commit
4de20e74a208b9a21db3cb53edfff35f85f4d340
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Sep 14 09:57:54 2020 -0400
dce_rpc: Added ingress/egress group and asid in SmbFlowKey, Smb2SidHashKey to identify a smb session uniquely
commit
857248ede6fe26bc02cd3fd8b5e1e5a0c4c6b4a2
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Sep 14 09:56:43 2020 -0400
file_api: Added ingress/egress group and asid in FileHashKey
Masud Hasan (mashasan) [Thu, 15 Oct 2020 23:10:10 +0000 (23:10 +0000)]
Merge pull request #2549 in SNORT/snort3 from ~MASHASAN/snort3:ua_event to master
Squashed commit of the following:
commit
e26bdf00b147ed0568fce9c4ebf7861b228b5e78
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Oct 13 21:54:03 2020 -0400
rna: Logging user-agent device information
Davis McPherson (davmcphe) [Thu, 15 Oct 2020 20:15:22 +0000 (20:15 +0000)]
Merge pull request #2538 in SNORT/snort3 from ~DAVMCPHE/snort3:meta_morph to master
Squashed commit of the following:
commit
8e6a6017236ac10f430ff63943a55c49d0b03c9c
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 22 19:38:00 2020 -0400
meta: dump full rule field
commit
f5b89821cac206abb95feea466be8fb39b5983a3
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 22 17:43:44 2020 -0400
meta: do not dump elided header fields or default message
commit
82e448aa2afe8dfe39acdc7177421b92c14a8066
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 22 17:42:59 2020 -0400
meta: dump missing port field
Pranav Bhalerao (prbhaler) [Thu, 15 Oct 2020 16:55:18 +0000 (16:55 +0000)]
Merge pull request #2548 in SNORT/snort3 from ~PRBHALER/snort3:ssh to master
Squashed commit of the following:
commit
434768b6747f526cf6907936b3ff35c3427cbd88
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Wed Oct 14 12:14:35 2020 -0400
ssh: fixing code indentation and CI breakage.
Cynthia Leonard (cyleonar) [Thu, 15 Oct 2020 09:40:12 +0000 (09:40 +0000)]
Merge pull request #2541 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master
Squashed commit of the following:
commit
7ced046818da05917d2df20779f3c493967aa2a4
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Sun Aug 9 23:58:02 2020 -0400
codec: support for overlapping ip in different groups
Naveen Gujje (ngujje) [Thu, 15 Oct 2020 09:18:07 +0000 (09:18 +0000)]
Merge pull request #2553 in SNORT/snort3 from ~SUNIMUKH/snort3:initialised_flag_bits to master
Squashed commit of the following:
commit
d86c2711afd226a9969e97b2cd258a430e601bed
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Thu Oct 15 02:36:43 2020 -0400
stream: Initialised flow key's flags.ubits with 0
Mike Stepanek (mstepane) [Wed, 14 Oct 2020 21:09:57 +0000 (21:09 +0000)]
Merge pull request #2546 in SNORT/snort3 from ~MDAGON/snort3:doc_react to master
Squashed commit of the following:
commit
17ec2015da0064afcb2a166fb43ae8e4ef669934
Author: mdagon <mdagon@cisco.com>
Date: Mon Oct 12 12:30:12 2020 -0400
actions: update react section
Mike Stepanek (mstepane) [Wed, 14 Oct 2020 21:09:01 +0000 (21:09 +0000)]
Merge pull request #2547 in SNORT/snort3 from ~MDAGON/snort3:react to master
Squashed commit of the following:
commit
0fa4392bc933cb6a8c8c65d1dc4378ed87f881df
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 28 14:15:25 2020 -0400
actions: use payload_injector for react
Masud Hasan (mashasan) [Wed, 14 Oct 2020 16:39:10 +0000 (16:39 +0000)]
Merge pull request #2543 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_bad_meta_ack to master
Squashed commit of the following:
commit
e92e548a1d23179ecdd14ffc76ec9148580f4158
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Oct 12 16:11:00 2020 -0400
stream_tcp: don't attempt to drop 'meta_ack packets', there is no wire packet for these acks
Pranav Bhalerao (prbhaler) [Wed, 14 Oct 2020 03:28:37 +0000 (03:28 +0000)]
Merge pull request #2505 in SNORT/snort3 from ~PRBHALER/snort3:CSCvv22127 to master
Squashed commit of the following:
commit
af592ee2c72291609f0d8cb27589fd8c9b438d20
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Mon Sep 28 12:47:38 2020 -0400
ssh: ssh splitter implementation
Ron Dempster (rdempste) [Tue, 13 Oct 2020 17:25:10 +0000 (17:25 +0000)]
Merge pull request #2537 in SNORT/snort3 from ~SMINUT/snort3:get_tcp_fp_fix to master
Squashed commit of the following:
commit
b8177da6c546efe84744390069c38246f2b9cdb2
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Oct 13 08:28:00 2020 -0400
rna: condition reload tuner registration on get_inspector()
commit
392001e0d190628e0af4eda1eaa6c1c3cb857208
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Oct 9 22:53:25 2020 -0400
rna: move registration of reload tuner to configure()
Naveen Gujje (ngujje) [Tue, 13 Oct 2020 06:43:03 +0000 (06:43 +0000)]
Merge pull request #2492 in SNORT/snort3 from ~KBHANDAN/snort3:whd to master
Squashed commit of the following:
commit
7cebab7b8118ab1539a7b1845f2d4b53ad2b74e8
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Sun Sep 20 18:36:46 2020 -0400
flow: stale and deleted flows due to EOF should generate would have dropped event
Davis McPherson (davmcphe) [Mon, 12 Oct 2020 15:51:50 +0000 (15:51 +0000)]
Merge pull request #2532 in SNORT/snort3 from ~ARMANDAV/snort3:rna_user to master
Squashed commit of the following:
commit
bd6b9da8be8e3f6de3fd612b60a0c3b72ad517bb
Author: Arun Mandava <armandav@cisco.com>
Date: Wed Oct 7 11:53:46 2020 -0400
rna: Change ip to client instead of server for login events
Michael Altizer (mialtize) [Sat, 10 Oct 2020 04:02:57 +0000 (04:02 +0000)]
Merge pull request #2281 in SNORT/snort3 from ~SUNIMUKH/snort3:vrf to master
Squashed commit of the following:
commit
63ed78206af167a874dbfd549c438758a7745e33
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Sep 15 08:22:50 2020 -0400
packet_tracer: Added groups in logging based on inter_group_flow flag
commit
3efd70273253ac1321493bdce224093ddcd46f8c
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon Sep 7 16:29:56 2020 -0400
build: Updates for libdaq changes introduced inter_group_flow in flow stats
commit
43d306ac769ff4f5eb798e70f7afc4f754a3c16d
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Mon May 4 13:56:38 2020 -0400
flow: Added source/dest group id in flow key to identify a session uniquely
Bhagya Tholpady (bbantwal) [Fri, 9 Oct 2020 16:36:58 +0000 (16:36 +0000)]
Merge pull request #2406 in SNORT/snort3 from ~BBANTWAL/snort3:lua_snort_version to master
Squashed commit of the following:
commit
84c77e479426a68fc09faf91e43eab75fe5338b5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Oct 8 15:39:26 2020 -0400
managers: Delete obsolete variable parsing code
commit
d914f1df3c109b3c6de79be2f7ad30a3f8c7a15c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Oct 8 15:38:56 2020 -0400
managers: Skip snort_set lua function for non-table top level keys in finalize.lua
commit
5ae145f0d4dedd3bf129de4fdc42404a50734105
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Oct 8 15:38:16 2020 -0400
main: Add lua variables for snort version and build
Bhagya Tholpady (bbantwal) [Fri, 9 Oct 2020 14:22:46 +0000 (14:22 +0000)]
Merge pull request #2533 in SNORT/snort3 from ~OSHUMEIK/snort3:n_fix to master
Squashed commit of the following:
commit
e08dc554e97ea7f23ac08df37ebb4515c89e47ae
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Oct 8 14:22:20 2020 +0300
trace: refactor the test code
Removing the warning of kind '-Wextra-semi-stmt'.
Fixing the trace pointers type.
Bhagya Tholpady (bbantwal) [Thu, 8 Oct 2020 18:54:13 +0000 (18:54 +0000)]
Merge pull request #2503 in SNORT/snort3 from ~OKHOMIAK/snort3:ipv4_codec_seed_fix to master
Squashed commit of the following:
commit
e78a4bc6b5663229ec919a626ad8c942c0d3734e
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Mon Sep 28 11:54:51 2020 +0300
utils: add a generic function to get random seeds
If std::random_device fails with an exception,
the system clock is used as an alternative source.
Michael Altizer (mialtize) [Wed, 7 Oct 2020 19:00:02 +0000 (19:00 +0000)]
Merge pull request #2531 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_2 to master
Squashed commit of the following:
commit
930eedee00095c97b70df46b59eebe48d9360fa9
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Oct 7 13:03:59 2020 -0400
build: Generate and tag 3.0.3 build 2
Ron Dempster (rdempste) [Tue, 6 Oct 2020 22:00:14 +0000 (22:00 +0000)]
Merge pull request #2530 in SNORT/snort3 from ~RDEMPSTE/snort3:rrt to master
Squashed commit of the following:
commit
9b53cbafd6645a86e1665d53f58cd614e0773d74
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 19:06:46 2020 -0400
rna: Update rna to use instance based reload tuner
commit
c217dfd4694b63b5e2ff5967afc6d817b720c964
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:57:22 2020 -0400
stream: Update stream to use instance based reload tuner
commit
bb8a5b14ba4c136adfbe629a8a877c7c4260f6b5
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:39:37 2020 -0400
port_scan: Update port scan to use instance based reload tuner
commit
23d389d7f2b10e63d1107672e49ec2ce569055f4
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:39:14 2020 -0400
perf_monitor: Update perf monitor to use instance based reload tuner
commit
32e23d8e8731580f396924a000e0ccdcccbcdea9
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:38:50 2020 -0400
appid: Update appid to use instance based reload tuner
commit
395f4974a4f0613546dc03002e7b270add17b48b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Oct 6 12:54:04 2020 -0400
host_tracker: Update host tracker to use instance based reload tuner
commit
a5d808b82e0e68d8b2979fa765e608ded4e397c5
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:37:44 2020 -0400
main: Update host attribute class to use instance based reload tuner
commit
2746eb3fdf7e2e0125770237bb53af94f5ec3324
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Oct 5 18:36:26 2020 -0400
main: Change reload memcap framework to use object instances
Michael Altizer (mialtize) [Tue, 6 Oct 2020 20:54:26 +0000 (20:54 +0000)]
Merge pull request #2494 in SNORT/snort3 from ~MIALTIZE/snort3:binder_rework to master
Squashed commit of the following:
commit
c7420f49c5918ac276b666c5740997b3cefe85fe
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 18 15:40:17 2020 -0400
binder: Allow binding based on address spaces
commit
37dc13fc0a0d9ebc1653daab256218dfa1690203
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 18 15:40:17 2020 -0400
binder: Allow directional binding based on interfaces
commit
9fdb963c5382952289f45a5c84a3f12389ecd988
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 18 15:40:17 2020 -0400
binder: Enforce directionality, add intfs, rename groups, cleanup
- The src parameters now strictly apply to the client, while the dst
parameters apply to the server. Previously, it would match in either
direction as long as all directional fields matched in a given direction.
- The zones, src_zone, and dst_zone parameters have been renamed to
groups, src_groups, and dst_groups.
- The ifaces parameter has been renamed to intfs.
- Intfs and groups can now handle the full range of legal values (int32
and int16, respectively).
- When role is used in a session binding, it will now only apply the
session inspector binding to the side of the conversation associated
with the role. (Previously, it would apply the session inspector to
both sides.)
- Binder configuration validation has gotten a bit stricter and more
informative in the case of violations.
commit
f6cc5b21bfbc4a0cbbedb2f57ce09f5c0623df87
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Sep 18 15:40:17 2020 -0400
normalizer: Move TTL configuration toggle to inspector configure()
This prevents non-deterministic behavior influenced by the order of the
network and normalizer module configurations being parsed from Lua.
Bhagya Tholpady (bbantwal) [Tue, 6 Oct 2020 18:09:20 +0000 (18:09 +0000)]
Merge pull request #2520 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_ut to master
Squashed commit of the following:
commit
9cdf32b0307311ce02f67caf0524b047f2a96db2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 29 11:32:03 2020 +0300
trace: update parser unit tests
commit
6de816f12b0e1ca6ad1b511b3c02de0039f22fe1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Sep 30 11:40:18 2020 +0300
framework: update packet constraints comparison to check only set fields
Steve Chew (stechew) [Tue, 6 Oct 2020 15:54:05 +0000 (15:54 +0000)]
Merge pull request #2528 in SNORT/snort3 from ~DERAMADA/snort3:fix_inspection_clone to master
Squashed commit of the following:
commit
8c1be3ae06b4c6e3e60e738433aebb36edfec81c
Author: deramada <deramada@cisco.com>
Date: Fri Oct 2 12:52:51 2020 -0400
policy: copy uuid, user_policy_id, and policy_mode when an inspection policy is cloned
Masud Hasan (mashasan) [Tue, 6 Oct 2020 14:38:46 +0000 (14:38 +0000)]
Merge pull request #2529 in SNORT/snort3 from ~MASHASAN/snort3:ua_improvement to master
Squashed commit of the following:
commit
f47078b773d829aadba1199d139fb48801eafa04
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Oct 5 13:32:22 2020 -0400
rna: Checking user-agent processor early to skip some works
Masud Hasan (mashasan) [Mon, 5 Oct 2020 23:30:21 +0000 (23:30 +0000)]
Merge pull request #2517 in SNORT/snort3 from ~MMATIRKO/snort3:payload_disco to master
Squashed commit of the following:
commit
e7492a2d30552ee06fd9739e04c3411dbb58fe6f
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Sep 24 15:15:57 2020 -0400
rna: add payload discovery logic
Masud Hasan (mashasan) [Mon, 5 Oct 2020 21:15:01 +0000 (21:15 +0000)]
Merge pull request #2524 in SNORT/snort3 from ~SMINUT/snort3:fp_proc to master
Squashed commit of the following:
commit
dd6cf66f0414833b39cf2691b8c11c71f9b4bc8d
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Oct 1 17:03:09 2020 -0400
rna: set the thread local fingerprint processors during reload_config
Masud Hasan (mashasan) [Mon, 5 Oct 2020 21:03:19 +0000 (21:03 +0000)]
Merge pull request #2525 in SNORT/snort3 from ~ARMANDAV/snort3:rna_client_username to master
Squashed commit of the following:
commit
96f5c71451caa4bed79b5d6a2d8410ea11ae9a32
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Oct 1 16:54:40 2020 -0400
rna: User discovery for successful login
commit
31414872a2d2354ef17ac4c1a371c704eea40a3b
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Sep 3 18:07:49 2020 -0400
appid: Create events for client user name, id and login success
Mike Stepanek (mstepane) [Mon, 5 Oct 2020 20:30:20 +0000 (20:30 +0000)]
Merge pull request #2514 in SNORT/snort3 from ~KATHARVE/snort3:fix_padding to master
Squashed commit of the following:
commit
e6e7fc65e4a104851bf523a427a3186b71d26197
Author: Katura Harvey <katharve@cisco.com>
Date: Sun Sep 27 15:36:22 2020 -0400
http2_inspect: fix frame padding handling
Shravan Rangarajuvenkata (shrarang) [Mon, 5 Oct 2020 19:00:08 +0000 (19:00 +0000)]
Merge pull request #2502 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_port_CSCvd99154 to master
Squashed commit of the following:
commit
0b172b4fe1149658914d104eecb084a6601de14c
Author: cljudge <cljudge@cisco.com>
Date: Thu Sep 24 05:38:41 2020 -0400
pop: Generate alert for unknown command if file policy is attached.
Shravan Rangarajuvenkata (shrarang) [Mon, 5 Oct 2020 17:15:58 +0000 (17:15 +0000)]
Merge pull request #2523 in SNORT/snort3 from ~SHRARANG/snort3:appid_hyperscan2 to master
Squashed commit of the following:
commit
10daec6eded4cc3b3543835d618b1cf5c5c4e05d
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Sep 28 16:05:54 2020 -0400
appid: reload detector patterns on reload_config for the sake of hyperscan
Bhagya Tholpady (bbantwal) [Mon, 5 Oct 2020 15:13:35 +0000 (15:13 +0000)]
Merge pull request #2504 in SNORT/snort3 from ~SVLASIUK/snort3:rule_state_cleanup to master
Squashed commit of the following:
commit
1d46cc8fea3a37a18dc4c6dc1dbd882796131760
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Oct 1 18:42:11 2020 +0300
snort2lua: convert rule_state into ips.states
commit
2c87618a426b72b58f52300b3928014e166832e3
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Oct 1 18:39:22 2020 +0300
main: remove deprecated rule_state module
Shravan Rangarajuvenkata (shrarang) [Fri, 2 Oct 2020 20:57:36 +0000 (20:57 +0000)]
Merge pull request #2526 in SNORT/snort3 from ~SATHIRKA/snort3:tp_reload_idle_prune to master
Squashed commit of the following:
commit
ade3c12d86fec754e94b5651710d4bebbe696561
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Sep 28 15:05:59 2020 -0400
appid: inform third-party about snort's idle state during reload
Masud Hasan (mashasan) [Fri, 2 Oct 2020 20:06:31 +0000 (20:06 +0000)]
Merge pull request #2515 in SNORT/snort3 from ~SMINUT/snort3:df to master
Squashed commit of the following:
commit
670911caddab0665fc9148a1e58897b12fd7d538
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Sep 29 16:49:22 2020 -0400
framework: remove unused dont_fragment() from DecodeData
Michael Altizer (mialtize) [Fri, 2 Oct 2020 19:53:21 +0000 (19:53 +0000)]
Merge pull request #2509 in SNORT/snort3 from ~MIALTIZE/snort3:wiz_parsing to master
Squashed commit of the following:
commit
b7580013b4c9669bc53ca4ab702750844a3716d3
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Oct 1 13:59:10 2020 -0400
wizard: Clean up parameter parsing and make it a bit stricter
- Fixes Lua implementation-specific ordering dependency of parameter
parsing for spells and hexes.
- Adds parse errors for spells and hexes that are missing services or
patterns.
Masud Hasan (mashasan) [Fri, 2 Oct 2020 17:18:59 +0000 (17:18 +0000)]
Merge pull request #2513 in SNORT/snort3 from ~DAVMCPHE/snort3:rna_host_type_discovery to master
Squashed commit of the following:
commit
52c06b3d7bc98f14eddab2d70efa5fe8df3a486a
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Sep 16 15:50:43 2020 -0400
rna: port host type discovery logic
Masud Hasan (mashasan) [Thu, 1 Oct 2020 21:55:32 +0000 (21:55 +0000)]
Merge pull request #2506 in SNORT/snort3 from ~MASHASAN/snort3:ua_decode to master
Squashed commit of the following:
commit
0343181337ee84cbbd963a4f7e64165b8a743083
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Sep 25 15:15:29 2020 -0400
rna: Updating methods for user-agent processor
Masud Hasan (mashasan) [Thu, 1 Oct 2020 14:40:55 +0000 (14:40 +0000)]
Merge pull request #2519 in SNORT/snort3 from ~MMATIRKO/snort3:os_fix to master
Squashed commit of the following:
commit
c15937d1dc3c00f172cde8f1f91110477488bd1d
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Sep 30 14:56:04 2020 -0400
rna: add event_time to rna logger events
Mike Stepanek (mstepane) [Tue, 29 Sep 2020 18:39:38 +0000 (18:39 +0000)]
Merge pull request #2512 in SNORT/snort3 from ~THOPETER/snort3:h2i7 to master
Squashed commit of the following:
commit
20251de1765966cdef9a47dc8ee04787024e0578
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Sep 25 16:07:34 2020 -0400
http2_inspect: free up HI flow data when we are finished with it
Masud Hasan (mashasan) [Tue, 29 Sep 2020 13:40:27 +0000 (13:40 +0000)]
Merge pull request #2501 in SNORT/snort3 from ~SMINUT/snort3:decode_flags to master
Squashed commit of the following:
commit
b8abccac60ea75793729bb63472adad9c932773f
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Sep 25 10:31:14 2020 -0400
framework: fix dont_fragment() function
Pranav Bhalerao (prbhaler) [Tue, 29 Sep 2020 05:51:40 +0000 (05:51 +0000)]
Merge pull request #2463 in SNORT/snort3 from ~ABHPAL/snort3:feature/custom_xff_header_support to master
Squashed commit of the following:
commit
7aec7eef7656af547f44efe8fcd9ab1dcb31a948
Author: Abhijit Pal <abhpal@cisco.com>
Date: Mon Sep 7 08:01:04 2020 -0400
http_inspect: support for custom xff type headers
Steve Chew (stechew) [Mon, 28 Sep 2020 20:48:32 +0000 (20:48 +0000)]
Merge pull request #2398 in SNORT/snort3 from ~SBAIGAL/snort3:http_connect to master
Squashed commit of the following:
commit
350263720dd444e39a318419804cfc4b90d31911
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Aug 12 13:56:06 2020 -0400
http_inspect: implement can_start_tls(), add support of ssl search abandoned event
Mike Stepanek (mstepane) [Mon, 28 Sep 2020 19:58:16 +0000 (19:58 +0000)]
Merge pull request #2500 in SNORT/snort3 from ~THOPETER/snort3:h2i6 to master
Squashed commit of the following:
commit
e7e8f2c22e796db2fe55cc202f02a55f2c76bf80
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Sep 15 19:49:55 2020 -0400
http2_inspect: stream state tracking
Bhagya Tholpady (bbantwal) [Fri, 25 Sep 2020 17:37:39 +0000 (17:37 +0000)]
Merge pull request #2477 in SNORT/snort3 from ~OKHOMIAK/snort3:update_s5_trace to master
Squashed commit of the following:
commit
ec9f6a8e1b7deb16e663fac1c5f38c085f06136d
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Tue Sep 8 12:34:45 2020 +0300
stream_tcp: update trace messages to use trace framework
Michael Altizer (mialtize) [Wed, 23 Sep 2020 17:03:40 +0000 (17:03 +0000)]
Merge pull request #2499 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_1 to master
Squashed commit of the following:
commit
f1a6b94c2cb4e71fd6448b38bb17038c4f8d7392
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Sep 23 11:44:08 2020 -0400
build: Generate and tag 3.0.3 build 1
Michael Altizer (mialtize) [Tue, 22 Sep 2020 21:13:50 +0000 (21:13 +0000)]
Merge pull request #2475 in SNORT/snort3 from ~SVLASIUK/snort3:cmake_build_type to master
Squashed commit of the following:
commit
14d2ee0a319e3daa93d256ef5067a94ddf583378
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Sep 11 23:27:18 2020 +0300
cmake: support cmake build type configuration
Mike Stepanek (mstepane) [Tue, 22 Sep 2020 19:38:56 +0000 (19:38 +0000)]
Merge pull request #2489 in SNORT/snort3 from ~MDAGON/snort3:push_promise to master
Squashed commit of the following:
commit
6d0b51f16b635cae70a2a143e07bacd8b672e909
Author: mdagon <mdagon@cisco.com>
Date: Fri Sep 18 13:35:20 2020 -0400
payload_injector: don't inject if stream id is even
Bhargava Jandhyala (bjandhya) [Tue, 22 Sep 2020 17:09:39 +0000 (17:09 +0000)]
Merge pull request #2486 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala to master
Squashed commit of the following:
commit
965d734d3a7b16cfa0bffd96e37f02a103942270
Author: krishnakanth <vkambala@cisco.com>
Date: Thu Sep 17 05:50:32 2020 -0400
dce_rpc: Handling Compound requests for upload
Steve Chew (stechew) [Tue, 22 Sep 2020 03:47:14 +0000 (03:47 +0000)]
Merge pull request #2484 in SNORT/snort3 from ~SHASLAD/snort3:netflow_cache to master
Squashed commit of the following:
commit
405d47d61009943346d438ba86788ba44ebded7b
Author: Shashi Lad <shaslad@cisco.com>
Date: Tue Sep 15 00:21:35 2020 -0400
netflow: cache support and more v5 decoding
Masud Hasan (mashasan) [Tue, 22 Sep 2020 01:00:39 +0000 (01:00 +0000)]
Merge pull request #2474 in SNORT/snort3 from ~ARMANDAV/snort3:rna_service to master
Squashed commit of the following:
commit
45fe15c3bfa63927ccb6d9cedb486ebae9f5b739
Author: Arun Mandava <armandav@cisco.com>
Date: Mon Sep 21 15:10:43 2020 -0400
rna: Service discovery with multiple vendor and version support
Shravan Rangarajuvenkata (shrarang) [Mon, 21 Sep 2020 23:50:36 +0000 (23:50 +0000)]
Merge pull request #2490 in SNORT/snort3 from ~SATHIRKA/snort3:tp_reload_prune to master
Squashed commit of the following:
commit
b0b8a306141597733b5361c88650c1f6bdb4fde9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Sep 14 09:35:36 2020 -0400
appid: Check third party context version while deleting connections
Russ Combs (rucombs) [Mon, 21 Sep 2020 22:58:00 +0000 (22:58 +0000)]
Merge pull request #2461 in SNORT/snort3 from ~RUCOMBS/snort3:fb1 to master
Squashed commit of the following:
commit
74da689cbda24e7aeb634f85c6bcdc8b08166ec3
Author: russ <rucombs@cisco.com>
Date: Sun Sep 13 18:44:03 2020 -0400
ac_bnfa: disable broken fail state reduction
Given sids 1 and 2 with contents |BB CC DD| and |AA BB| respectively,
only sid 2 would fire for buffer |AA BB CC DD|. This change increases
chasing your fail states for the sake of correctness. For best
performance, prefer hyperscan or, failing that, ac_full.
commit
46ef119fb723a68b016e12593a940b253bdbd404
Author: russ <rucombs@cisco.com>
Date: Mon Sep 14 17:56:19 2020 -0400
search_engine: fix peg type for max_queued
commit
f424d598d7d3a02e3333a79718768391ffe1fe71
Author: russ <rucombs@cisco.com>
Date: Tue Sep 15 11:28:20 2020 -0400
profiler: fix issue where flushed pattern matches caused rule_eval to be profiled under mpse
commit
227d230faf4c4b3fa0d4ead38ccc1873e09f2067
Author: russ <rucombs@cisco.com>
Date: Sun Sep 6 14:24:03 2020 -0400
flowbits: evaluate checkers after setters for fast pattern matches
Simplified flowbits sequencing that ensures that checkers (isset,
isnotset) are evaluated after changers (set, unset). This solves a
common problem for Talos rules, particularly with file identity flow
bits.
* Any fast-pattern rule with a check is guaranteed to be evaluated after
any rule that does not have a check.
* Flowbits sequencing for rules that both change and check is undefined.
* No change for non-fast-pattern rules. Non-fast-pattern rules are
always evaluated after fast pattern rules, but flowbits sequencing among
non-fast-pattern rules is still undefined.
* Sequencing applies for any given call to detect, which notably means
PDUs and raw packets are processed separately.
* Only the first rule in a tree is used to categorize the tree as a
checker or non-checker. Hyperscan results in exactly one rule per tree
so only the builtin MPSE have the first rule limitation.
Shravan Rangarajuvenkata (shrarang) [Mon, 21 Sep 2020 19:49:28 +0000 (19:49 +0000)]
Merge pull request #2470 in SNORT/snort3 from ~PRDAMODH/snort3:S7COMMPLUS-V3HEADER to master
Squashed commit of the following:
commit
3c718aa3078496b0bf0ff1fd7a8cce723ca24a8a
Author: Pradeep Damodharan <prdamodh@cisco.com>
Date: Thu Sep 10 09:01:40 2020 -0400
S7commplus : V3 header support
Masud Hasan (mashasan) [Mon, 21 Sep 2020 19:02:28 +0000 (19:02 +0000)]
Merge pull request #2485 in SNORT/snort3 from ~MASHASAN/snort3:ua_fp to master
Squashed commit of the following:
commit
b363e332c5bca6a23f0d434171c2ebeb8f1bd79a
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Sep 15 13:09:27 2020 -0400
rna: Supporting user agent fingerprints
Masud Hasan (mashasan) [Mon, 21 Sep 2020 13:46:44 +0000 (13:46 +0000)]
Merge pull request #2404 in SNORT/snort3 from ~MMATIRKO/snort3:rna_cov to master
Squashed commit of the following:
commit
f777a2f58edf5204ea4fa470d1220e80095fcdb9
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Aug 17 12:11:33 2020 -0400
rna: add unit test to validate VLAN handling
Mike Stepanek (mstepane) [Mon, 21 Sep 2020 12:53:54 +0000 (12:53 +0000)]
Merge pull request #2480 in SNORT/snort3 from ~KATHARVE/snort3:h2i_bug to master
Squashed commit of the following:
commit
84f09f6257a9f9af151b8526c94166c713fbb134
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Sep 8 12:03:09 2020 -0400
http2_inspect: fix how implement_reassemble uses frame_type
projects / thirdparty / snort3.git / log
