]>
git.ipfire.org Git - thirdparty/snort3.git/log
Adrian Mamolea (admamole) [Fri, 9 Feb 2024 08:51:52 +0000 (08:51 +0000)]
Pull request #4187: detection: copy ip var name in dup_rtn
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:var_bug to master
Squashed commit of the following:
commit
c3b9334700647d5bbd1698da377117f64e50228d
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Jan 30 09:22:38 2024 -0500
detection: copy ip var name in dup_rtn
Abhishek Rawat (abhrawat) [Fri, 9 Feb 2024 03:02:51 +0000 (03:02 +0000)]
Pull request #4181: flow: added ips event suppression flags
Merge in SNORT/snort3 from ~ABHRAWAT/snort3:conn_event_ips_suppression to master
Squashed commit of the following:
commit
4790cd489d98de6f2759d5bd875e23f04f561940
Author: abhrawat <abhrawat@cisco.com>
Date: Mon Jan 29 19:33:39 2024 +0000
flow: added ips event suppression flags
Pull request #4195: stream_tcp: add alerts for exceeding thresholds for max queued bytes or segments
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:alert_on_queue_limit_events to master
Squashed commit of the following:
commit
ef3d7c1d48fefc50bef5b28006206968d1b07ee4
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Jan 29 15:08:15 2024 -0500
stream_tcp: add alerts for exceeding thresholds for max queued bytes or segments
update snort_reference document to include descriptions of new 129 builtin rules
Pull request #4180: stream_tcp: add check to verify seglist head is not nullptr and only initialize PAF when it is not
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:CSCwi80961_verify_seglist_not_empty to master
Squashed commit of the following:
commit
9c06b0a65fb09348f660781170de380214f8eea5
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Jan 29 19:09:18 2024 -0500
stream_tcp: add check to verify seglist head is not nullptr and only initialize PAF when it is not
Pull request #4197: appid: check tenant_match() if required
Merge in SNORT/snort3 from ~SVLASIUK/snort3:appid_tenants_filter_perf_fix to master
Squashed commit of the following:
commit
942b0edd2df839e4fd3da0be3cc7f69610dce263
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Feb 1 16:18:05 2024 +0200
appid: check tenant_match() if required
Michael Matirko (mmatirko) [Thu, 8 Feb 2024 15:51:11 +0000 (15:51 +0000)]
Pull request #4172: util: add macro for setting thread names on various systems
Merge in SNORT/snort3 from ~MMATIRKO/snort3:thread_names to master
Squashed commit of the following:
commit
0a6d452e0c710757a3656427d11c0fa2fe62c119
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jan 24 16:05:28 2024 -0500
utils: add macro for setting thread name
Steve Chew (stechew) [Wed, 7 Feb 2024 19:38:04 +0000 (19:38 +0000)]
Pull request #4200: build: generate and tag 3.1.80.0
Merge in SNORT/snort3 from ~STECHEW/snort3:build_3.1.80.0 to master
Squashed commit of the following:
commit
731250c54f91cb83f1b317525f7c9e24fb8490fe
Author: Steve Chew <stechew@cisco.com>
Date: Mon Feb 5 18:41:01 2024 -0500
build: generate and tag 3.1.80.0
Steve Chew (stechew) [Sun, 4 Feb 2024 18:25:21 +0000 (18:25 +0000)]
Pull request #4193: build: generate and tag 3.1.79.0
Merge in SNORT/snort3 from ~STECHEW/snort3:build_3.1.79.0 to master
Squashed commit of the following:
commit
abfb35c9cb81fbaca5f7e99129a0fa548d6adf8b
Author: Steve Chew <stechew@cisco.com>
Date: Thu Feb 1 14:57:35 2024 -0500
build: generate and tag 3.1.79.0
Shibin K V (shikv) [Thu, 1 Feb 2024 04:41:55 +0000 (04:41 +0000)]
Pull request #4169: appid: return false in is_appid_inspecting_session for quic if not decrypting
Merge in SNORT/snort3 from ~SHIKV/snort3:whitelist_quic to master
Squashed commit of the following:
commit
84ed4ba8e57ea4d2c0333af82e2ae1e9309d66f2
Author: shibin k v <shikv@cisco.com>
Date: Fri Jan 19 12:39:52 2024 +0000
appid: return false in is_appid_inspecting_session for quic if not decrypting
Pull request #4182: Kaizen
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:feature/kaizen to master
Squashed commit of the following:
commit
a127d8b0b075aba335bf216c69c2a09cd52f0919
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jan 30 16:01:12 2024 +0200
kaizen: add dev_notes.txt
commit
558dee4cdd82850d875e868ebb7ce8f2b2e820ba
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jan 30 15:43:58 2024 +0200
kaizen: update copyright
commit
f4fd702f97b35604c3eca073de23dd902a8928b4
Merge:
e8332d15da d6d691cb89
Author: Vitalii Serhiiovych Horbatov -X (vhorbato - SOFTSERVE INC at Cisco) <vhorbato@cisco.com>
Date: Thu Jan 25 14:02:09 2024 +0000
Pull request #949: kaizen: change GID to 411
Merge in FIREPOWER/snort3 from ~VHORBATO/snort3:kaizen_gid_411 to feature/kaizen
* commit '
d6d691cb890dde908fe832c517075aee9588bd31 ':
kaizen: change kaizen gid to 411
commit
d6d691cb890dde908fe832c517075aee9588bd31
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Jan 25 11:41:20 2024 +0200
kaizen: change kaizen gid to 411
commit
e8332d15da6a91b648d853ceaf0389143845e1e3
Merge:
67d683fb0f 6c4e69b643
Author: Vitalii Serhiiovych Horbatov -X (vhorbato - SOFTSERVE INC at Cisco) <vhorbato@cisco.com>
Date: Thu Jan 25 10:32:30 2024 +0000
Pull request #948: kaizen: change default value of uri_depth to -1
Merge in FIREPOWER/snort3 from ~VHORBATO/snort3:kaizen_uri_default to feature/kaizen
* commit '
6c4e69b6435b1ed0e4052d877f51f80cd84c0f28 ':
kaizen: change default value of uri_depth to -1
commit
6c4e69b6435b1ed0e4052d877f51f80cd84c0f28
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Jan 25 11:07:31 2024 +0200
kaizen: change default value of uri_depth to -1
commit
67d683fb0ffdd446076d9cb64ab3db4d2a05eeac
Merge:
32685a7bf3 8acf22fb16
Author: Vitalii Serhiiovych Horbatov -X (vhorbato - SOFTSERVE INC at Cisco) <vhorbato@cisco.com>
Date: Wed Jan 24 16:32:28 2024 +0000
Pull request #942: kaizen: make kaizen configurable per policy
Merge in FIREPOWER/snort3 from ~VHORBATO/snort3:kaizen_fixes to feature/kaizen
* commit '
8acf22fb16055acd87073e352817ada8a7c5ed03 ':
kaizen: change kaizen gid to 155
kaizen: make kaizen configurable per policy
commit
8acf22fb16055acd87073e352817ada8a7c5ed03
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Jan 19 22:19:39 2024 +0200
kaizen: change kaizen gid to 155
commit
d4f65497bc32587e4209e8680d6fc9d405e6db76
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Dec 20 18:29:49 2023 +0200
kaizen: make kaizen configurable per policy
commit
32685a7bf359e01d69d586127adb42cb295e4016
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Dec 19 16:02:06 2023 +0200
kaizen: extend mock object with simple matching mechanism
commit
c7a02041f358c5e2ac916078524f10a924803379
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Dec 18 14:27:16 2023 +0200
kaizen: register module only when LibML present or REG_TEST defined
commit
ad5ee55b22f421c01037ffabdbe57f019da9b7c0
Author: Yehor Velykozhon -X (yvelykoz - SOFTSERVE INC at Cisco) <yvelykoz@cisco.com>
Date: Tue Dec 19 09:33:10 2023 +0000
Pull request #931: configure_cmake.sh: fix conflict-resolve issue
Merge in FIREPOWER/snort3 from ~YVELYKOZ/snort3:kaizen_fix_config to feature/kaizen
Squashed commit of the following:
commit
6111cb812e852e7e0bff10a4494363f37a5ff390
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Dec 18 17:54:05 2023 +0200
build: fix configure_cmake.sh after incomplete rebase
commit
cf6f22e251b9bfe57f573129eae3ece00c1a0d02
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Sep 22 16:50:39 2023 -0400
network_inspectors: add kaizen ML based exploit detector
Pull request #4173: appid: add tenants filter for appid debug
Merge in SNORT/snort3 from ~SVLASIUK/snort3:appid_tenants_filter to master
Squashed commit of the following:
commit
4aa58015003c8f08ea3a2cdb0f4686d27b39d816
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Jan 25 13:55:34 2024 +0200
appid: add tenants filter for appid debug
Vikash Ranjan (vikasran) [Thu, 25 Jan 2024 16:51:43 +0000 (16:51 +0000)]
Pull request #4161: mercury: updating alpn info without sni in 7.6
Merge in SNORT/snort3 from ~VIKASRAN/snort3:vikash_work to master
Squashed commit of the following:
commit
fecd5a2345c7a45cac943f3bb02bfdb95e87e2c3
Author: vikasran <vikasran@cisco.com>
Date: Mon Dec 18 23:56:22 2023 +0530
mercury: updating alpn info without sni in 7.6
Pull request #4140: ssl: heap overflow issue when processing handshake records
Merge in SNORT/snort3 from ~RCONJEEV/snort3:ssl_heap_overflow_issue to master
Squashed commit of the following:
commit
409d741819b112b39ebbb6dde991f6ec6c5ef762
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Mon Dec 11 17:50:26 2023 +0530
ssl: heap overflow issue when processing handshake records
Pull request #4170: packet_tracer: add tenants to filters
Merge in SNORT/snort3 from ~SVLASIUK/snort3:pt_tenants_filter to master
Squashed commit of the following:
commit
93fc7a347f3e3792f2a896b234c3f9004b1a8092
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jan 19 15:59:54 2024 +0200
packet_tracer: add tenants to filters
Juweria Ali Imran (jaliimra) [Tue, 23 Jan 2024 20:36:01 +0000 (20:36 +0000)]
Pull request #4154: stream_tcp: correct labeling of in-sequence and out-of-sequence packets
Merge in SNORT/snort3 from ~JALIIMRA/snort3:ins_oos to master
Squashed commit of the following:
commit
1868eda57a7b465d0ff589f40a93672eafc2cc5b
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed Dec 6 08:16:24 2023 -0500
stream_tcp: correct labeling of in-sequence and out-of-sequence packets
Pull request #4144: appid: process organization unit instead of organization name
Merge in SNORT/snort3 from ~OSTEPANO/snort3:org_name_extr to master
Squashed commit of the following:
commit
1182e2ebd813cc0b6a523438704d44ff95e4691e
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Dec 13 07:24:00 2023 -0500
appid: process organization unit instead of organization name
Pull request #4142: CSCwh95127 - Skip initial seglist holes for midstream flows in IPS mode
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ips_seglist_hole_cscwh95127 to master
Squashed commit of the following:
commit
24510aba30c9cb8681d8bef03fb9b7d7ba2692f2
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Dec 8 14:46:11 2023 -0500
stream_tcp: on midstream pickup the peer that received the initial midstream packet remains in
MID_STREAM_RECV state until a packet with an ACK is sent by that peer. Data packets received are added
to the seglist but reassembly is not initiated. When the ACK is seen the seglist is scanned for holes
left of the ACK and all packets left of the holes are purged and reassembly started with the first
packet to the right of the hole
set packet direction flag based on direction saved in reassembly state
Raza Shafiq (rshafiq) [Mon, 22 Jan 2024 20:36:23 +0000 (20:36 +0000)]
Pull request #4162: coverity: fix for stream and hash
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:stream_coverity to master
Squashed commit of the following:
commit
ebffbe09dda5a5733f86c683f16347716a0a51ce
Author: rshafiq <rshafiq@cisco.com>
Date: Tue Dec 19 14:15:41 2023 -0500
coverity: fix for stream and hash
Raza Shafiq (rshafiq) [Mon, 22 Jan 2024 16:18:02 +0000 (16:18 +0000)]
Pull request #4168: stream_tcp: persist disable_reassembly in Flow
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:gcp_perf to master
Squashed commit of the following:
commit
1e3853009369678775c85dc30d7f3669a352dcc2
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Dec 13 17:23:28 2023 -0500
stream_tcp: persist disable_reassembly in Flow
Pull request #4167: profiler: improve multithread rule percentage calculation
Merge in SNORT/snort3 from ~ASERBENI/snort3:multithread_rule_percent to master
Squashed commit of the following:
commit
48c52c9279e05dd56fcd7c3d332a144b92f953bb
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jan 15 15:55:06 2024 +0200
profiler: improve multithread rule percentage calculation
Michael Matirko (mmatirko) [Wed, 17 Jan 2024 21:43:12 +0000 (21:43 +0000)]
Pull request #4145: filters: make rate_filter multithreaded + cleanup
Merge in SNORT/snort3 from ~MMATIRKO/snort3:multithread_sfrf to master
Squashed commit of the following:
commit
e5d9ad1293230a926f6acc3720042a858bf35998
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Oct 31 16:06:07 2023 -0400
filters: make rate_filter multithreaded + some cleanup
Ron Dempster (rdempste) [Tue, 16 Jan 2024 23:09:53 +0000 (23:09 +0000)]
Pull request #4132: appid: update peg counts to be thread safe
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:appid_stats to master
Squashed commit of the following:
commit
ccc7a16e0fb0e7ce4eb244ca6f19a41bca00dde4
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Dec 6 15:11:21 2023 -0500
appid: update peg counts to be thread safe
Priyanka Bangalore Gurudev (prbg) [Tue, 16 Jan 2024 20:04:35 +0000 (20:04 +0000)]
Pull request #4164: build: generate and tag 3.1.78.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.78.0 to master
Squashed commit of the following:
commit
7efc960d98260eef70b0316551772c882eca8cb9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Jan 16 01:31:20 2024 -0500
build: generate and tag 3.1.78.0
Pull request #4163: doc: update arg list for "generate_builtin.sh"
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:generate_script_update to master
Squashed commit of the following:
commit
2b2b5c45d415a6ffb1cda8b4b1bba098df118460
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jan 12 15:25:03 2024 +0200
doc: update arg list for "generate_builtin.sh"
Add parity to "generate_" scripts arg list, thanks to @puck(https://github.com/puck)
for creating a fix.
Pull request #4117: appid: print odp version and odp detector count on startup
Merge in SNORT/snort3 from ~LCZARNIK/snort3:logodp to master
Squashed commit of the following:
commit
3ec619e3c69a80dd89787fd2510de6c9aa4adff4
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Mon Nov 27 09:55:02 2023 -0500
appid: print odp version and odp detector count on startup
Maya Dagon (mdagon) [Thu, 11 Jan 2024 14:05:58 +0000 (14:05 +0000)]
Pull request #4160: Copyright: Update year to 2024
Merge in SNORT/snort3 from ~MDAGON/snort3:copyright to master
Squashed commit of the following:
commit
4e4aa910e16b69b25483aee2b87d0b3b6fe98d05
Author: maya dagon <mdagon@cisco.com>
Date: Tue Jan 9 10:34:28 2024 -0500
Copyright: Update year to 2024
Pull request #4125: main: fix inconsistent lua variables assignment
Merge in SNORT/snort3 from ~YCHALOV/snort3:lua_variable_fix to master
Squashed commit of the following:
commit
d05cfa28ecd64935bfb573312eba89bf96b2ca8d
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Dec 4 11:05:35 2023 +0100
main: fix inconsistent lua variables assignment
Pull request #4139: parser: fix --dump-rule-meta for negated ports
Merge in SNORT/snort3 from ~YCHALOV/snort3:negate_port_parse_fix to master
Squashed commit of the following:
commit
17b1e655c839f2d4d8415ff8c162fe230ba014e6
Author: Yurii Chalov <ychalov@cisco.com>
Date: Fri Dec 8 16:11:24 2023 +0100
parser: fix --dump-rule-meta for negated ports
Priyanka Bangalore Gurudev (prbg) [Thu, 21 Dec 2023 22:44:39 +0000 (22:44 +0000)]
Pull request #4156: build: generate and tag 3.1.77.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.77.0 to master
Squashed commit of the following:
commit
1a7cd88c533952f1b55a1aa9ef367edc245019a3
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Dec 20 20:42:30 2023 -0500
build: generate and tag 3.1.77.0
Akhilesh MY (amuttuva) [Wed, 20 Dec 2023 08:33:26 +0000 (08:33 +0000)]
Pull request #4112: profiler: dump memory profiler stats at frequent interval
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:mem_prof_master to master
Squashed commit of the following:
commit
8f5b8f6f3fcbfe60a28429ec41266cd88a2bf2c9
Author: sunimukh <sunimukh@cisco.com>
Date: Wed Jun 28 06:45:54 2023 +0000
profiler: dump memory profiler stats at frequent interval
Ron Dempster (rdempste) [Tue, 19 Dec 2023 22:31:30 +0000 (22:31 +0000)]
Pull request #4152: flow: Add tenant ID to FlowKey
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:daq_tunnelid_addressspace to master
Squashed commit of the following:
commit
271a3198036f516f3eed82a5c3d1ac97f006ee75
Author: Steve Chew <stechew@cisco.com>
Date: Tue Dec 12 17:31:26 2023 -0500
flow: Add tenant ID to FlowKey
Shibin K V (shikv) [Tue, 19 Dec 2023 17:52:28 +0000 (17:52 +0000)]
Pull request #4143: appid: do not delete hsession for http3
Merge in SNORT/snort3 from ~SHIKV/snort3:quic_event_fix to master
Squashed commit of the following:
commit
364cf7c2858eb5de01e54d4999fa3f2d74b876fb
Author: shibin k v <shikv@cisco.com>
Date: Wed Dec 13 08:16:52 2023 +0000
appid: do not delete hsession for http3
Pull request #4129: ssl: stopping inspection once client or server app packet is found
Merge in SNORT/snort3 from ~RCONJEEV/snort3:ssl_inspection_perf_fix to master
Squashed commit of the following:
commit
46806aae62e751ac1d8a6382f2cf1827d38235ae
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Wed Dec 6 14:58:08 2023 +0530
ssl: stopping inspection once client or server app packet is found
Pull request #4134: detection: collect matched buffers
Merge in SNORT/snort3 from ~ASERBENI/snort3:ips_buf_dump to master
Squashed commit of the following:
commit
210d825c271a41d02e04a850fac384e38a04b397
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Tue Nov 28 14:53:31 2023 +0200
detection: collect matched buffers on IpsContext
Pull request #4094: build: arm compilation support
Merge in SNORT/snort3 from ~NPRIYANS/snort3:arm_support to master
Squashed commit of the following:
commit
ecb27a186eb8b20fb594add7efad94404ee1f86e
Author: Shashi Lad <shaslad@cisco.com>
Date: Tue Jul 25 23:40:07 2023 -0400
build: arm compilation support
Umang Sharma (umasharm) [Wed, 13 Dec 2023 20:25:39 +0000 (20:25 +0000)]
Pull request #4137: Coverity fixes
Merge in SNORT/snort3 from ~UMASHARM/snort3:coverity_fixes to master
Squashed commit of the following:
commit
f005a9908950f50692dc4ce1dba83c7b406da8eb
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Dec 8 11:40:39 2023 -0500
appid: fixes for coverity issues
Pull request #4131: profiler: change time tracking for "rule_time (%)" field in rule_profiler output
Merge in SNORT/snort3 from ~VHORBATO/snort3:rp_percent to master
Squashed commit of the following:
commit
a11edea62ed46ae86fbba5ff6f377ef0bc21bd18
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Dec 6 15:12:12 2023 +0200
profiler: change time tracking for "rule_time (%)" field in rule_profiler output
Shibin K V (shikv) [Sat, 9 Dec 2023 17:19:17 +0000 (17:19 +0000)]
Pull request #4136: appid: add http3 to the list of ssl protocols as http3 will always be inside quic and encrypted
Merge in SNORT/snort3 from ~SHIKV/snort3:quic_url_si_multi to master
Squashed commit of the following:
commit
80c701e650b7ff9adc82a93ace1b5790e9586625
Author: shibin k v <shikv@cisco.com>
Date: Thu Dec 7 21:20:44 2023 +0000
appid: add http3 to the list of ssl protocols as http3 will always be inside quic and encrypted
Brandon Stultz (brastult) [Fri, 8 Dec 2023 09:14:05 +0000 (09:14 +0000)]
Pull request #4135: Feature Prep
Merge in SNORT/snort3 from ~BRASTULT/snort3:feature_prep to master
Squashed commit of the following:
commit
85e2bbe582be1ff3980da214aa92927fa9b2007e
Author: Brandon Stultz <brastult@cisco.com>
Date: Mon Nov 20 17:58:17 2023 -0500
utils: add get_file_size
commit
5362d679a2b1f162554647f970de07c66d80df94
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Nov 9 14:58:42 2023 -0500
main: fix reload_id data race
commit
ada5805e25cf9d7d1ede3d44aec0c96bb25bb5e9
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Nov 3 11:47:28 2023 -0400
parser: add CWD to conf search order
commit
b11e3124844d717857d8b0bf7995c0396203e610
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Sep 22 16:44:24 2023 -0400
pub_sub: add get_client_body and is_mime methods
commit
4da05779e308734d705e2de2c3afe4ec210413ce
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Sep 22 16:40:09 2023 -0400
http_inspect: publish HTTP/1 request bodies, track MIME boundary
Raza Shafiq (rshafiq) [Thu, 7 Dec 2023 21:49:00 +0000 (21:49 +0000)]
Pull request #4133: host_cache: fix for race condition on peg counts
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:host_cache_pegs to master
Squashed commit of the following:
commit
2d742de0301f5940aa7f658336f382f33059f1e9
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Dec 6 08:37:52 2023 -0500
host_cache: fix for race condition on peg counts
Michael Matirko (mmatirko) [Tue, 5 Dec 2023 18:03:02 +0000 (18:03 +0000)]
Pull request #4126: catch: add boost software license for catch.hpp
Merge in SNORT/snort3 from ~MMATIRKO/snort3:boost_license to master
Squashed commit of the following:
commit
5355f9305ad11eb29eb687f54417f910e5a5f02d
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Dec 4 10:19:13 2023 -0500
catch: add boost software license for catch.hpp
Pull request #4110: appid: Lua logging doc update
Merge in SNORT/snort3 from ~OSTEPANO/snort3:lua_os_doc to master
Squashed commit of the following:
commit
66d83304b0e7fefb4cde191f640c2ee9de0a1fb4
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Nov 23 10:45:35 2023 -0500
appid: Lua logging doc update
Pull request #4127: GID range for built-in rules.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:gid_range to master
Squashed commit of the following:
commit
6ad50702f4158d5ea09670c1cf30b359dcc977ca
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Dec 4 13:29:16 2023 +0200
detection: adjust built-in GID range to 40-999
Priyanka Bangalore Gurudev (prbg) [Mon, 4 Dec 2023 19:55:20 +0000 (19:55 +0000)]
Pull request #4123: build: generate and tag 3.1.76.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.76.0 to master
Squashed commit of the following:
commit
166c30f1a73c583d0fb615872328c5dc782ef1a2
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Dec 3 23:09:32 2023 -0500
build: generate and tag 3.1.76.0
Umang Sharma (umasharm) [Thu, 30 Nov 2023 14:34:29 +0000 (14:34 +0000)]
Pull request #4116: appid: coverity issues
Merge in SNORT/snort3 from ~UMASHARM/snort3:coverity_fixes to master
Squashed commit of the following:
commit
5f57ab950b53a47217d9a1155e4988f31bd288a5
Author: Umang Sharma <umasharm@cisco.com>
Date: Wed Nov 22 02:25:17 2023 -0500
appid: fixing coverity issues
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 30 Nov 2023 14:10:27 +0000 (14:10 +0000)]
Pull request #4107: appid: fixing coverity issues
Merge in SNORT/snort3 from ~SATHIRKA/snort3:appid_coverity to master
Squashed commit of the following:
commit
49746e192fce6caf2e7c19702c8fffdaaeabdb54
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Nov 17 06:42:53 2023 -0500
appid: fixing coverity issues
Sai Srinivas Dunne (sadunne) [Wed, 29 Nov 2023 07:13:30 +0000 (07:13 +0000)]
Pull request #4111: Make add_peg_count and set_peg_count protected to be available for the derived class
Merge in SNORT/snort3 from ~SADUNNE/snort3:sadunne_counter_fix to master
Squashed commit of the following:
commit
7508e2410ece25983e2865bc26a69f957b470b74
Author: Sai Srinivas Dunne <sadunne@cisco.com>
Date: Fri Nov 24 17:51:24 2023 +0530
perf_mon: fix variable name issue reported by cppcheck
commit
ce868f78ddc45a11b2402a321587a8de06fd4e9d
Author: Sai Srinivas Dunne <sadunne@cisco.com>
Date: Fri Nov 24 11:46:43 2023 +0530
pegs: Make add_peg_count and set_peg_count protected to be available for
the derived class.
Raza Shafiq (rshafiq) [Mon, 27 Nov 2023 18:24:20 +0000 (18:24 +0000)]
Pull request #4103: flow_cache: added new protocol base counters
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:proto_prune_stats to master
Squashed commit of the following:
commit
e098d60d6b616a4dcda7bd9561ff932429fd9360
Author: rshafiq <rshafiq@cisco.com>
Date: Fri Oct 20 16:57:29 2023 -0400
flow_cache: added new protocol base counters
Pull request #4105: appid: Additional checks for lua logging
Merge in SNORT/snort3 from ~OSTEPANO/snort3:lua_debug_fix to master
Squashed commit of the following:
commit
703b39ee1da25cf5cb52c5b0df2267d7da98cac5
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Nov 20 07:34:24 2023 -0500
appid: Additional check for lua logging
Pull request #4065: appid: TP_appid profiler
Merge in SNORT/snort3 from ~LCZARNIK/snort3:tp_appid_profiler to master
Squashed commit of the following:
commit
be69c7d14d16fe44a508dc8587176ced4f00e13f
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Tue Nov 7 08:18:01 2023 -0500
appid: Adding support for memory profiling of third party lib
appid: Adds missed cppcheck warning
Pull request #4102: dns: fix parsing 'additionals' section in dns response
Merge in SNORT/snort3 from ~SVLASIUK/snort3:fix_dns_parser to master
Squashed commit of the following:
commit
59f0c3ae7d2ed2629ca72b2446cd34fe7f43be1f
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Nov 16 16:56:33 2023 +0200
dns: fix parsing 'additionals' section in dns response
Priyanka Bangalore Gurudev (prbg) [Mon, 20 Nov 2023 17:23:03 +0000 (17:23 +0000)]
Pull request #4104: build: generate and tag 3.1.75.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.75.0 to master
Squashed commit of the following:
commit
d794334ebfe8e585a8668f728b32e207748b6ae7
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Nov 19 20:15:39 2023 -0500
build: generate and tag 3.1.75.0
Garima Sambyal (gsambyal) [Thu, 16 Nov 2023 05:56:32 +0000 (05:56 +0000)]
Pull request #4042: Suppression and Threshold on ips rule is impacting connection events
Merge in SNORT/snort3 from ~GSAMBYAL/snort3:CSCwc93243 to master
Squashed commit of the following:
commit
223175e54504057891c46a051a4d79c8ae518c2f
Author: Garima Sambyal <gsambyal@cisco.com>
Date: Mon Oct 9 05:20:43 2023 +0000
detection: setting flag for flows with affected logging due to event filter
Pull request #4091: olefile: replace hash map with list to guarantee order
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:vba_update to master
Squashed commit of the following:
commit
aec621ae92f61804664b1a0172b0dd0594201c68
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 1 14:33:25 2023 +0200
decompress: use list for OLE file entries to guarantee their order in file_data
Cliff Judge (cljudge) [Thu, 9 Nov 2023 03:19:43 +0000 (03:19 +0000)]
Pull request #4090: appid: add appId for DNS over QUIC and DNS over HTTP/3 to application_ids.h
Merge in SNORT/snort3 from ~CLJUDGE/snort3:snort3_add_dns_appids_to_header_file to master
Squashed commit of the following:
commit
de1533f401d4ae7c58eca99064486876c4637c13
Author: Clifford Judge <cljudge@cisco.com>
Date: Tue Nov 7 01:06:37 2023 -0500
appid: add appId for DNS over QUIC and DNS over HTTP/3 to application_ids.h
Priyanka Bangalore Gurudev (prbg) [Tue, 7 Nov 2023 22:28:34 +0000 (22:28 +0000)]
Pull request #4092: build: generate and tag 3.1.74.0
Merge in SNORT/snort3 from ~PRBG/snort3:snort3_build_3.1.74.0_libdaq_v3.0.13 to master
Squashed commit of the following:
commit
4efd8f0c6e8a115d3d8133a86679480a725d9ab7
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Nov 7 16:12:01 2023 -0500
build: generate and tag 3.1.74.0
Pull request #4083: bad checksum fix
Merge in SNORT/snort3 from ~VKHARVI/snort3:proto_51_fix to master
Squashed commit of the following:
commit
bff3344649af8f6eb2e8e48679aa802df7d92e5c
Author: VISHAL RATNAKAR KHARVI -X (vkharvi - XORIANT CORPORATION at Cisco) <vkharvi@cisco.com>
Date: Wed Nov 1 18:43:15 2023 +0530
codecs: Fix bad checksum when auth(51) protocol header is present between IP and TCP layer.
Ron Dempster (rdempste) [Mon, 6 Nov 2023 19:30:25 +0000 (19:30 +0000)]
Pull request #4088: Build
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:build to master
Squashed commit of the following:
commit
081a9a49a764b4e93b16047fa66592d3725dcb64
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Nov 3 13:16:32 2023 -0400
build: fix up 32-bit compilation
commit
c34089572ac99037baa69003971fe9b8cfea5c2d
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Nov 3 12:52:55 2023 -0400
appid: clean up main thread appid debug and make appid on, off, on work
Pull request #4082: Ips option ack
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:ips_option_ack to master
Squashed commit of the following:
commit
9001bca22553e7cd2a393a195ef0348b535bf5cc
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Nov 1 13:35:11 2023 +0200
ips_options: fix ack option
Packet header contains ACK in network representation.
Ron Dempster (rdempste) [Fri, 3 Nov 2023 08:28:52 +0000 (08:28 +0000)]
Pull request #4085: ips_options: fix flow bits
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:fix_flowbits to master
Squashed commit of the following:
commit
252461ea3911401cb7c80304bc803f6c6c74080f
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Nov 2 15:12:29 2023 -0400
ips_options: fix flow bits
Ron Dempster (rdempste) [Tue, 31 Oct 2023 14:26:28 +0000 (14:26 +0000)]
Pull request #3935: Cppcheck
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:cppcheck to master
Squashed commit of the following:
commit
e7663dd3be7fd74a91808f293de0222ea7a467ee
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Oct 19 11:46:13 2023 -0400
build: remove unused functions reported by cppcheck
commit
ce623c51d7bb6a034d09b3700db74f1ccf229bc5
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Jul 19 12:55:56 2023 -0400
actions, detection, file_api, flow, stream: coverity fixes
commit
bed4872d9259d16a345e61a15f766505c18b0c30
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jun 30 13:57:44 2023 -0400
build: Address miscellaneous cppcheck warnings
Ron Dempster (rdempste) [Mon, 30 Oct 2023 18:44:00 +0000 (18:44 +0000)]
Pull request #4077: search_tool: allow an override of the search method
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:search_tool to master
Squashed commit of the following:
commit
69f8dddd2647a3e02e6446a9fe0e9a1ac78771f0
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Oct 27 12:14:12 2023 -0400
search_tool: allow an override of the search method
Sumit Kumar (sumikum7) [Mon, 30 Oct 2023 07:02:59 +0000 (07:02 +0000)]
Pull request #4080: Taking care of few coverity warnings post porting of SMB Multichannel
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:post_porting_760 to master
Squashed commit of the following:
commit
896ce9cb02a539af2297c5bc4207a4879319e844
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Sat Oct 28 10:25:35 2023 +0530
snort3_coverity: coverity errors and cppcheck warnings being fixed here
Sumit Kumar (sumikum7) [Fri, 27 Oct 2023 18:07:41 +0000 (18:07 +0000)]
Pull request #4061: Porting into 760(snort3) for SMB Multichannel Redesigning (First done in 741)
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:porting_760 to master
Squashed commit of the following:
commit
6fc8604a2a7448163b8226ffaf77799c2965f4c1
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Fri Oct 13 15:45:05 2023 +0530
dce_rpc: Added SMB Redsigned Multichannel enabled code
Maya Dagon (mdagon) [Fri, 27 Oct 2023 10:00:40 +0000 (10:00 +0000)]
Pull request #4070: src: fix coverity warnings
Merge in SNORT/snort3 from ~MDAGON/snort3:coverity to master
Squashed commit of the following:
commit
5085ae69eeeb397398e4e72704ab917a65c1c178
Author: maya dagon <mdagon@cisco.com>
Date: Fri Oct 20 12:12:41 2023 -0400
src: fix coverity warnings
Ron Dempster (rdempste) [Thu, 26 Oct 2023 19:34:27 +0000 (19:34 +0000)]
Pull request #4072: search_tool: fall back to normal mpse if no snort config
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:muster to master
Squashed commit of the following:
commit
da21ec1a104bde95dc1f944fb50411daf0732803
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Oct 26 10:18:18 2023 -0400
search_tool: fall back to normal mpse if no snort config
Pull request #4068: http_inspect: add correct handling of configuration error
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:http_param_fix to master
Squashed commit of the following:
commit
2a15f0c5742bd014c9152620b68158db81237637
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Oct 25 14:02:35 2023 +0300
http_inspect: add correct handling of configuration error
Pull request #4062: appid: Lua log function with appiddebug check
Merge in SNORT/snort3 from ~OSTEPANO/snort3:lua_log to master
Squashed commit of the following:
commit
8e509beb02cfed13e5fd171896d10159e91b1cbb
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Aug 10 08:18:48 2023 -0400
appid: Lua log function with appiddebug check
Pull request #4041: packet_io: fix incorrect counters caused by data plane counters reset
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:daq_counter_fix to master
Squashed commit of the following:
commit
4ed5cf5bc6c597417789b18c15b03efa2843db69
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Oct 6 08:21:47 2023 -0400
packet_io: fix incorrect counters caused by data plane counters reset
Priyanka Bangalore Gurudev (prbg) [Mon, 23 Oct 2023 15:15:07 +0000 (15:15 +0000)]
Pull request #4064: build: generate and tag 3.1.73.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.73.0 to master
Squashed commit of the following:
commit
26cad17bf00a89a84016de1a54f62202ce3d2cfd
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Oct 23 08:55:22 2023 -0400
build: generate and tag 3.1.73.0
Maya Dagon (mdagon) [Fri, 20 Oct 2023 08:42:01 +0000 (08:42 +0000)]
Pull request #4060: http_inspect: handle reserved gzip flags
Merge in SNORT/snort3 from ~MDAGON/snort3:gzip_flag to master
Squashed commit of the following:
commit
d26f4726924c24ba7cafe6ba05468398ec0c4ab7
Author: maya dagon <mdagon@cisco.com>
Date: Tue Oct 3 10:40:52 2023 -0400
http_inspect: handle reserved gzip flags
Sreeja Athirkandathil Narayanan (sathirka) [Tue, 17 Oct 2023 20:38:44 +0000 (20:38 +0000)]
Pull request #4059: appid: fixing cppcheck issue
Merge in SNORT/snort3 from ~SATHIRKA/snort3:fix_cppcheck to master
Squashed commit of the following:
commit
0b0614d79c862b35fca04c6dd70b30069ee316c2
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Oct 17 08:45:52 2023 -0400
appid: fixing cppcheck issue
Juweria Ali Imran (jaliimra) [Tue, 17 Oct 2023 19:53:12 +0000 (19:53 +0000)]
Pull request #4056: stream_tcp: ignore normalization checks when in midstream state
Merge in SNORT/snort3 from ~JALIIMRA/snort3:midstream_invalid_seq to master
Squashed commit of the following:
commit
db2d4e4174f77527e8360d66361c2bd2b9f21aba
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed Oct 11 10:48:18 2023 -0400
stream_tcp: ignore normalization checks when in midstream state
Maya Dagon (mdagon) [Tue, 17 Oct 2023 13:07:38 +0000 (13:07 +0000)]
Pull request #4049: http_inspect: response to 0.9 isn't necessarily 0.9
Merge in SNORT/snort3 from ~MDAGON/snort3:zero_nine_res to master
Squashed commit of the following:
commit
5a1eb93b13c3a086c9c9baa4382853fecb5bb408
Author: maya dagon <mdagon@cisco.com>
Date: Wed Oct 4 08:30:54 2023 -0400
http_inspect: response to 0.9 isn't necessarily 0.9
Akhilesh MY (amuttuva) [Tue, 17 Oct 2023 09:40:03 +0000 (09:40 +0000)]
Pull request #4057: profiler: extend field length to support uint64
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:time_profiler_field to master
Squashed commit of the following:
commit
369b82cb73598a157ebe1769ebd2bed1da52b525
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Oct 17 01:45:39 2023 -0400
profiler: extend field length to support uint64
Raza Shafiq (rshafiq) [Mon, 16 Oct 2023 22:12:20 +0000 (22:12 +0000)]
Pull request #4054: host_cache: added segmented cache
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:segmented_atr_cache to master
Squashed commit of the following:
commit
d5e597e210b8c9a8c1d8e3dad6d675ecd9c5bcda
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Oct 11 19:15:09 2023 -0400
host_cache: added segmented cache
Sreeja Athirkandathil Narayanan (sathirka) [Mon, 16 Oct 2023 18:19:27 +0000 (18:19 +0000)]
Pull request #4001: appid: Added support for appid trace logs with multiple logging levels
Merge in SNORT/snort3 from ~SATHIRKA/snort3:appid_cbd_logging to master
Squashed commit of the following:
commit
03b7c38fb7fb796f0e7983c3f8fa6686c19a1561
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Sep 12 11:45:40 2023 -0400
appid: Added support for appid trace logs with multiple logging levels
Pull request #4047: tcp: do not allow duplicates in trs.alerts vector to avoid OOM possibility
Merge in SNORT/snort3 from ~ANOROKH/snort3:trs_alerts_dup_fix to master
Squashed commit of the following:
commit
08cecc25c6ca5763c725ccfb0fe48e692f0cfee7
Author: Anna Norokh <anorokh@cisco.com>
Date: Fri Sep 29 13:42:35 2023 +0300
stream: skip duplicated alerts in TcpReassemblerState's list
* add assert() to verify flow.trs_alerts test work
Thanks wenhao-in-chengdu for reporting the issue and suggesting a fix.
Pull request #4051: detection: always clear rule profiling stats for all nodes
Merge in SNORT/snort3 from ~ASERBENI/snort3:ruleprof_stats to master
Squashed commit of the following:
commit
6a7f93962b14b5675e36373f65fa1869e30e9577
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Thu Oct 12 12:29:58 2023 +0300
detection: fix cleaning of rule profiling stats when profiling starts
Pull request #4050: control: code refactor to support all unix flavors
Merge in SNORT/snort3 from ~RCONJEEV/snort3:control_conn_cmd_block_fix to master
Squashed commit of the following:
commit
2a10e5ab32d00bc4aa0389f21fe2bad270d14f93
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Thu Oct 12 15:26:16 2023 +0530
control: code refactor to support all unix flavors
Priyanka Bangalore Gurudev (prbg) [Wed, 11 Oct 2023 19:22:59 +0000 (19:22 +0000)]
Pull request #4044: build: generate and tag 3.1.72.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.72.0 to master
Squashed commit of the following:
commit
31d798da0da602ab732f2661d2fca4ae75e15101
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Oct 10 23:02:24 2023 -0400
build: generate and tag 3.1.72.0
Juweria Ali Imran (jaliimra) [Mon, 9 Oct 2023 19:59:13 +0000 (19:59 +0000)]
Pull request #4032: stream_tcp: update rcv_nxt appropriately after each segment
Merge in SNORT/snort3 from ~JALIIMRA/snort3:update_rcv_nxt to master
Squashed commit of the following:
commit
d04ba2b4f24c2f035509b4801e60a98d9452fbcb
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri Sep 29 16:58:49 2023 -0400
stream_tcp: update rcv_nxt appropriately for each segment
Pull request #4019: control: blocking control connections
Merge in SNORT/snort3 from ~RCONJEEV/snort3:control_conn_cmd_block_fix to master
Squashed commit of the following:
commit
b1ad1e27d0f38286ac99594af11eb7d1c0cb94f8
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Mon Sep 25 04:25:11 2023 -0400
control: allow one command at a time
Pull request #4040: helpers: increase buffer space for function names, allow printing truncated names
Merge in SNORT/snort3 from ~YCHALOV/snort3:backtrace_buffer_space to master
Squashed commit of the following:
commit
4a228b16da04e83b4749e84b310e4b2716936b3e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Oct 4 21:20:37 2023 +0200
helpers: increase buffer space for function names, allow printing truncated names
Adrian Mamolea (admamole) [Fri, 6 Oct 2023 15:34:41 +0000 (15:34 +0000)]
Pull request #4039: http_inspect: run detection on failed utf decoding
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:utf to master
Squashed commit of the following:
commit
fe4c6b14626890ba2fa116faa4c9b632532e0cf9
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri Sep 29 17:11:09 2023 -0400
http_inspect: run detection on failed utf decoding
Juweria Ali Imran (jaliimra) [Thu, 5 Oct 2023 20:28:31 +0000 (20:28 +0000)]
Pull request #4034: stream_tcp: accept 1 byte of trimmed probe data after zero window
Merge in SNORT/snort3 from ~JALIIMRA/snort3:sfcn_zw_trim to master
Squashed commit of the following:
commit
86635a90a120ba963cee350075bc8f50545f219d
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Thu Sep 28 06:11:46 2023 -0400
stream_tcp: accept 1 byte of trimmed probe data after zero window
Kaushal Bhandankar (kbhandan) [Tue, 3 Oct 2023 07:12:49 +0000 (07:12 +0000)]
Pull request #4036: appid: Support to get correct http session based on stream_id
Merge in SNORT/snort3 from ~KBHANDAN/snort3:file_concurrent to master
Squashed commit of the following:
commit
0ff38afdada8f56ad977b9acb68eb96cad4e0e56
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Mon Oct 2 14:08:21 2023 +0530
appid: Support to get correct http session based on stream_id
Raza Shafiq (rshafiq) [Fri, 29 Sep 2023 16:22:27 +0000 (16:22 +0000)]
Pull request #4014: flow_cache: added protocol base LRU caches
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:proto_base_lru to master
Squashed commit of the following:
commit
792e5b3c3febeece0f174c16a84646a3fb2e8a94
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Sep 13 07:23:23 2023 -0400
flow_cache: added protocol base LRU caches
Michael Matirko (mmatirko) [Fri, 29 Sep 2023 16:21:30 +0000 (16:21 +0000)]
Pull request #4030: memory: change NOW type counts to SUM type, where necessary
Merge in SNORT/snort3 from ~MMATIRKO/snort3:now_pegs to master
Squashed commit of the following:
commit
82c5c10e13933d003f8907a41c8bdee48541a381
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Sep 27 15:27:54 2023 -0400
memory: change NOW type counts to SUM type, where necessary
Ashik Thomas (ashiktho) [Fri, 29 Sep 2023 07:19:38 +0000 (07:19 +0000)]
Pull request #4028: CSCwh22691 - Continuous snort3 cores in DCE/SMB - DC into 7.6 release
Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwh22691_master to master
Squashed commit of the following:
commit
21e36571ca53ccb7883eee3cfb9aaf9e4cf2a7ec
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Mon Aug 21 14:31:03 2023 +0530
dce_rpc: using reset_using_rpkt() inline to what is there in eval() of SMB inspector code as well
Adrian Mamolea (admamole) [Thu, 28 Sep 2023 08:58:28 +0000 (08:58 +0000)]
Pull request #4011: packet_io: fix daq stats
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:kern to master
Squashed commit of the following:
commit
0ef7d59ebe19f9c93e39296bcf6dd7d540596971
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Sep 19 17:52:12 2023 -0400
packet_io: fix daq stats
Kaushal Bhandankar (kbhandan) [Wed, 27 Sep 2023 17:35:23 +0000 (17:35 +0000)]
Pull request #4018: active: added API for printing delayed action string
Merge in SNORT/snort3 from ~KBHANDAN/snort3:file_verdict to master
Squashed commit of the following:
commit
68a43601dfb338206704a6bf64ac01cec05fa046
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Sat Sep 23 11:06:59 2023 +0530
active: added API for printing delayed action string
Shanmugam S (shanms) [Wed, 27 Sep 2023 13:26:09 +0000 (13:26 +0000)]
Pull request #4026: tcp: timeout for embryonic and idle session
Merge in SNORT/snort3 from ~SHANMS/snort3:tcp_conn_timeout to master
Squashed commit of the following:
commit
43753f773b6dacc772d85766718bb15b4ac0da5a
Author: shanms <shanms@cisco.com>
Date: Thu Jun 22 14:41:06 2023 +0000
tcp: timeout for embryonic and idle session
Maya Dagon (mdagon) [Mon, 25 Sep 2023 16:25:54 +0000 (16:25 +0000)]
Pull request #4017: http_inspect: clear fake headers snapshot for 0.9 response
Merge in SNORT/snort3 from ~MDAGON/snort3:zero_nine to master
Squashed commit of the following:
commit
6cb2056dfb53780d8a70b69611a85b8cf2f635f4
Author: maya dagon <mdagon@cisco.com>
Date: Thu Sep 21 11:40:03 2023 -0400
http_inspect: clear fake headers snapshot for 0.9 response
Priyanka Bangalore Gurudev (prbg) [Mon, 25 Sep 2023 16:14:11 +0000 (16:14 +0000)]
Pull request #4022: build: generate and tag 3.1.71.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.71.0 to master
Squashed commit of the following:
commit
e1ebf3f63dd0c0c9891e913de83dbde00beca65a
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Sep 25 07:45:30 2023 -0400
build: generate and tag 3.1.71.0
Shijin Bose (shibose) [Fri, 22 Sep 2023 09:08:33 +0000 (09:08 +0000)]
Pull request #3995: appid, http_inspect, http2_inspect: create appid session if not present in decrypt event handler, add message section as part of StreamFlowIntf for httpx
Merge in SNORT/snort3 from ~SHIBOSE/snort3:ac_rule_match to master
Squashed commit of the following:
commit
df546681b874d2c88e6d1af67c1bccdb9d6d28e5
Author: shibose <shibose@cisco.com>
Date: Wed Sep 6 17:44:39 2023 +0000
appid, http_inspect, http2_inspect: create appid session if not present in decrypt event handler, add message section as part of StreamFlowIntf for httpx
Steven Baigal (sbaigal) [Wed, 20 Sep 2023 20:46:42 +0000 (20:46 +0000)]
Pull request #4012: flow: allow reinspection for blocked icmp flows after reload
Merge in SNORT/snort3 from ~SBAIGAL/snort3:icmp_fix to master
Squashed commit of the following:
commit
2749fdea6bb8b5e777288fd234f088adc05404ba
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Sep 13 14:24:18 2023 -0400
flow: allow reinspection for blocked icmp flows after reload
Pull request #3996: parser: add file_id rule syntax evaluation
Merge in SNORT/snort3 from ~ANOROKH/snort3:contentless_file_id to master
Squashed commit of the following:
commit
62f56f702475340468f31ab8a7f1a0fcbdc3c943
Author: Anna Norokh <anorokh@cisco.com>
Date: Wed Sep 13 11:03:31 2023 +0300
parser: add file_id rule syntax evaluation
* drop ParseError in case of file_id rule without file_meta,
fast-pattern(content,regex) or file_data option;
* update file_id docs;
* detection: replace rtn hard check with assert
Pull request #4010: detection: avoid multiple fixups of duplicated trees
Merge in SNORT/snort3 from ~VHORBATO/snort3:fixup_tree_tsan to master
Squashed commit of the following:
commit
aa509bd5fb8a21cc3365a427e434086401d15523
Author: vhorbato <vhorbato@cisco.com>
Date: Tue Sep 19 11:14:34 2023 +0300
detection: avoid multiple fixups of duplicated trees
Pull request #3993: main: fix signals handling after failed started instances
Merge in SNORT/snort3 from ~YCHALOV/snort3:all_pthreads_fix to master
Squashed commit of the following:
commit
a5fb3c19fd3654946f66fc0786826791c34460f7
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Sep 11 14:51:22 2023 +0200
main: fix signals handling after failed started instances
projects / thirdparty / snort3.git / log
