]>
git.ipfire.org Git - thirdparty/snort3.git/log
Michael Altizer [Wed, 21 Aug 2019 18:02:23 +0000 (14:02 -0400)]
build: Generate and tag build 254
Michael Altizer (mialtize) [Mon, 19 Aug 2019 19:31:44 +0000 (15:31 -0400)]
Merge pull request #1681 in SNORT/snort3 from ~NEHASH4/snort3:CLI_DAQ_ANALYZER to master
Squashed commit of the following:
commit
92a97c04e110ddcf808fb0be4052d960ffba6699
Author: Neha Sharma <nehash4@cisco.com>
Date: Mon Aug 19 13:51:06 2019 -0400
analyzer_command: Import into snort namespace and add the ability to retrieve the DAQ instance from an Analyzer
Davis McPherson (davmcphe) [Sat, 17 Aug 2019 13:11:24 +0000 (09:11 -0400)]
Merge pull request #1709 in SNORT/snort3 from ~DDAHIPHA/snort3:reload_adjust_memcaps to master
Squashed commit of the following:
commit
5dd84ba87aebf1d021a4b1d16fdc866dc932fc69
Author: Devendra Dahiphale <ddahipha@cisco.com>
Date: Tue Aug 13 15:13:36 2019 -0400
main: Implement reload memcap framework
Michael Altizer [Thu, 15 Aug 2019 18:41:01 +0000 (14:41 -0400)]
time: Make TscClock fail to compile on non-x86/AArch64 systems
Shravan Rangarajuvenkata (shrarang) [Thu, 15 Aug 2019 14:30:29 +0000 (10:30 -0400)]
Merge pull request #1711 in SNORT/snort3 from ~SHRARANG/snort3:appid_discovery_ut_fix to master
Squashed commit of the following:
commit
dfbad8d2ee4434a1469deabf5ec2b9a5725ddbc4
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Aug 14 19:25:44 2019 -0400
appid: fix for discovery unit tests
Shravan Rangarajuvenkata (shrarang) [Wed, 14 Aug 2019 18:01:10 +0000 (14:01 -0400)]
Merge pull request #1710 in SNORT/snort3 from ~SHRARANG/snort3:appid_discovery_ut_fix to master
Squashed commit of the following:
commit
001260b7442e31e52de22676a5fe9a28f5f69f9c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Aug 14 11:07:07 2019 -0400
appid: fix discovery unit test that was failing intermittently
Steve Chew (stechew) [Tue, 13 Aug 2019 19:03:51 +0000 (15:03 -0400)]
Merge pull request #1702 in SNORT/snort3 from ~BBANTWAL/snort3:ftp_resume_block to master
Squashed commit of the following:
commit
4f8f260b315d4150cc7817c37cf52cf6d0bf85a4
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Jul 29 09:59:26 2019 -0400
ftp_telnet: add support for ftp file resume block by calculating path hash used as file id
Mike Stepanek (mstepane) [Tue, 13 Aug 2019 13:44:59 +0000 (09:44 -0400)]
Merge pull request #1707 in SNORT/snort3 from ~THOPETER/snort3:nhttp124 to master
Squashed commit of the following:
commit
27b030443d276768e16bf92b5768e8f919796765
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 30 12:21:47 2019 -0400
http2_inspect: add HI test tool
Mike Stepanek (mstepane) [Tue, 13 Aug 2019 13:26:21 +0000 (09:26 -0400)]
Merge pull request #1708 in SNORT/snort3 from ~KATHARVE/snort3:file_event to master
Squashed commit of the following:
commit
ae5ed70fc70d303bea716effcd6d4a66fb6d05a8
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Aug 2 13:46:19 2019 -0400
file_api: generate events each time file is seen, not just first time
Shravan Rangarajuvenkata (shrarang) [Mon, 12 Aug 2019 23:26:37 +0000 (19:26 -0400)]
Merge pull request #1690 in SNORT/snort3 from ~KAMURTHI/snort3:BitTorrent-interval-check to master
Squashed commit of the following:
commit
fd2215d74037b7c5c4f5af1bd7613d24b9775539
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu Jul 25 12:15:05 2019 -0400
appid: support for bittorrent detection when UDP tracker packet arrives after the TCP resumed session has already started
Mike Stepanek (mstepane) [Mon, 12 Aug 2019 18:53:51 +0000 (14:53 -0400)]
Merge pull request #1704 in SNORT/snort3 from ~MMATIRKO/snort3:iprep_monitor to master
Squashed commit of the following:
commit
3e2f96ca0c53ebc5fa0df542a5b1df32be37e9df
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Aug 2 16:48:10 2019 -0400
reputation: Fixed issues with reputation monitor
Davis McPherson (davmcphe) [Fri, 9 Aug 2019 13:56:13 +0000 (09:56 -0400)]
Merge pull request #1697 in SNORT/snort3 from ~PSHINDE2/snort3:port_sfxhash to master
Squashed commit of the following:
commit
6dd6e2dd11ee71ff13fa93664fa9b3baecf1460c
Author: Pratik Shinde <pshinde2@cisco.com>
Date: Thu Aug 1 16:00:57 2019 -0400
xhash: Ported sfxhash_change_memcap() from snort2 to snort3
George Koikara (gkoikara) [Thu, 8 Aug 2019 09:08:21 +0000 (05:08 -0400)]
Merge pull request #1639 in SNORT/snort3 from ~PSREENAT/snort3:cst to master
Squashed commit of the following:
commit
d84f9984ea8e3c851e35d15a1a2e1523abca9da3
Author: Prajwal Srinivas Sreenath <psreenat@cisco.com>
Date: Mon Jun 3 12:54:48 2019 -0400
flow: introduced variable for handling idle session timeouts and flag for actively pruning flows based on the expire_time
stream: updated the protocol setup and process logic of TCP,UDP,IP,ICMP and USER sessions for setting and updating idle session timeouts
George Koikara (gkoikara) [Thu, 8 Aug 2019 08:39:46 +0000 (04:39 -0400)]
Merge pull request #1698 in SNORT/snort3 from ~SMULKA/snort3:flow_log to master
Squashed commit of the following:
commit
117341d9134b8fd2d99b6bc81089fd5e3cb0dcc6
Author: smulka <smulka@cisco.com>
Date: Fri Aug 2 06:45:07 2019 -0400
flow: serviceability log
Mike Stepanek (mstepane) [Wed, 7 Aug 2019 20:47:27 +0000 (16:47 -0400)]
Merge pull request #1700 in SNORT/snort3 from ~KATHARVE/snort3:0_byte_workaround to master
Squashed commit of the following:
commit
83d922a1dc71b2f874e32ed35d2692598b3bc31a
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 30 13:37:30 2019 -0400
http_inspect: remove 0-byte workaround
Amarnath Sathyanarayanan (amsathya) [Wed, 7 Aug 2019 18:05:47 +0000 (14:05 -0400)]
Merge pull request #1705 in SNORT/snort3 from ~AMSATHYA/snort3:identity_plugin to master
Squashed commit of the following:
commit
bb548cd89a07db9e05bdc0c67a8b424b55a4758c
Author: Ruiqi Tian <rutian@cisco.com>
Date: Mon Aug 5 20:04:06 2019 -0400
snort2lua: add identity section from firewall settings
Russ Combs (rucombs) [Fri, 2 Aug 2019 19:41:18 +0000 (15:41 -0400)]
Merge pull request #1682 in SNORT/snort3 from ~BRASTULT/snort3:ber to master
Squashed commit of the following:
commit
946ac40b14e4d79b740f31ce7589134e6fe77a68
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jul 5 18:43:10 2019 -0400
ips_options: add ber_data and ber_skip
George Koikara (gkoikara) [Fri, 2 Aug 2019 07:31:53 +0000 (03:31 -0400)]
Merge pull request #1652 in SNORT/snort3 from ~SMULKA/snort3:clean_stale_flow to master
Squashed commit of the following:
commit
51287fcbe9cef0d1018d30adb8a30fb54b7cc614
Author: smulka <smulka@cisco.com>
Date: Fri Jul 5 08:36:00 2019 -0400
flow: delete stale flow on receiving NEW_FLOW flag
Russ Combs (rucombs) [Wed, 31 Jul 2019 20:02:23 +0000 (16:02 -0400)]
Merge pull request #1695 in SNORT/snort3 from ~SMINUT/snort3:host_cache_restore to master
Squashed commit of the following:
commit
2c14aae82bd89276c312d31455ec645b3e998efb
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jul 30 17:14:02 2019 -0400
hash: add back size(), get_max_size() and remove() functions to lru_cache_shared.
hash: add unit test for explicitly testing get / set max size.
hash: fix style
Davis McPherson (davmcphe) [Wed, 31 Jul 2019 15:55:02 +0000 (11:55 -0400)]
Merge pull request #1668 in SNORT/snort3 from ~DAVMCPHE/snort3:single_flowCache to master
Squashed commit of the following:
commit
9ba243badce51f88109251156be8efaf97ff1c3c
Author: Devendra Dahiphale <ddahipha@cisco.com>
Date: Sun Jun 30 03:36:52 2019 -0400
Flow: make a single flow cache for all the protocols
flow: refactor flow config object to work with single flow cache concept
flow: if no 'get_ssn' handler configured then skip processing of the flow
flow: release session object allocated for a flow when the Flow object is reused and the PktType of the new flow is different from the previous use
stream: update checks for modified stream config to work with updates to stream config options
flow: refactor uni list managment into a separate class and instantiate an instance for ip flows and another for all non-ip flows
snort2lua: Combine proto specific cache options for max_session in one max_flows option
Russ Combs (rucombs) [Tue, 30 Jul 2019 23:02:05 +0000 (19:02 -0400)]
Merge pull request #1683 in SNORT/snort3 from ~RUCOMBS/snort3:stream_order to master
Squashed commit of the following:
commit
38f074eb0b674fc12887f3b866881885ea4159b9
Author: russ <rucombs@cisco.com>
Date: Sun Jul 21 12:31:36 2019 -0400
stream_tcp: fix 3-1-2 ordering markup
Davis McPherson (davmcphe) [Tue, 30 Jul 2019 19:16:43 +0000 (15:16 -0400)]
Merge pull request #1686 in SNORT/snort3 from ~SBAIGAL/snort3:noack_api to master
Squashed commit of the following:
commit
aae5c979ba07cd80103d0a5c05acbefca4840bfe
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jul 18 15:30:44 2019 -0400
stream_tcp: add API for switching no_ack mode
add assert to make sure the session is tcp
Mike Stepanek (mstepane) [Tue, 30 Jul 2019 16:04:59 +0000 (12:04 -0400)]
Merge pull request #1694 in SNORT/snort3 from ~MASHASAN/snort3:wizard_host_cache to master
Squashed commit of the following:
commit
0c6bdabbfea675104681c4b13ed7ba33acd5344d
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jul 29 13:55:00 2019 -0400
wizard: Avoiding host cache service insertion since we are using flow service
Amarnath Sathyanarayanan (amsathya) [Mon, 29 Jul 2019 23:09:31 +0000 (19:09 -0400)]
Merge pull request #1693 in SNORT/snort3 from ~AMSATHYA/snort3:identity_plugin to master
Squashed commit of the following:
commit
d75324ae893f9f11fb46af80bd9605dbaba1d54a
Author: haow3 <haow3@cisco.com>
Date: Fri Jul 26 16:51:56 2019 -0400
flow: add virtual destructor to stash generic object
Shravan Rangarajuvenkata (shrarang) [Mon, 29 Jul 2019 22:51:53 +0000 (18:51 -0400)]
Merge pull request #1689 in SNORT/snort3 from ~SATHIRKA/snort3:port_service to master
Squashed commit of the following:
commit
de926e3175877734017a6fb84939171ef326cfd7
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Jul 29 10:23:10 2019 -0400
Refactoring code
commit
c5dfddd9350be50a0c71b168f27aa838963a638d
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jul 24 10:38:19 2019 -0400
appid: Fix for app name not getting evaluated for port/protocol based detectors
Shravan Rangarajuvenkata (shrarang) [Mon, 29 Jul 2019 22:51:11 +0000 (18:51 -0400)]
Merge pull request #1634 in SNORT/snort3 from ~KAMURTHI/snort3:MySQL-Non-std-port to master
Squashed commit of the following:
commit
71a85486671a4148e910d1a8d299876fc1f0d080
Author: cljudge <cljudge@cisco.com>
Date: Thu Jun 6 08:38:17 2019 -0400
appid: delay port-based detection until a non-zero payload packe is seen for the session
Mike Stepanek (mstepane) [Mon, 29 Jul 2019 20:16:30 +0000 (16:16 -0400)]
Merge pull request #1685 in SNORT/snort3 from ~SMINUT/snort3:pcre_peg_counts to master
Squashed commit of the following:
commit
8efc8f5a2de33908a9dd5094f088e06b371e6997
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Jul 18 09:59:13 2019 -0400
pcre: add peg counts for PCRE_ERROR_MATCHLIMIT and PCRE_ERROR_RECURSIONLIMIT return status from pcre_exec().
Mike Stepanek (mstepane) [Mon, 29 Jul 2019 16:35:43 +0000 (12:35 -0400)]
Merge pull request #1691 in SNORT/snort3 from ~MASHASAN/snort3:refactor_host_cache to master
Squashed commit of the following:
commit
8226ab4c2662a508d291efb2527777364cbaac6b
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Jul 26 01:44:02 2019 -0400
host_cache: Refactoring code to fix multithreading issues and to remove redundancy
Michael Altizer (mialtize) [Fri, 26 Jul 2019 22:32:29 +0000 (18:32 -0400)]
Merge pull request #1688 in SNORT/snort3 from ~MIALTIZE/snort3:msg_meta to master
Squashed commit of the following:
commit
719c0784502cea317152659ae8e16e2f9ea29b9b
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jul 12 21:19:47 2019 -0400
codec: Adapt to new DAQ message metadata source for Real IP/port info
Mike Stepanek (mstepane) [Fri, 26 Jul 2019 20:14:27 +0000 (16:14 -0400)]
Merge pull request #1687 in SNORT/snort3 from ~MIREDDEN/snort3:huffman_rebased to master
Squashed commit of the following:
commit
4a07fd650fbe3cbd5f67c93af793653270704e79
Author: mdagon <mdagon@cisco.com>
Date: Wed Jul 10 08:51:33 2019 -0400
http2: huffman string decode
lookup table, first level only
Michael Altizer (mialtize) [Fri, 26 Jul 2019 14:14:44 +0000 (10:14 -0400)]
Merge pull request #1677 in SNORT/snort3 from ~BBANTWAL/snort3:finalize_packet_verdict_modify to master
Squashed commit of the following:
commit
52f14c12c27d30ee6cc92edad09ae57420b8f5a1
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Jul 15 22:12:27 2019 -0400
finalize_packet: pass verdict by reference
Mike Stepanek (mstepane) [Wed, 24 Jul 2019 20:40:07 +0000 (16:40 -0400)]
Merge pull request #1676 in SNORT/snort3 from ~MASHASAN/snort3:host_discovery to master
Squashed commit of the following:
commit
6ac57a71278abff483a23d296384f3d0d25a13b7
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jul 15 12:13:45 2019 -0400
rna: Add new hosts with IP-address into host cache
Michael Altizer [Mon, 22 Jul 2019 04:48:12 +0000 (00:48 -0400)]
build: Fix miscellaneous cppcheck warnings
Michael Altizer (mialtize) [Thu, 18 Jul 2019 10:59:14 +0000 (06:59 -0400)]
Merge pull request #1666 in SNORT/snort3 from ~YSAIRAM/snort3:iha to master
Squashed commit of the following:
commit
4c012d6cc44655bab71ece1dc52c480ad8aa1e0a
Author: Y Sairam <ysairam@cisco.com>
Date: Thu Jul 11 21:39:39 2019 -0400
flow: Bypass ha write for unsupported Tunnel flows
Mike Stepanek (mstepane) [Wed, 17 Jul 2019 14:39:36 +0000 (10:39 -0400)]
Merge pull request #1679 in SNORT/snort3 from ~MSTEPANE/snort3:build_258 to master
Squashed commit of the following:
commit
b96f253230c9b1e079a6172cfd4648e64d9b2091
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jul 17 09:02:44 2019 -0400
build: 258
Mike Stepanek (mstepane) [Tue, 16 Jul 2019 16:09:02 +0000 (12:09 -0400)]
Merge pull request #1675 in SNORT/snort3 from ~SMINUT/snort3:stack_size to master
Squashed commit of the following:
commit
51c4290811365b46aca3d7e5ef3b6985060c9bce
Author: Silviu Minut <sminut@cisco.com>
Date: Mon Jul 15 09:47:03 2019 -0400
pcre: cap the pcre_match_limit_recursion based on the stack size available.
Davis McPherson (davmcphe) [Mon, 15 Jul 2019 18:06:50 +0000 (14:06 -0400)]
Merge pull request #1673 in SNORT/snort3 from ~DERAMADA/snort3:revert_stash_changes to master
Squashed commit of the following:
commit
0cacc8ab500b966c9d23ec819255f4bb77f94b7c
Author: deramada <deramada@cisco.com>
Date: Fri Jul 12 11:23:12 2019 -0400
Revert "Merge pull request #1593 in SNORT/snort3 from ~DERAMADA/snort3:appid_stash_store to master"
This reverts commit
1880af5f2b31ed968fc4a790384720d560acec1c .
Mike Stepanek (mstepane) [Mon, 15 Jul 2019 15:23:09 +0000 (11:23 -0400)]
Merge pull request #1658 in SNORT/snort3 from ~THOPETER/snort3:nhttp122 to master
Squashed commit of the following:
commit
db33060f5d83ad0b2a625abd8287df6073469f84
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 11 13:35:16 2019 -0400
http_inspect: perf improvements
commit
37f170ddc1320c6d3bb3eff11a80cd2c21bff1c0
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jun 7 10:22:43 2019 -0400
http_inspect: send headers to detection separately
Russ Combs (rucombs) [Mon, 15 Jul 2019 14:01:02 +0000 (10:01 -0400)]
Merge pull request #1649 in SNORT/snort3 from ~STECHEW/snort3:noack_policy1 to master
Squashed commit of the following:
commit
96cde40bbaef426256e5d5607c4f042033df22a9
Author: Steve Chew <stechew@cisco.com>
Date: Tue Jun 18 04:23:40 2019 -0400
stream_tcp: Add no-ack policy to handle flows that have no ACKs for data.
no_ack: Purge segment list withouth waiting for ack when using no_ack feature.
updated purge segment list fix for no_ack feature
updated some comments
Mike Stepanek (mstepane) [Fri, 12 Jul 2019 17:14:05 +0000 (13:14 -0400)]
Merge pull request #1667 in SNORT/snort3 from ~MDAGON/snort3:hpack_string to master
Squashed commit of the following:
commit
74d40186fe6b3dd1207eb70e621e966de29051df
Author: mdagon <mdagon@cisco.com>
Date: Wed Jul 3 12:04:12 2019 -0400
http2: hpack string decode
Michael Altizer (mialtize) [Fri, 12 Jul 2019 16:16:03 +0000 (12:16 -0400)]
Merge pull request #1672 in SNORT/snort3 from ~MASHASAN/snort3:host_tracker_warnings to master
Squashed commit of the following:
commit
3c652147665c5381f469165409a4c4c8caf59eb2
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Jul 12 10:49:49 2019 -0400
host_cache: Closing va_list after usage using va_end
Mike Stepanek (mstepane) [Thu, 11 Jul 2019 10:51:54 +0000 (06:51 -0400)]
Merge pull request #1665 in SNORT/snort3 from ~MASHASAN/snort3:host_cache_dump to master
Squashed commit of the following:
commit
363786e572c5274704c3c34355e5e01c694082ca
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed Jul 3 09:08:41 2019 -0400
host_cache: Adding command and config option to dump hosts
George Koikara (gkoikara) [Fri, 5 Jul 2019 04:40:20 +0000 (00:40 -0400)]
Merge pull request #1623 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_eof to master
Squashed commit of the following:
commit
af18eb5c0005d65a1c4879d74dbfa80f736e81b8
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Fri May 17 07:01:05 2019 -0400
stream: add convenient method for flow deletion
Russ Combs (rucombs) [Thu, 4 Jul 2019 18:21:22 +0000 (14:21 -0400)]
Merge pull request #1660 in SNORT/snort3 from ~BRASTULT/snort3:talos_tweak_fix to master
Squashed commit of the following:
commit
1e557dca3a03f375d932d3ba14bed27aea7957ad
Author: Brandon Stultz <brastult@cisco.com>
Date: Sun Jun 30 19:12:46 2019 -0400
talos.lua: various fixes for command line usage
- lua: optionally include local.rules in talos tweak, set snaplen
- main: move talos tweak settings to lua, set default pcap-filter
- parser: fix -R by clearing includer when parsing s_aux_rules
- packet_io: set default pcap-filter
russ [Thu, 4 Jul 2019 18:26:52 +0000 (14:26 -0400)]
Squashed commit of the following:
commit
90bacc16fa036bd678c47a51898a0e247a4659cf
Author: russ <rucombs@cisco.com>
Date: Thu Jul 4 10:32:46 2019 -0400
profiler: include onload/offload efforts in mpse
commit
280854ff2229555fb893a409a62725d31ed403ed
Author: russ <rucombs@cisco.com>
Date: Wed Jul 3 21:52:09 2019 -0400
detection: reduce hard number of contexts to work with pcap default
commit
8eb020e4470c568039b89e12ae29f5b8a625cec3
Author: russ <rucombs@cisco.com>
Date: Wed Jul 3 12:25:53 2019 -0400
profiler: refactor
commit
656e280fc09d1d06c379dfc94fe2b905b79ba03c
Author: russ <rucombs@cisco.com>
Date: Sun Jun 30 13:54:38 2019 -0400
profiler: implement general exclusion
The profiler module has been reworked for performance and accuracy.
There is now a single level (default build) and no need to specify
exclusions. When a new scope is entered, the existing scope if any
is paused and then resumed when the new scope exits. The "total"
root is now implemented internally and fixed at total packets and
total runtime. The difference from that and the sum of all root
children is given in other.
Mike Stepanek (mstepane) [Tue, 2 Jul 2019 17:24:36 +0000 (13:24 -0400)]
Merge pull request #1659 in SNORT/snort3 from ~MDAGON/snort3:hpack_int to master
Squashed commit of the following:
commit
1aa88db8a750eb3efc4a66b0483cb515a60d613e
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 20 16:42:53 2019 -0400
http2: decode HPACK uint
Steve Chew (stechew) [Tue, 2 Jul 2019 16:13:20 +0000 (12:13 -0400)]
Merge pull request #1656 in SNORT/snort3 from ~SBAIGAL/snort3:ignore_vlan to master
Squashed commit of the following:
commit
59ee334a4e7e69b19bd8a25e8462b2a2005a0534
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Jun 25 14:04:58 2019 -0400
codec: add support of ignore_vlan flag from daq header
updated to skip vlan header process when ignore_vlan flag was set
Michael Altizer (mialtize) [Mon, 1 Jul 2019 19:53:12 +0000 (15:53 -0400)]
Merge pull request #1662 in SNORT/snort3 from ~DERAMADA/snort3:fix_flow_stash_header to master
Squashed commit of the following:
commit
afb1391d7e42c5ffad9e74f34452ed2fe9a4585a
Author: deramada <deramada@cisco.com>
Date: Mon Jul 1 14:26:30 2019 -0400
appid: fix header order in appid_session
commit
12bd60e2cb543727d0a55ddb94d96415d262378a
Author: deramada <deramada@cisco.com>
Date: Mon Jul 1 14:23:48 2019 -0400
flow: remove config.h from flow_stash_keys
Mike Stepanek (mstepane) [Mon, 1 Jul 2019 14:15:54 +0000 (10:15 -0400)]
Merge pull request #1593 in SNORT/snort3 from ~DERAMADA/snort3:appid_stash_store to master
Squashed commit of the following:
commit
51382ddd1e26171b1a1ca0973ff950d1e073aa5c
Author: deramada <deramada@cisco.com>
Date: Mon Apr 29 15:49:05 2019 -0400
appid: use stash to store flow attributes
russ [Sun, 30 Jun 2019 04:04:55 +0000 (00:04 -0400)]
Squashed commit of the following:
commit
f1e74ea89089c180ee2ed823daa009d19954b922
Author: russ <rucombs@cisco.com>
Date: Sat Jun 29 17:49:25 2019 -0400
profiler: convert ips options to use optional profiles
Avoid the perf hit and double counting (with rule_eval) for detection
options with normal builds. Not deleted since it could be helpful
to see individual options in some cases despite the issues. Due to a
bug, this is commented out but should be made a build option once
fixed.
commit
b06b0aebed47a2f8676346e4a7c3dcb2dd522f75
Author: russ <rucombs@cisco.com>
Date: Thu Jun 27 10:28:44 2019 -0400
profiler: split out paf from stream_tcp
PAF (Protocol Aware Flushing) is the delegation by stream_tcp of flush point
determination by service inspectors which encapsulate PDU analysis. This
change splits out the scanning portion of the PAF interface. Reassembly
will be dealt with later. http_inspect will be the biggest contributor to
PAF since it front-loads considerable to the scanning phase.
commit
9dfdc6c399eddd925185e4a0e1dbeec1df91ba5d
Author: russ <rucombs@cisco.com>
Date: Wed Jun 26 21:36:37 2019 -0400
profiler: track DAQ message receives and finalizes
commit
8ec66593d58130bca89071a2d4a2a0429af57223
Author: russ <rucombs@cisco.com>
Date: Wed Jun 26 17:28:57 2019 -0400
profiler: eliminate deep profiling
Deep profiling creates broken totals, impacts performance, and is not a
good substitute for actual profiling with gprof etc. Furthermore, shallow
profiling (ie a single bucket per component and subsystem) provides enough
information to tune Snort effectively.
Russ Combs (rucombs) [Fri, 28 Jun 2019 03:44:43 +0000 (23:44 -0400)]
Merge pull request #1657 in SNORT/snort3 from ~BRASTULT/snort3:fast_pattern_fix to master
Squashed commit of the following:
commit
af403f7092a7a4f2d71a70b7a5d8d75cb23b80f3
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Jun 25 11:42:42 2019 -0400
detection: on PDUs change search order to set check_ports correctly
George Koikara (gkoikara) [Thu, 27 Jun 2019 15:31:07 +0000 (11:31 -0400)]
Merge pull request #1642 in SNORT/snort3 from ~KBHANDAN/snort3:ha to master
Squashed commit of the following:
commit
2ba9df6b36c5f614106d178f3ab2d56d399640e4
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Tue Jun 11 07:49:28 2019 -0400
flow: Fixes for DAQ-backed HA implementation
George Koikara (gkoikara) [Thu, 27 Jun 2019 10:02:43 +0000 (06:02 -0400)]
Merge pull request #1597 in SNORT/snort3 from ~POAWASTH/snort3:HA to master
Squashed commit of the following:
commit
ec4a4fbf906685e5ed48e9b8d9a2b37848ac16f9
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Mon Jun 3 04:25:04 2019 -0400
high_availability: high availability support in Snort2Lua
commit
921d334faceea4b4b3d0050a809f6b27add2b43f
Merge:
f33a1a3b0d fc765be03d
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Thu Jun 20 01:02:06 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
f33a1a3b0d6c129a5ed60fa840cd135155151340
Merge:
8f33e02bbf 0f1bfa63a2
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Tue Jun 18 01:30:18 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
8f33e02bbf85b66976c9b033c76d60975feea419
Merge:
ef5462a197 5f54ed99ca
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Mon Jun 17 01:47:17 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
ef5462a19724068d4f30ab47145a111e1398a449
Merge:
354a0f43b3 728c88e590
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed Jun 12 01:52:57 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
354a0f43b30341dc8bbc0feeae7ee7f11289976c
Merge:
05771d2a9d 2a063bd7fc
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Mon Jun 3 04:26:16 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
05771d2a9d7fabe20dbef9998346ac2d932b84ee
Merge:
ea74ebefe4 35d4b98423
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Fri May 24 14:22:51 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
ea74ebefe459505932e9633ecc58acf86f72afb1
Merge:
b05e64d3f4 514211db93
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Fri May 24 04:42:35 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
b05e64d3f4c7e0be9946a6b94ef38227a5b93962
Merge:
fd54dd4c67 683220535f
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Mon May 20 13:24:12 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
fd54dd4c67b610c1fb2b9a8fee809c49e6275fac
Merge:
3be4b6fd38 91d81bb4c4
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed May 15 01:18:15 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
3be4b6fd38ba5133795559ed5a696912d11fbf76
Merge:
49e4495f9d 2c994c4987
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Fri May 10 02:29:14 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
49e4495f9d094c0978465aef4694a0689cc9331b
Merge:
7875fdda54 51c6942a68
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed May 8 00:42:12 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
7875fdda543729688243daf17d28ab1de9a5291a
Merge:
0bf526d1f8 42f72b3882
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Mon May 6 11:36:04 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
0bf526d1f8b4c02bed19fd6a649c70268ec5ff00
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed May 1 13:09:08 2019 -0400
Revert "ha: Precommit for snort2lua Changes"
This reverts commit
b26b0b5b6f08b641b49c4ac4cc7c1e426a362ca1 .
commit
3bb98944144ae4d780ec26fa77e81f2ed9f06f84
Merge:
b26b0b5b6f a62e18d8c1
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed May 1 12:46:20 2019 -0400
Merge branch 'master' of ssh://bitbucket-eng-rtp1.cisco.com:7999/~poawasth/snort3
commit
b26b0b5b6f08b641b49c4ac4cc7c1e426a362ca1
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Wed May 1 12:40:48 2019 -0400
ha: Precommit for snort2lua Changes
Mike Stepanek (mstepane) [Wed, 26 Jun 2019 22:39:52 +0000 (18:39 -0400)]
Merge pull request #1655 in SNORT/snort3 from ~AMSATHYA/snort3:identity_plugin to master
Squashed commit of the following:
commit
c02b0069cf999ed917432358ee7df8c5734b0bf0
Author: haow3 <haow3@cisco.com>
Date: Mon Jun 24 12:56:26 2019 -0400
flow: Extend stash to support uint32_t and make it SO_PUBLIC
russ [Mon, 24 Jun 2019 04:22:04 +0000 (00:22 -0400)]
Squashed commit of the following:
commit
46b75614846523b09bc3f0381aa23c74c4b4037c
Author: russ <rucombs@cisco.com>
Date: Fri Jun 21 22:17:05 2019 -0400
ips: refactor fast pattern searching
commit
ca549ab88276c9c1032be231ce6ab4be331c9920
Author: russ <rucombs@cisco.com>
Date: Fri Jun 21 22:16:22 2019 -0400
detection: allocate scratch after configuration
commit
1db4b7941c9b0e700f6b8c76a4718649d546678a
Author: russ <rucombs@cisco.com>
Date: Wed Jun 19 12:21:49 2019 -0400
detection: immediately onload after offloading when running regression tests
commit
aecdde54894b4e2f9eddf1e641964ef1c1dac749
Author: russ <rucombs@cisco.com>
Date: Tue Jun 4 09:44:36 2019 -0400
detection: use offload_threads = N with -z = 1
commit
bbe6eb1f255d190b6fa08fe6d9471681a430a165
Author: russ <rucombs@cisco.com>
Date: Tue Jun 4 21:26:34 2019 -0400
analyzer: 1024 contexts max is a better default until configurable
commit
45c29b39d7bdbdd3f7271d120899e14f67f8d40a
Author: russ <rucombs@cisco.com>
Date: Tue Jun 4 09:45:08 2019 -0400
detection: start offload threads before packet threads are pinned
commit
f5788a9b17cea3545c05932d365c5736c1de5b54
Author: russ <rucombs@cisco.com>
Date: Tue Jun 4 09:41:41 2019 -0400
mpse: api init and print methods are optional
commit
619b7846de7cbd1d5962c92850ba855e3ce586d6
Author: russ <rucombs@cisco.com>
Date: Sat Jun 1 13:48:43 2019 -0400
ips: add missing non-fast-pattern warning
commit
05fd308f43484b2ed79a6a9d646aa203d2d1ffdd
Author: russ <rucombs@cisco.com>
Date: Sat Jun 1 13:47:59 2019 -0400
stream_tcp: fix non-deep detect profile exclusion
commit
d141982727775c23eb0503550b4b89e77d3971a3
Author: russ <rucombs@cisco.com>
Date: Fri May 31 16:32:29 2019 -0400
snort: remove out-of-date Snort 2 version from -V
Mike Stepanek (mstepane) [Wed, 19 Jun 2019 17:26:39 +0000 (13:26 -0400)]
Merge pull request #1651 in SNORT/snort3 from ~MSTEPANE/snort3:build_257 to master
Squashed commit of the following:
commit
60a75f5d4889e6c193971c7652469265789073f2
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 19 10:55:04 2019 -0400
doc: Update docs for build 257
commit
a82da3a50629a33ba8a6e94e4c8bda0bce461dac
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 19 09:10:13 2019 -0400
build: 257
Russ Combs (rucombs) [Tue, 18 Jun 2019 23:26:17 +0000 (19:26 -0400)]
Merge pull request #1645 in SNORT/snort3 from ~RUCOMBS/snort3:regex_fix to master
Squashed commit of the following:
commit
f71a95925c043dba6f2fca7dc36480794618ea36
Author: russ <rucombs@cisco.com>
Date: Sat Jun 15 20:39:34 2019 -0400
regex: fix repeated search offset
Mike Stepanek (mstepane) [Tue, 18 Jun 2019 19:14:30 +0000 (15:14 -0400)]
Merge pull request #1646 in SNORT/snort3 from ~MASHASAN/snort3:rna_pub_sub to master
Squashed commit of the following:
commit
02d777186b7b42185154fa7d5d149ee17a2ce59a
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 14:41:32 2019 -0400
rna: Renaming peg counts and adding a warning when config changes
commit
d0a8a2c0fd70edf12a1e59bbd0b39bb71dffb7d3
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 04:09:05 2019 -0400
rna: Implementing event-driven RNA inspections
Michael Altizer (mialtize) [Tue, 18 Jun 2019 14:16:29 +0000 (10:16 -0400)]
Merge pull request #1647 in SNORT/snort3 from ~MIALTIZE/snort3:doc_daq to master
Squashed commit of the following:
commit
f30be1a8530d4f0df06b7f3a2b7e1aa997b24260
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 17 12:02:53 2019 -0400
doc: Update documentation to reflect post-DAQng reality
commit
6257bc3094a93d5015bacca04534e3e3c2f47a5e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 17 09:35:40 2019 -0400
doc: Remove perpetually out-of-date copy of LibDAQ's README
Mike Stepanek (mstepane) [Mon, 17 Jun 2019 19:15:06 +0000 (15:15 -0400)]
Merge pull request #1644 in SNORT/snort3 from ~KATHARVE/snort3:ips_policies_bug to master
Squashed commit of the following:
commit
6153c7a79d13ab80939e7763d083c966029bccfd
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jun 12 12:04:54 2019 -0400
detection: fix creation of service map to use ips policy id
Mike Stepanek (mstepane) [Mon, 17 Jun 2019 17:25:59 +0000 (13:25 -0400)]
Merge pull request #1648 in SNORT/snort3 from ~MASHASAN/snort3:doc_rna to master
Squashed commit of the following:
commit
708062a3468c2b54e7fa7c25da1727c507159db8
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 12:59:25 2019 -0400
rna: Fixing doc build failure due to asciidoc format issue
Russ Combs (rucombs) [Mon, 17 Jun 2019 00:49:06 +0000 (20:49 -0400)]
Merge pull request #1603 in SNORT/snort3 from ~BRASTULT/snort3:fp_detect_fix to master
Squashed commit of the following:
commit
4ab32a7ec9d864cf0f2874a40df203b256434769
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri May 10 01:18:44 2019 -0400
detection: on PDUs search TCP/UDP portgroups even when user_mode services exist
Russ Combs (rucombs) [Sun, 16 Jun 2019 14:59:35 +0000 (10:59 -0400)]
Merge pull request #1628 in SNORT/snort3 from ~BBANTWAL/snort3:pegcounts to master
Squashed commit of the following:
commit
46120f09f1374a79a945dcf8c14bcdaf70a16c8c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 11 10:15:18 2019 -0400
adding stats for offloader busy
commit
98821ce7200c8f1fd72476e264bc4f782a74dfd6
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 4 12:41:48 2019 -0400
adding pegcounts for context chain suspends
commit
b71215b8870e26706d2a93336dcb2be03f4012a7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 4 09:53:47 2019 -0400
detection: adding pegcounts for fallback, offload failures
commit
1ad6aa682e0d3f6faf9fb91256f322c089f754d9
Author: russ <rucombs@cisco.com>
Date: Sat Jun 1 15:54:10 2019 -0400
detection: add peg for onload wait conditions
Russ Combs (rucombs) [Sun, 16 Jun 2019 14:57:58 +0000 (10:57 -0400)]
Merge pull request #1636 in SNORT/snort3 from ~BRASTULT/snort3:relative_so to master
Squashed commit of the following:
commit
578047fa73a2e1485920e81061f7f0aeb229a592
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jun 7 14:22:06 2019 -0400
ips_options: add relative parameter to so option
Russ Combs (rucombs) [Wed, 12 Jun 2019 15:57:38 +0000 (11:57 -0400)]
Merge pull request #1616 in SNORT/snort3 from ~STECHEW/snort3:finalize_packet to master
Squashed commit of the following:
commit
04aeec5d6e2c2285419a5a9e7eff8d1ed0a2787f
Author: Steve Chew <stechew@cisco.com>
Date: Mon May 20 21:19:33 2019 -0400
analyzer: publish finalize packet event before calling finalize_message.
Mike Stepanek (mstepane) [Wed, 12 Jun 2019 12:48:03 +0000 (08:48 -0400)]
Merge pull request #1643 in SNORT/snort3 from ~MIREDDEN/snort3:smtp_fix to master
Squashed commit of the following:
commit
6cbb3b865482a90da05f150f584a457e37209f39
Author: Mike Redden <miredden@cisco.com>
Date: Wed Jun 12 07:53:18 2019 -0400
smtp: Fix handle_header_line and normalize_data unit tests
Michael Altizer (mialtize) [Wed, 12 Jun 2019 03:31:44 +0000 (23:31 -0400)]
Merge pull request #1619 in SNORT/snort3 from ~MIALTIZE/snort3:ha_daq to master
Squashed commit of the following:
commit
5aacc37644226329a02dc2637093c457614b351d
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 10 17:43:32 2019 -0400
flow: Implement storing and importing HA data via DAQ IOCTLs
This involved significant refactoring of the Flow HA code and added many
peg counts to the module. Export FlowHAClient, HighAvailabilityManager,
and FlowHAState in flow/ha.h. Specify that HA time parameters are in
seconds. The useless HA module unit tests were removed in the process.
commit
9fec6bc1993d35969c9aca4198ec0865ef7597e5
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jun 7 14:32:18 2019 -0400
check: Fix missing semicolons on CHECK calls
commit
fb6e8988fd3790f54c790110150b965a3abb456b
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue May 28 12:30:33 2019 -0400
build: Fix unused parameter warnings in unit tests
Steve Chew (stechew) [Tue, 11 Jun 2019 18:45:06 +0000 (14:45 -0400)]
Merge pull request #1635 in SNORT/snort3 from ~SBAIGAL/snort3:icmp_u2log_fix to master
Squashed commit of the following:
commit
4aadd43f4a78c1e78ef2c1847098f090b6502108
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 7 15:51:43 2019 -0400
icmp4: verify checksum before the type validation
Mike Stepanek (mstepane) [Tue, 11 Jun 2019 16:31:36 +0000 (12:31 -0400)]
Merge pull request #1641 in SNORT/snort3 from ~MASHASAN/snort3:inspector_null_check to master
Squashed commit of the following:
commit
7104df70e6370eb212c787186011ebd6148594d8
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 10 22:41:19 2019 -0400
stream_ip: Checking null inspector while updating session
Mike Stepanek (mstepane) [Tue, 11 Jun 2019 14:58:04 +0000 (10:58 -0400)]
Merge pull request #1640 in SNORT/snort3 from ~MDAGON/snort3:smtp_fix to master
Squashed commit of the following:
commit
5aae8d1c8a125cc53a58efcee29035739a666d7a
Author: mdagon <mdagon@cisco.com>
Date: Wed Jun 5 11:36:13 2019 -0400
smtp: pass packet pointer instead of nullptr to SMTP_CopyToAltBuffer
Mike Stepanek (mstepane) [Thu, 6 Jun 2019 20:12:26 +0000 (16:12 -0400)]
Merge pull request #1629 in SNORT/snort3 from ~THOPETER/snort3:nhttp121 to master
Squashed commit of the following:
commit
1d76e71bc035d419559cdb56b39eee2c3309f39b
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 4 16:49:41 2019 -0400
http_inspect: test tool enhancement
Michael Altizer (mialtize) [Tue, 4 Jun 2019 15:12:44 +0000 (11:12 -0400)]
Merge pull request #1618 in SNORT/snort3 from ~SBAIGAL/snort3:perf_mon_analyzer_fix to master
Squashed commit of the following:
commit
ad4244beb09c4a56e10c6751c0ae51bd81fdeaa2
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue May 28 09:29:19 2019 -0400
perf_mon: removed flow_ip_handler from PerfMonitor
Keep the ip event handler at databus, disable ip tracker from a thread will not lead to delete ip data handler from databus
Mike Stepanek (mstepane) [Tue, 4 Jun 2019 14:31:39 +0000 (10:31 -0400)]
Merge pull request #1621 in SNORT/snort3 from ~THOPETER/snort3:merge4 to master
Squashed commit of the following:
commit
67ff9e50695a75b8fe2e9505620b091f624aef16
Author: Tom Peters <thopeter@cisco.com>
Date: Mon May 13 16:28:57 2019 -0400
http_inspect/stream: accelerated blocking
Mike Stepanek (mstepane) [Mon, 3 Jun 2019 20:38:59 +0000 (16:38 -0400)]
Merge pull request #1622 in SNORT/snort3 from ~MASHASAN/snort3:rna_framework to master
Squashed commit of the following:
commit
d49a2affbec8e24f642ce811c10141cf19435dda
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed May 29 12:37:25 2019 -0400
rna: Introducing barebone RNA module and inspector
Shravan Rangarajuvenkata (shrarang) [Mon, 3 Jun 2019 20:06:02 +0000 (16:06 -0400)]
Merge pull request #1620 in SNORT/snort3 from ~SATHIRKA/snort3:icmp_bruteforce to master
Squashed commit of the following:
commit
d6298c44470c752ccdbd2abd098814e7b36a27e5
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu May 23 14:24:42 2019 -0400
appid: Protocol based detection for non-TCP non-UDP traffic.
Mike Stepanek (mstepane) [Mon, 3 Jun 2019 20:02:00 +0000 (16:02 -0400)]
Merge pull request #1627 in SNORT/snort3 from ~MIREDDEN/snort3:stream_tcp_timestamp to master
Squashed commit of the following:
commit
7770b59dee8e8b3d7b93b8dfadbe21a33c746eb5
Author: Mike Redden <miredden@cisco.com>
Date: Wed May 29 15:57:18 2019 -0400
stream: Do not validate timestamp until peer timestamp is set
Michael Altizer (mialtize) [Mon, 3 Jun 2019 18:05:33 +0000 (14:05 -0400)]
Merge pull request #1624 in SNORT/snort3 from ~BBANTWAL/snort3:fix_async_http to master
Squashed commit of the following:
commit
84367e7e76a1f3bea145a3520fe729e099e0ac1a
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue May 28 12:24:11 2019 -0400
http_inspect: stop clearing http data snapshots from ips contexts on flow deletion
Michael Altizer (mialtize) [Fri, 31 May 2019 15:20:34 +0000 (11:20 -0400)]
Merge pull request #1617 in SNORT/snort3 from ~BBANTWAL/snort3:offload_memstats_fix to master
Squashed commit of the following:
commit
f10682ce0c9e034bef3d3a42a3e2fcebe0c94691
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri May 24 17:06:38 2019 -0400
flow: check if flow is actually deleted before updating memstats
Mike Stepanek (mstepane) [Fri, 24 May 2019 12:49:45 +0000 (08:49 -0400)]
Merge pull request #1614 in SNORT/snort3 from ~KATHARVE/snort3:disable_builtin to master
Squashed commit of the following:
commit
7f281ab48cb16fbc99f619c1ae72841c0886bb85
Author: Katura Harvey <katharve@cisco.com>
Date: Mon May 20 17:49:40 2019 -0400
detection: fix check for disabled rules
Shravan Rangarajuvenkata (shrarang) [Thu, 23 May 2019 14:59:25 +0000 (10:59 -0400)]
Merge pull request #1608 in SNORT/snort3 from ~KAMURTHI/snort3:BitTorrent-Fix to master
Squashed commit of the following:
commit
4adad8bc5649000bb5d8ca10f933389d441ad20a
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu May 9 16:16:46 2019 -0400
appid: support for dynamic host cache lookup-based app detection.
Mike Stepanek (mstepane) [Wed, 22 May 2019 20:41:32 +0000 (16:41 -0400)]
Merge pull request #1615 in SNORT/snort3 from ~NIHDESAI/snort3:build_256 to master
Squashed commit of the following:
commit
68d6c61b35320abc1301d55a0bac95d57e25ec3c
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed May 22 13:42:31 2019 -0400
build: generate build 256
Mike Stepanek (mstepane) [Mon, 20 May 2019 17:30:52 +0000 (13:30 -0400)]
Merge pull request #1607 in SNORT/snort3 from ~SMINUT/snort3:filters_xhash_peg to master
Squashed commit of the following:
commit
6182a08ddbac76285aad2bd3194282f5402075da
Author: Silviu Minut <sminut@cisco.com>
Date: Wed May 15 09:40:34 2019 -0400
filters: add peg count for when the thd_runtime XHash table gets full.
Tom Peters (thopeter) [Fri, 17 May 2019 14:42:51 +0000 (10:42 -0400)]
Merge pull request #1610 in SNORT/snort3 from ~SBAIGAL/snort3:perfmon_event_fix to master
Squashed commit of the following:
commit
a3fcf0a70b39bf05ed8ed9f204fd88a42fd8ea81
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed May 15 13:51:26 2019 -0400
perf_mon: add real timestamp to empty perf_stats data; updated dbus default subscription code and perf_mon event subscirption code to resolve memory leak and invalid event subscription from reloading; moved flow_ip_tracker to thread local
Tom Peters (thopeter) [Wed, 15 May 2019 18:39:44 +0000 (14:39 -0400)]
Merge pull request #1604 in SNORT/snort3 from ~KATHARVE/snort3:disable_inspection_in_drop_flow to master
Squashed commit of the following:
commit
991d611b02b5bb0ad494b29e6914ac649cca581c
Author: Katura Harvey <katharve@cisco.com>
Date: Tue May 7 18:53:02 2019 -0400
stream: disable inspection of flow on reset
Tom Peters (thopeter) [Wed, 15 May 2019 18:34:52 +0000 (14:34 -0400)]
Merge pull request #1602 in SNORT/snort3 from ~SMINUT/snort3:appid_fuzz to master
Squashed commit of the following:
commit
dd95d711880a5401e8486fd2d59ad8a85a5fa5c5
Author: Silviu Minut <sminut@cisco.com>
Date: Fri May 10 15:58:53 2019 -0400
http_inspect: fix status_code_num bug in HttpMsgHeader::update_flow() that leads to assert on input.length()>0 in norm_decimal_integer.
Tom Peters (thopeter) [Tue, 14 May 2019 16:34:32 +0000 (12:34 -0400)]
Merge pull request #1601 in SNORT/snort3 from ~MIREDDEN/snort3:remove_sticky_buffer_duplicates to master
Squashed commit of the following:
commit
3d998ed0f4e1faab5372d33decc333d666b6fa57
Author: Mike Redden <miredden@cisco.com>
Date: Wed May 8 14:27:34 2019 -0400
snort2lua: Remove sticky buffer duplicates
Mike Stepanek (mstepane) [Thu, 9 May 2019 16:53:50 +0000 (12:53 -0400)]
Merge pull request #1592 in SNORT/snort3 from ~SMINUT/snort3:event_filter_memcap to master
Squashed commit of the following:
commit
2da9b2b60b98cf6c2bb901d6cfab0871fed0ce7f
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Apr 30 13:23:35 2019 -0400
filters: make thd_runtime and rf_hash thread local and allocate them from thread init rather than from Module::end().
Mike Stepanek (mstepane) [Tue, 7 May 2019 17:25:19 +0000 (13:25 -0400)]
Merge pull request #1600 in SNORT/snort3 from ~DDAHIPHA/snort3:fd_leak_fixes to master
Squashed commit of the following:
commit
f6c664bc51a374308a82e13395cfb87f12621ef6
Author: Devendra Dahiphale <ddahipha@cisco.com>
Date: Tue May 7 13:23:18 2019 -0400
main: Fix File Descriptor leaks
Mike Stepanek (mstepane) [Tue, 7 May 2019 15:28:03 +0000 (11:28 -0400)]
Merge pull request #1594 in SNORT/snort3 from ~MASHASAN/snort3:per_mon_leak to master
Squashed commit of the following:
commit
f7d0fe1dab2a07f15a87177844c79419c72ca8b1
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri May 3 11:23:59 2019 -0400
perf_monitor: Fixing heap-use-after-free after reload failure
Tom Peters (thopeter) [Mon, 6 May 2019 21:01:49 +0000 (17:01 -0400)]
Merge pull request #1599 in SNORT/snort3 from ~KATHARVE/snort3:uniformity_rule_state to master
Squashed commit of the following:
commit
b5dbbf67ffbef7a7f0afcf0fa68083339bea3c2b
Author: Katura Harvey <katharve@cisco.com>
Date: Wed May 1 09:52:43 2019 -0400
Uniformity: Update the rule_state value to yes or no
Tom Peters (thopeter) [Mon, 6 May 2019 20:54:33 +0000 (16:54 -0400)]
Merge pull request #1598 in SNORT/snort3 from ~MIREDDEN/snort3:port_scan_memcap to master
Squashed commit of the following:
commit
300ad4844bc61bfacbb746ce036018ae211b7777
Author: Mike Redden <miredden@cisco.com>
Date: Mon May 6 13:46:13 2019 -0400
port_scan: Change minimum memcap value to 1024 to avoid divide by zero crash
Michael Altizer [Mon, 6 May 2019 17:32:37 +0000 (13:32 -0400)]
main: Include analyzer.h in snort.cc
Michael Altizer [Fri, 31 Aug 2018 18:40:41 +0000 (14:40 -0400)]
DAQng: Port Snort and its DAQ modules to DAQ3
Michael Altizer [Sat, 16 Mar 2019 23:31:44 +0000 (19:31 -0400)]
Revert "Merge pull request #1535 in SNORT/snort3 from ~SHRARANG/snort3:set_priv_ptr_for_pdu to master"
This reverts commit
cdae58b2fde31057795c04185d22d2b7e9e916ef .
Michael Altizer [Sun, 5 May 2019 16:00:15 +0000 (12:00 -0400)]
packet_io: Refactor the Trough a bit
Russ Combs (rucombs) [Sat, 4 May 2019 16:23:41 +0000 (12:23 -0400)]
Merge pull request #1595 in SNORT/snort3 from ~RUCOMBS/snort3:build_255 to master
Squashed commit of the following:
commit
5dc88fa07e26e6332fcc681e8d6e7ff0321e712e
Author: Russ Combs <rucombs@cisco.com>
Date: Fri May 3 18:34:44 2019 -0400
build: generate and tag build 255
Russ Combs (rucombs) [Sat, 4 May 2019 16:23:08 +0000 (12:23 -0400)]
Merge pull request #1589 in SNORT/snort3 from ~RUCOMBS/snort3:doc_include to master
Squashed commit of the following:
commit
c2a60f4a03b15a9c423d50ca27f9b645c65afb18
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Apr 29 18:07:24 2019 -0400
doc: explain include logic
Michael Altizer (mialtize) [Tue, 30 Apr 2019 15:40:05 +0000 (11:40 -0400)]
Merge pull request #1591 in SNORT/snort3 from ~MIALTIZE/snort3:static_analysis to master
Squashed commit of the following:
commit
b1dd6db8cc79cc8b0881f508f1c1679165aa92b1
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Apr 24 15:39:22 2019 -0400
piglet_plugins: Don't try to memset SigInfo
commit
846cd74233e2e6de40528e364bb10b5be8421848
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 13:02:37 2019 -0400
tcp_connector: Fix memory leak in receive overrun scenario
commit
f168872f04abdc26d1ebcb7bc43977b0ecd8bc4e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 12:49:41 2019 -0400
appid: Add assertion to pop3 detector to quiet the static analyzer
commit
7d190cd75022d2cc4e0400e10406c7a182504566
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 12:36:37 2019 -0400
module_manager: Fix potential null deref in module parameter dumping
Russ Combs (rucombs) [Mon, 29 Apr 2019 21:42:31 +0000 (17:42 -0400)]
Merge pull request #1588 in SNORT/snort3 from ~RUCOMBS/snort3:includer to master
Squashed commit of the following:
commit
62464559e2ebd8b9739db1ea8c10907bc6830aeb
Author: russ <rucombs@cisco.com>
Date: Sat Apr 27 16:03:45 2019 -0400
ips: add includer for better relative path support
Michael Altizer [Fri, 26 Apr 2019 20:45:18 +0000 (16:45 -0400)]
build: generate and tag build 254
projects / thirdparty / snort3.git / log
