]>
git.ipfire.org Git - thirdparty/snort3.git/log
Pull request #3980: codecs: Add IPv6 Reserved Address to GID:116 Rules
Merge in SNORT/snort3 from ~TGANESHK/snort3:ipv6_newrule to master
Squashed commit of the following:
commit
af9ad67ce413fccf9514c93893abce2591e0868e
Author: THARANI DHARAN GANESHKUMAR -X (tganeshk - XORIANT CORPORATION at Cisco) <tganeshk@cisco.com>
Date: Mon Aug 21 22:07:34 2023 +0530
codecs: Add IPv6 Reserved Address to GID:116 Rules
Maya Dagon (mdagon) [Tue, 19 Sep 2023 17:37:22 +0000 (17:37 +0000)]
Pull request #4003: Smtp: support LF eol, add new alert
Merge in SNORT/snort3 from ~MDAGON/snort3:smtp2 to master
Squashed commit of the following:
commit
bcef85d9d705aee8b9ef431a0afb9c6e2ace0f18
Author: maya dagon <mdagon@cisco.com>
Date: Wed Sep 13 16:40:48 2023 -0400
smtp: process DATA\n (no \r)
commit
932d3c0f135a352146f67f6e007023c2a1e3bb41
Author: maya dagon <mdagon@cisco.com>
Date: Thu Sep 7 18:08:51 2023 -0400
smtp: add alert for mixed LF and CRLF
Juweria Ali Imran (jaliimra) [Tue, 19 Sep 2023 15:16:17 +0000 (15:16 +0000)]
Pull request #4004: stream_tcp: examine whether a segment plugs a hole before blocking due to exceeding queue_limit
Merge in SNORT/snort3 from ~JALIIMRA/snort3:seglist_window to master
Squashed commit of the following:
commit
872c4d9796db0b8099005542889da60d353fc8af
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Mon Sep 11 11:56:03 2023 -0400
stream_tcp: examine whether a segment plugs a hole before blocking due to exceeding queue_limit
Pull request #3976: main: reset_stats argument type improvement
Merge in SNORT/snort3 from ~PRATEPRA/snort3:reset_stats_improve to master
Squashed commit of the following:
commit
bf907f9b6fbfef61c5c9363fd67971d793d36de9
Author: PRATEEK MOHAN PRABHU -X (pratepra - XORIANT CORPORATION at Cisco) <pratepra@cisco.com>
Date: Mon Aug 28 22:46:09 2023 +0530
main: reset_stats argument type improvement
Ron Dempster (rdempste) [Tue, 12 Sep 2023 19:18:14 +0000 (19:18 +0000)]
Pull request #3989: flow: generate flow setup and established events for ha flows
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:ha_flow_events to master
Squashed commit of the following:
commit
0586aa711d765efb73bd75863886f8790e1a4d48
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Sep 7 08:55:57 2023 -0400
flow: generate flow setup and established events for ha flows
Pull request #3982: Stream: extend interface of extra data logging
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:extra_data_update to master
Squashed commit of the following:
commit
a4369053a05642a3c8ad9384ee1e9e04601ddce9
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Aug 18 18:00:14 2023 +0300
stream: extend list of arguments for extra data logging
Raza Shafiq (rshafiq) [Tue, 12 Sep 2023 13:45:49 +0000 (13:45 +0000)]
Pull request #3988: host_cache: cppcheck fix
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:cppcheck_fix to master
Squashed commit of the following:
commit
e031ab24740026fd43fdd062dfd830c389dc820d
Author: rshafiq <rshafiq@cisco.com>
Date: Fri Sep 8 09:34:46 2023 -0400
host_cache: cppcheck fix
Juweria Ali Imran (jaliimra) [Tue, 12 Sep 2023 13:44:38 +0000 (13:44 +0000)]
Pull request #3983: stream_tcp: ensure all data segments after a zero window are blocked when NAP is inline
Merge in SNORT/snort3 from ~JALIIMRA/snort3:sfcn_zw_block to master
Squashed commit of the following:
commit
f9831f17611dfbed4c4ff20717272e7ab26c66f9
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Mon Sep 4 14:30:19 2023 -0400
stream_tcp: ensure all data segments after a zero window are blocked when NAP is inline
Pull request #3987: detection: fix of default ips policy switching
Merge in SNORT/snort3 from ~ANOROKH/snort3:file_id_tenant_fix to master
Squashed commit of the following:
commit
4a0f89aab337ca876c5a46014f5be2c36217c42e
Author: Anna Norokh <anorokh@cisco.com>
Date: Fri Sep 1 18:15:37 2023 +0300
detection: fix of default ips policy switching
Because in case of tenant or adress_space configurations, previous code will switch
policy to network related IPS policy, not to default.
Adrian Mamolea (admamole) [Mon, 11 Sep 2023 14:54:09 +0000 (14:54 +0000)]
Pull request #3991: http2_inspect: fix http2 frame length for logging
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:fix_len to master
Squashed commit of the following:
commit
fede0d17affda64ac54930a0f9c605ad5e1d7ef5
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri Sep 8 11:14:28 2023 -0400
http2_inspect: fix http2 frame length for logging
Priyanka Bangalore Gurudev (prbg) [Mon, 11 Sep 2023 13:40:48 +0000 (13:40 +0000)]
Pull request #3992: build: generate and tag 3.1.70.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.70.0 to master
Squashed commit of the following:
commit
3357a9d7fd060ef804b9fa5dbb4790709142fd11
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Sep 10 14:47:26 2023 -0400
build: generate and tag 3.1.70.0
Pull request #3978: main: prevent reloading unprepared thread
Merge in SNORT/snort3 from ~YCHALOV/snort3:thread_reinit_fix to master
Squashed commit of the following:
commit
2a1ca1397f62224c096b9bedb22b715db390e7ba
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Aug 28 13:42:53 2023 +0200
main: prevent reloading unprepared thread
Raza Shafiq (rshafiq) [Fri, 1 Sep 2023 20:02:20 +0000 (20:02 +0000)]
Pull request #3942: host_cache: segmented host cache
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:host_cache_locking to master
Squashed commit of the following:
commit
e642b5dcfbc6a48be841676c6a9e77f2a8788dd3
Author: rshafiq <rshafiq@cisco.com>
Date: Thu Jul 27 08:43:35 2023 -0400
host_cache: added segmented host cache
Pull request #3981: detection: fix assert expression
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:flowbit_assert to master
Squashed commit of the following:
commit
f6ab7141e83a53ed630b50f9331d841ae60ce193
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Sep 1 15:07:31 2023 +0300
detection: fix assert expression
Flowbit setter can be evaluated against a packet without flow.
IPS rule still matches.
Maya Dagon (mdagon) [Wed, 30 Aug 2023 14:11:28 +0000 (14:11 +0000)]
Pull request #3975: helpers: improve hyperscan_search error message
Merge in SNORT/snort3 from ~MDAGON/snort3:hyper_msg to master
Squashed commit of the following:
commit
84357839a39f9ac89a8cd5b448a828a061129c51
Author: maya dagon <mdagon@cisco.com>
Date: Thu Aug 24 14:52:14 2023 -0400
helpers: improve hyperscan_search error message
Pull request #3965: appid: makes regex error more of a warning
Merge in SNORT/snort3 from ~LCZARNIK/snort3:regex_warning to master
Squashed commit of the following:
commit
42b77baa8c0f3d1b2380a40a8b1e64ece33874e5
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Tue Aug 22 04:29:06 2023 -0400
appid: makes regex error more of a warning
Ron Dempster (rdempste) [Tue, 29 Aug 2023 12:08:51 +0000 (12:08 +0000)]
Pull request #3974: search_engines: allow a snort config to be passed to find_all
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:wild_card to master
Squashed commit of the following:
commit
ee1aa0de6b0ebe3449eb870b9581299074cea966
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Aug 24 15:58:32 2023 -0400
search_engines: allow a snort config to be passed to find_all
Priyanka Bangalore Gurudev (prbg) [Mon, 28 Aug 2023 20:54:25 +0000 (20:54 +0000)]
Pull request #3973: build: generate and tag 3.1.69.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.69.0 to master
Squashed commit of the following:
commit
0790c83baa10bb571b4862b29c14090992a023e2
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Aug 27 10:09:40 2023 -0400
build: generate and tag 3.1.69.0
Adrian Mamolea (admamole) [Fri, 25 Aug 2023 18:08:48 +0000 (18:08 +0000)]
Pull request #3967: http2_inspect: add frame when logging a packet
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:h2_pkt to master
Squashed commit of the following:
commit
6a79c665c90e29c2025376c56ee1be5ef6d49e68
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Aug 23 15:16:33 2023 -0400
http2_inspect: address comments from Oleksii
commit
038f465bd138fbc9eb17fa661a9161cdd5235cbe
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Jul 5 16:59:08 2023 -0400
http2_inspect: add frame when logging a packet
Maya Dagon (mdagon) [Fri, 25 Aug 2023 12:30:01 +0000 (12:30 +0000)]
Pull request #3971: http2_inspect: test tool config changes
Merge in SNORT/snort3 from ~MDAGON/snort3:fix_test to master
Squashed commit of the following:
commit
17143f2739a892c03d085a7451e4518a11fc6c16
Author: maya dagon <mdagon@cisco.com>
Date: Mon Aug 21 09:29:42 2023 -0400
http2_inspect: update test tool configurations
Steve Chew (stechew) [Thu, 24 Aug 2023 17:26:37 +0000 (17:26 +0000)]
Pull request #3968: framework: Add virtual for inspectors that publish data when no ips policy is enabled.
Merge in SNORT/snort3 from ~STECHEW/snort3:dns_support_no_ips to master
Squashed commit of the following:
commit
12b31bdbac8c99c0e83b3e3a3e0e2f1922b90ea7
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 22 22:54:30 2023 -0400
framework: Add virtual for inspectors that publish data when no ips policy is enabled.
Pull request #3969: dce_rpc: fix stats for client/server segments reassembled
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:dce_rpc_fix to master
Squashed commit of the following:
commit
41a8beea1fced1a5a4baf1fa8fbc7ff6d30a1d08
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Aug 18 16:20:22 2023 +0300
dce_rpc: fix stats for client/server segments reassembled
Thanks to Bader-eddine Ouaich for addressing the issue.
Sreeja Athirkandathil Narayanan (sathirka) [Tue, 22 Aug 2023 18:52:25 +0000 (18:52 +0000)]
Pull request #3952: appid: mark ssl appid lookup successful if a service id is available
Merge in SNORT/snort3 from ~SATHIRKA/snort3:ssl_api_fix to master
Squashed commit of the following:
commit
b70cfde78e3439c33f7d11225b9986e10b57f276
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Aug 8 14:41:52 2023 -0400
appid: mark ssl appid lookup successful if a service id is available
Pull request #3961: HTTP mime boundary
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:http_mime_boundary to master
Squashed commit of the following:
commit
3ab0ced3e66e7f16da26e2ada1340b34d4f10897
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Aug 4 15:49:38 2023 +0300
mime: postpone boundary-look-alike data till the next PDU arrives
Works only if file position is unknown (http_inspect).
commit
154e2cc8d636004796761f64f8ec515bbb0a9e5b
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Aug 3 21:02:24 2023 +0300
mime: support transport padding in boundary strings
transport-padding := *LWSP-char
In encapsulation as "dash-boundary transport-padding CRLF".
In multipart-body as "delimiter transport-padding CRLF".
commit
70d077a012bc79348017bd984f955c2b3ae3caec
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 2 15:41:30 2023 +0300
mime: fix boundary search
In multi-part body the delimiter starts with CRLF and then boundary sequence goes.
The first boundary may go without CRLF.
However, scanning_boundary still ignores CRLF as they frequently occur in the file body.
commit
0e07d0a7c584633d6267f7df6283c4fa53f49d31
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jul 26 14:52:29 2023 +0300
http_inspect: adjust formatting
Maya Dagon (mdagon) [Mon, 21 Aug 2023 12:40:10 +0000 (12:40 +0000)]
Pull request #3960: http2_inspect: handle empty header name
Merge in SNORT/snort3 from ~MDAGON/snort3:zero_hdr to master
Squashed commit of the following:
commit
ea086e6a5be6780942c0a72d5b57dc4e4c4d6c97
Author: maya dagon <mdagon@cisco.com>
Date: Wed Aug 16 07:49:32 2023 -0400
http2_inspect: handle empty header name
Kaushal Bhandankar (kbhandan) [Thu, 17 Aug 2023 09:10:39 +0000 (09:10 +0000)]
Pull request #3957: inspector: export get_service_inspector_by_service method
Merge in SNORT/snort3 from ~KBHANDAN/snort3:quic_alpn to master
Squashed commit of the following:
commit
c83471159682c4eca861f01b5889f89e331f080a
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Mon Aug 14 23:33:28 2023 +0530
inspector: export get_service_inspector_by_service method
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 16 Aug 2023 20:12:17 +0000 (20:12 +0000)]
Pull request #3955: appid: prefer eve client over appid detected client after decryption and use appid detected client version if eve client equals appid client
Merge in SNORT/snort3 from ~SATHIRKA/snort3:decrypted_http to master
Squashed commit of the following:
commit
2e2b0425f9228cea79a2023959c9e71bee040923
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed May 24 20:01:09 2023 -0400
appid: prefer eve client over appid detected client after decryption and use appid detected client version if eve client equals appid client
Adrian Mamolea (admamole) [Wed, 16 Aug 2023 14:42:41 +0000 (14:42 +0000)]
Pull request #3946: http2_inspect: update connection settings on ack
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:settings_ack to master
Squashed commit of the following:
commit
28a58b0433ba324da53fcf14398c2cdd205dd0b3
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Jul 25 16:03:20 2023 -0400
http2_inspect: update connection settings on ack
Steve Chew (stechew) [Wed, 16 Aug 2023 14:23:53 +0000 (14:23 +0000)]
Pull request #3959: dns: Updates to allow DNS to be compiled dynamically.
Merge in SNORT/snort3 from ~STECHEW/snort3:dynamic_dns to master
Squashed commit of the following:
commit
4c8cf55371d387e0b37b63d330cd776ca630ea09
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 15 22:42:25 2023 -0400
dns: Updates to allow DNS to be compiled dynamically.
Priyanka Bangalore Gurudev (prbg) [Tue, 15 Aug 2023 14:58:48 +0000 (14:58 +0000)]
Pull request #3958: build: generate and tag 3.1.68.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.68.0 to master
Squashed commit of the following:
commit
f9f4200306f0a5a5e40a6cb00237dea0a636d30f
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Aug 14 22:13:20 2023 -0400
build: generate and tag 3.1.68.0
Ron Dempster (rdempste) [Sat, 12 Aug 2023 00:48:18 +0000 (00:48 +0000)]
Pull request #3956: managers: fix get_inspector to use the passed in snort config for context and inspection inspectors
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:fqdn to master
Squashed commit of the following:
commit
8394704aec2431ef1d070cbec8109075f2bed399
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Jul 25 10:15:45 2023 -0400
managers: fix get_inspector to use the passed in snort config for context and inspection inspectors
Pull request #3936: Dns response ip/name parser
Merge in SNORT/snort3 from ~SVLASIUK/snort3:dns_name_parser to master
Squashed commit of the following:
commit
81500ab8cd6138545a0c60009eda898e88de0e62
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Jul 25 18:50:36 2023 +0300
dns: parse and publish dns response with ip, fqdn/ttl data
added publish_response new dns inspector option
Pull request #3954: http_inspect: disable rule evaluation caching for MIME attachments
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:http_multiple_detection to master
Squashed commit of the following:
commit
38d843d18168ea4895e1a040f7de243cfb72dfc7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Aug 10 15:42:06 2023 +0300
http_inspect: disable rule evaluation caching for MIME attachments
Steve Chew (stechew) [Fri, 11 Aug 2023 12:29:58 +0000 (12:29 +0000)]
Pull request #3949: sfip: Add < operator so SfIp can be used in std::map and std::set.
Merge in SNORT/snort3 from ~STECHEW/snort3:sfip_lessthan to master
Squashed commit of the following:
commit
40ae0e52ba715656e350f99928e696116624c78d
Author: Steve Chew <stechew@cisco.com>
Date: Tue Aug 8 13:01:59 2023 -0400
sfip: Add < operator so SfIp can be used in std::map and std::set.
Maya Dagon (mdagon) [Wed, 9 Aug 2023 15:56:49 +0000 (15:56 +0000)]
Pull request #3948: stream: init meta ack packet action field
Merge in SNORT/snort3 from ~MDAGON/snort3:action_crash to master
Squashed commit of the following:
commit
e75f02f21299dafbc205b30175c964d6bef24140
Author: maya dagon <mdagon@cisco.com>
Date: Tue Aug 8 08:59:39 2023 -0400
stream: init meta ack packet action field
Pull request #3943: remove asn1
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:asn1_fixing to master
Squashed commit of the following:
commit
9fd16701a67d1e244ba110de1f6a3160991f4baf
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Aug 4 16:05:50 2023 +0300
doc: udpate tutorial
commit
db8e6783b1850e54024d4bb84364b166f7aff021
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jul 11 18:55:55 2023 +0300
src: remove ips option asn1
Maya Dagon (mdagon) [Fri, 4 Aug 2023 14:04:59 +0000 (14:04 +0000)]
Pull request #3940: wizard: refactoring - split curses to multiple files by protocol
Merge in SNORT/snort3 from ~MDAGON/snort3:wizard to master
Squashed commit of the following:
commit
ad41e68e63256944ec6a6ffb1d1074f2fd891250
Author: maya dagon <mdagon@cisco.com>
Date: Mon Jul 31 14:51:01 2023 -0400
wizard: refactoring - split curses to multiple files by protocol
Umang Sharma (umasharm) [Tue, 1 Aug 2023 20:14:14 +0000 (20:14 +0000)]
Pull request #3927: appid, cip: parsing cip safety segments
Merge in SNORT/snort3 from ~UMASHARM/snort3:cip to master
Squashed commit of the following:
commit
a8174147e5aff828a79dffe6e252b4bea69de8d7
Author: Umang Sharma <umasharm@cisco.com>
Date: Mon Jul 24 12:07:57 2023 -0400
appid, cip: parsing cip safety segments
Priyanka Bangalore Gurudev (prbg) [Mon, 31 Jul 2023 15:47:49 +0000 (15:47 +0000)]
Pull request #3938: build: generate and tag 3.1.67.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.67.0 to master
Squashed commit of the following:
commit
3473c773d17abe367718db98914829680038c401
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Jul 30 10:02:06 2023 -0400
build: generate and tag 3.1.67.0
Sreeja Athirkandathil Narayanan (sathirka) [Fri, 28 Jul 2023 16:40:45 +0000 (16:40 +0000)]
Pull request #3934: ssl: remove wildcard character from common name string extracted from ssl certificate
Merge in SNORT/snort3 from ~SATHIRKA/snort3:cname_wildcard to master
Squashed commit of the following:
commit
0e8f3ab6fede768ff8acd8697ce9690082a9f417
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jul 25 16:41:38 2023 -0400
ssl: remove wildcard character from common name string extracted from ssl certificate
Pull request #3898: appid: SSL regex patterns
Merge in SNORT/snort3 from ~LCZARNIK/snort3:regex_ssl to master
Squashed commit of the following:
commit
b75fe307c9e2f091dcdd2bd5ad669e8b22d95df5
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Tue Jul 4 08:02:45 2023 -0400
appid: SSL regex pattern implementation
Akhilesh MY (amuttuva) [Thu, 27 Jul 2023 10:59:36 +0000 (10:59 +0000)]
Pull request #3846: profiler: shell commands for time profiler
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:time_profiling to master
Squashed commit of the following:
commit
153408ae69c20bbe2f8f8afdfe125cc544e37207
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Fri May 12 10:10:19 2023 -0400
profiler: shell commands for time profiler
profiler: Handle reload scenarios and tsan issues
profiler: remove interdependency with time and memory for accumulation
change command names to match exposed profiler
Sreeja Athirkandathil Narayanan (sathirka) [Tue, 25 Jul 2023 16:06:45 +0000 (16:06 +0000)]
Pull request #3928: ssl: extract common name in the SSL certificate using openssl apis
Merge in SNORT/snort3 from ~SATHIRKA/snort3:vdb_ci_fix_cn to master
Squashed commit of the following:
commit
83bf5e6d1e1041d6029ac91c067eb800d2eb35c7
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Jul 24 11:56:57 2023 -0400
ssl: extract common name in the SSL certificate using openssl apis
Pull request #3926: build: fix type resolution for OSX build environment
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:build_fix_types to master
Squashed commit of the following:
commit
82c8c6747c11288bb8b5fe819413f8aa4762c9e2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jul 24 16:59:06 2023 +0300
build: fix type resolution for OSX build environment
Maya Dagon (mdagon) [Mon, 24 Jul 2023 08:06:50 +0000 (08:06 +0000)]
Pull request #3925: build: fix cstdint related clearlinux errors
Merge in SNORT/snort3 from ~MDAGON/snort3:clearlinux to master
Squashed commit of the following:
commit
7ef2bc13851ffa2bf7908964242859a8c05ddd96
Author: maya dagon <mdagon@cisco.com>
Date: Thu Jul 20 14:34:01 2023 -0400
build: fix cstdint related clearlinux errors
Ron Dempster (rdempste) [Fri, 21 Jul 2023 17:29:49 +0000 (17:29 +0000)]
Pull request #3924: flow: make sure cpputest mock objects are initialized
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:ha_test2 to master
Squashed commit of the following:
commit
aebb18b1f50e3ba10b0050f171c4664486b4de43
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jul 21 12:30:20 2023 -0400
flow: make sure cpputest mock objects are initialized
Michael Matirko (mmatirko) [Fri, 21 Jul 2023 15:34:27 +0000 (15:34 +0000)]
Pull request #3921: lua: change cip binder rule from 22222 to 2222 (thanks to animator-ra on GitHub for this fix).
Merge in SNORT/snort3 from ~MMATIRKO/snort3:lua_cip to master
Squashed commit of the following:
commit
2f5d3525d9018f15eee121701cbb4b22db652c8f
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jul 19 15:45:23 2023 -0400
style: fix whitespace
commit
4eb3ff2b5a0411da5f2c38b4f57c0e836c10880e
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jul 19 14:35:16 2023 -0400
lua: change cip binder rule from 22222 to 2222 (thanks to animator-ra on GitHub for this fix).
Ron Dempster (rdempste) [Fri, 21 Jul 2023 13:36:02 +0000 (13:36 +0000)]
Pull request #3856: main: increase the user policy id range to 0 -
18446744073709551614
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:user_policy_id to master
Squashed commit of the following:
commit
c80819df62302afaf9035df83bfec62f4d1a14eb
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri May 19 14:43:53 2023 -0400
main: increase the user policy id range to 0 -
18446744073709551614
Maya Dagon (mdagon) [Fri, 21 Jul 2023 11:05:54 +0000 (11:05 +0000)]
Pull request #3916: detection: service_mapping config
Merge in SNORT/snort3 from ~MDAGON/snort3:service_map to master
Squashed commit of the following:
commit
5188c7c6ead8b7dae5b512167470ffe949fbfd74
Author: maya dagon <mdagon@cisco.com>
Date: Thu Jul 20 11:08:55 2023 -0400
ips_options: remove FIXIT comment from SD_Pattern
commit
a08b568ab39443470dba17ae278cbf94fe43b238
Author: maya dagon <mdagon@cisco.com>
Date: Fri Jul 7 14:05:01 2023 -0400
detection: service_extension config
Ron Dempster (rdempste) [Thu, 20 Jul 2023 16:20:40 +0000 (16:20 +0000)]
Pull request #3922: flow: fix ha_test use of stack variable
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:ha_test to master
Squashed commit of the following:
commit
9a39e03d6bb96f5fbd6035f58d2228ab33e75900
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jul 20 08:12:50 2023 -0400
flow: fix ha_test use of stack variable
Michael Matirko (mmatirko) [Wed, 19 Jul 2023 15:15:04 +0000 (15:15 +0000)]
Pull request #3920: (master forward-port): perf_mon: continue even when pegcounts can't be resolved
Merge in SNORT/snort3 from ~MMATIRKO/snort3:peg_warn_master to master
Squashed commit of the following:
commit
b0ae8a092363cd6f1b21eb2df5e6406955700b2a
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri May 26 19:28:55 2023 +0000
perf_mon: continue even when pegcounts can't be resolved
Merge in FIREPOWER/snort3 from ~MMATIRKO/snort3:peg_warning to release/7.0.6
* commit '
adc617b60633098a34abdce6fa7c56b0e9019aa4 ':
build: fix issues with local build
perf_mon: continue even when pegcounts can't be resolved
Pull request #3882: appid: Do not raise SMTP response overflow IPS alert on SSL traffic
Merge in SNORT/snort3 from ~OSTEPANO/snort3:smtp_ssl_ips to master
Squashed commit of the following:
commit
355163900881bd437c95f0b3524b79ecb39ebac4
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Jun 16 09:21:44 2023 -0400
appid: Do not raise SMTP response overflow IPS alert on SSL traffic
Pull request #3910: ssl: parse and publish server common name from server certificate
Merge in SNORT/snort3 from ~SVLASIUK/snort3:ssl_server_common_name to master
Squashed commit of the following:
commit
f314e115effcbb33b323324fd90b72a1ddca71b4
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Jul 11 17:11:46 2023 +0300
ssl: parse and publish server common name from server certificate
Pull request #3913: Fix descriptor polling for non-Linux kernels
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:cntrl_shell_detach to master
Squashed commit of the following:
commit
a52fea2e2f3a957ae0e052b968343c36cdefdc29
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jul 12 15:27:09 2023 +0300
control: follow code style and formatting
commit
509e22428a6863396128b7cab018a9901fd378d8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jul 12 15:22:14 2023 +0300
control: fix descriptor polling implementation (POSIX)
Priyanka Bangalore Gurudev (prbg) [Mon, 17 Jul 2023 14:34:34 +0000 (14:34 +0000)]
Pull request #3917: build: generate and tag 3.1.66.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.66.0 to master
Squashed commit of the following:
commit
554747573d62ecf073381b0b2843cf4bf0e8ea84
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Fri Jul 14 16:01:05 2023 -0400
build: generate and tag 3.1.66.0
Priyanka Bangalore Gurudev (prbg) [Fri, 14 Jul 2023 19:13:03 +0000 (19:13 +0000)]
Pull request #3914: ftp: remove file_data dependency on file_id
Merge in SNORT/snort3 from ~PRBG/snort3:file_data_for_ftp_traffic to master
Squashed commit of the following:
commit
f10bfb3e8f36f11d6170e85710d97a90b115fe5d
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Jul 12 13:50:40 2023 -0400
ftp: remove file_data dependency on file_id
Juweria Ali Imran (jaliimra) [Fri, 14 Jul 2023 13:12:24 +0000 (13:12 +0000)]
Pull request #3906: stream_tcp: update state appropriately when head of seglist is the right end of a hole
Merge in SNORT/snort3 from ~JALIIMRA/snort3:seglist_hole_infinite_recursion to master
Squashed commit of the following:
commit
d33b0d33a920dfa8331b487a4c666b7f79c10314
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Jun 20 13:02:14 2023 -0400
stream_tcp: validate proper update of stream_tcp state when seglist head follows a hole
Pull request #3902: appid: cache CHP glossary before detectors reload
Merge in SNORT/snort3 from ~OSTEPANO/snort3:chp_heap_fix to master
Squashed commit of the following:
commit
4a19f21de3a022a1b88234f6def378a7a8e0941a
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Jul 6 05:59:00 2023 -0400
appid: cache CHP glossary before detectors reload
Pull request #3905: binder: in case of a service change, remove flags indicating an abort of the direction
Merge in SNORT/snort3 from ~VHORBATO/snort3:http_reasm_crash to master
Squashed commit of the following:
commit
83b52fa0fefd9cdf7d0687ba64804ee519225b6a
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Jul 10 11:37:53 2023 +0300
binder: in case of a service change, remove flags indicating an abort of the direction
Adrian Mamolea (admamole) [Tue, 11 Jul 2023 17:12:41 +0000 (17:12 +0000)]
Pull request #3894: rna: add stats for rna graphs
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:rna_graphs to master
Squashed commit of the following:
commit
92a7848dfd79dfcd809a1501165f7325b42af2d3
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Jun 14 08:42:16 2023 -0400
rna: add stats for rna graphs
Pull request #3895: helpers: added additional log in print_backtrace for debugging purpose
Merge in SNORT/snort3 from ~PRATEPRA/snort3:crash_fix to master
Squashed commit of the following:
commit
35814367e25bb035806998c65d27ac8b3e3d1aaf
Author: PRATEEK MOHAN PRABHU -X (pratepra - XORIANT CORPORATION at Cisco) <pratepra@cisco.com>
Date: Wed Jun 28 12:44:25 2023 +0530
helpers: added additional log in print_backtrace for debugging purpose
Pull request #3904: ips_options: add gadget check for vba_data
Merge in SNORT/snort3 from ~ASERBENI/snort3:vba_null_gadget to master
Squashed commit of the following:
commit
c9ec58b0e031465bcd69331fcef82e6dd6f03c5d
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:53:46 2023 +0300
ips_options: update dev_notes about IPS options input values
commit
5f6a0b16d628f524961f56f8ab68b614a39ad390
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:18:38 2023 +0300
ips_options: add unit tests for vba_data
commit
f7e319f06441b476463a2b64e786330c0a24425a
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:17:45 2023 +0300
ips_options: add gadget check for vba_data
Pull request #3859: perf_mon: fix dump_stats collision with perf mon
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:dump_stats_fix to master
Squashed commit of the following:
commit
78bdb137f619179005aebbadf9548e1121f90fce
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Tue May 23 10:56:21 2023 -0400
perf_mon: fix dump_stats collision with perf mon
Umang Sharma (umasharm) [Wed, 5 Jul 2023 18:42:52 +0000 (18:42 +0000)]
Pull request #3891: appid: Early detection of ssh and ignoring NAVL detection
Merge in SNORT/snort3 from ~UMASHARM/snort3:ssh to master
Squashed commit of the following:
commit
4e2f347496653738e8aaac683b157664ce24fceb
Author: Umang Sharma <umasharm@cisco.com>
Date: Wed Jun 21 22:14:38 2023 -0400
appid: Early detection of ssh and ignoring NAVL detection
Rishabh Duggal (riduggal) [Wed, 5 Jul 2023 17:11:06 +0000 (17:11 +0000)]
Pull request #3899: flow: changes to support derived classes of parent class Flow
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:rev_cc_support to master
Squashed commit of the following:
commit
01d4ba9884d67f63542a306bc439731142e893fc
Author: riduggal <riduggal@cisco.com>
Date: Tue Jun 20 10:23:20 2023 +0000
flow: changes to support derived classes of parent class Flow
Pull request #3879: appid: fix for opportunistic tls detected as ssl
Merge in SNORT/snort3 from ~LCZARNIK/snort3:appid_imaps to master
Squashed commit of the following:
commit
50fc3462f4f62ad0039e21ff8a103dc80fd65311
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Wed Jun 7 10:53:33 2023 -0400
appid: fix for opportunistic tls detected as ssl
Priyanka Bangalore Gurudev (prbg) [Mon, 3 Jul 2023 12:15:41 +0000 (12:15 +0000)]
Pull request #3897: build: generate and tag 3.1.65.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.65.0 to master
Squashed commit of the following:
commit
e02dc4aaeb2673eb4aca6cc08f978cddb3569f2f
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 29 22:32:25 2023 -0400
build: generate and tag 3.1.65.0
Russ Combs (rucombs) [Thu, 29 Jun 2023 16:27:21 +0000 (16:27 +0000)]
Pull request #3893: regex: clear flags reused by module to construct ips option
Merge in SNORT/snort3 from ~RUCOMBS/snort3:regex_fix to master
Squashed commit of the following:
commit
d1e67464a0945bfaee8f0910cbef4142ff569337
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 22 11:53:25 2023 -0400
regex: clear flags reused by module to construct ips option
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 28 Jun 2023 16:46:23 +0000 (16:46 +0000)]
Pull request #3890: appid: do not use global pointers to service and client detectors for packet processing during reload detectors
Merge in SNORT/snort3 from ~SATHIRKA/snort3:tsan_client_det to master
Squashed commit of the following:
commit
f31c08920afb3e6411a4bce428fa22acc6213423
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed May 10 09:11:40 2023 -0400
appid: do not use global pointers to service and client detectors for packet processing during reload detectors
Pull request #3887: Ips content update
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:ips_content_update to master
Squashed commit of the following:
commit
ce14dda2618aefbab0882a3d7f24523d39d945f9
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 19:12:42 2023 +0300
ips_content: clean-up of function
commit
1614f3d02ef0be1419426a27371fc019adc65042
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 19:00:49 2023 +0300
detection: update condition since the negated stuff can be matched in such cases
commit
bcb15b46360c11748873d33166736662906296f2
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:42:47 2023 +0300
ips_content: make the negated content be opposite to normal content
commit
752e235afd42ad16ba7a38e69b0cad22cc57b2a1
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:35:38 2023 +0300
ips_content: add flag for non-default value of depth
Previously, if the sum of "within", "distance", "current_pos" is zero,
the "within" was counted incorrectly and whole buffer would be searched.
Reference: tests/src/ips_options/content/positive_cases, sid:57
commit
e430068947d1e20544b3938155439143f66ff9e5
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:29:09 2023 +0300
ips_content: update condition checks
1. Move out of buffer end check to earlier stage in order to avoid repeated checks
2. Move the negative pos check to "retry" section since relates only to "retry" stuff
3. Make the check about pattern length and depth more clear
Pull request #3885: profiler: change date output format in rule profiler from microseconds to seconds
Merge in SNORT/snort3 from ~VHORBATO/snort3:rule_prof_date to master
Squashed commit of the following:
commit
cbcd8133dd4f0d2d61460719414507319fa82c5d
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Jun 16 18:55:11 2023 +0300
profiler: fix date related problems in rule_profiling json output
Steve Chew (stechew) [Wed, 21 Jun 2023 16:00:48 +0000 (16:00 +0000)]
Pull request #3874: file_api: Avoid file cache lookup after creating new file cache entry.
Merge in SNORT/snort3 from ~STECHEW/snort3:file_cache_optimization to master
Squashed commit of the following:
commit
6c08c968d9d0b2de85ffc928916c6c033e7654df
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 9 14:40:27 2023 -0400
file_api: Avoid file cache lookup after creating new file cache entry.
Pull request #3848: appid: add support for cip multiple service packet
Merge in SNORT/snort3 from ~SUBALU/snort3:msp to master
Squashed commit of the following:
commit
413d157d7b743f18d98d42f0ca41c58735a31563
Author: suriya <subalu@cisco.com>
Date: Mon May 15 16:55:40 2023 +0530
appid: add support for cip multiple service packet
Pull request #3872: libasan: fix out-of-bounds issues
Merge in SNORT/snort3 from ~ANOROKH/snort3:asan_invest to master
Squashed commit of the following:
commit
10d928de831b99b2fc6063cf5dc640dc83c4f5b6
Author: Anna Norokh <anorokh@cisco.com>
Date: Mon May 29 11:31:43 2023 +0300
analyzer: poison memory segment after msg->data
This will work only for regtests, memory will be poisoned for 16 bytes
to provide libasan possibility to sanitize memory that was allocated in DAQ.
commit
11e64eabf0d8fe3845f8cc3e85d040537ddf9103
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 22:31:03 2023 +0300
log: fix out-of-bounds read access
The source structure is over the packet raw data.
The structure declares an array of maximum possible size.
The default assign/copy operator may go out of bounds if underlying raw data is shorter.
commit
dc558bab687ffc779af2ca285240aa34ceb8c2a2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 15:39:19 2023 +0300
codecs: fix tcp options parsing
commit
bda86b5636c95909ed151c013adc481edde815f8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 14:51:25 2023 +0300
codecs: fix ipv6_mobility parsing
Check data availability before accessing the structure.
commit
d3d9b96e273c130e53637246d07ae367912719ff
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 14:39:33 2023 +0300
appid: fix FTP parsing
Prevent offset going beyond the buffer.
commit
6bbb52ff4333c6f0222d6fb05e6ac736d93b5a86
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 13:12:55 2023 +0300
rna: fix icmpv6 decoding
IPv6 payload length may include extenstion headers,
which should be accounted when looking for the end of ICMPv6.
commit
91f70f976963b9229259f11fabd561fcf5c5c269
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 09:22:29 2023 +0300
netflow: fix raw data conversion
Netflow dedicates 4 bytes for a time record.
Field size is better to be compared to the type size directly rather than
to an external variable size.
commit
761afb8d664b7314c4225a3699f1b0bfe95bde3f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri May 19 15:58:56 2023 +0300
utils: fix out-of-bound access
Before the change the function accepted a limit for the destination buffer,
which may cause out-of-bounds reading from the source buffer.
commit
e936d5b47d672e7ac7f6c03afdd55af0d34e04a7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 4 13:54:05 2023 +0300
appid: check size boundaries before header validation
commit
3708040ec8e130a365cff68b25fb2776db3ae98c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 3 14:56:40 2023 +0300
protocols: remove of unnecessary old_opt check
Raza Shafiq (rshafiq) [Wed, 21 Jun 2023 01:42:26 +0000 (01:42 +0000)]
Pull request #3883: NUMA memory policy
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:numa_memory_policy to master
Squashed commit of the following:
commit
9078d21f8c3e62519dadb794bd72abcf502b033b
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Jun 7 15:18:57 2023 -0400
thread_config: added thread level mempolicy
Brandon Stultz (brastult) [Tue, 20 Jun 2023 07:39:16 +0000 (07:39 +0000)]
Pull request #3869: icmp6: allow rules to match packet data after header
Merge in SNORT/snort3 from ~BRASTULT/snort3:icmp6_codec_fix to master
Squashed commit of the following:
commit
3e505237c534272ed501fac591e8eb53c2224727
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue May 9 17:07:24 2023 -0400
icmp6: allow rules to match packet data after header
Brandon Stultz (brastult) [Sat, 17 Jun 2023 15:40:14 +0000 (15:40 +0000)]
Pull request #3861: parser: base service_only on services not cursor type
Merge in SNORT/snort3 from ~BRASTULT/snort3:pkt_data_b64_fix to master
Squashed commit of the following:
commit
4c0959d1ce906b582268c2c639bf3788d40ff04f
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri May 19 12:51:15 2023 -0400
parser: base service_only on services not cursor type
Priyanka Bangalore Gurudev (prbg) [Fri, 16 Jun 2023 23:08:24 +0000 (23:08 +0000)]
Pull request #3880: build: generate and tag 3.1.64.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.64.0 to master
Squashed commit of the following:
commit
950ce7b6f66736e4cd1ff7d8d89be3b373cba6aa
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 15 21:33:29 2023 -0400
build: generate and tag 3.1.64.0
Steve Chew (stechew) [Fri, 16 Jun 2023 03:10:27 +0000 (03:10 +0000)]
Pull request #3875: main: Update OopsHandler to get private data length to print private data during crash.
Merge in SNORT/snort3 from ~STECHEW/snort3:daq_privptr_len_ioctl to master
Squashed commit of the following:
commit
46ce6c984ace2f8f753ac1f781da4469de259396
Author: Steve Chew <stechew@cisco.com>
Date: Sun Jun 11 23:56:06 2023 -0400
main: Update OopsHandler to get private data length to print private data during crash.
Shanmugam S (shanms) [Wed, 14 Jun 2023 03:51:43 +0000 (03:51 +0000)]
Pull request #3876: http_inspect: remove stream interface abstraction for http/1.1 flows
Merge in SNORT/snort3 from ~ABHPAL/snort3:h3 to master
Squashed commit of the following:
commit
853630ce0e2a0ade2bf425d3382c98a5458a283c
Author: Abhijit Pal(abhpal) <abhpal@cisco.com>
Date: Mon Jun 12 18:05:42 2023 +0530
http_inspect: remove stream interface abstraction for http/1.1 flows
Steven Baigal (sbaigal) [Fri, 9 Jun 2023 15:05:48 +0000 (15:05 +0000)]
Pull request #3867: stream ip: Fix session counters in timeout and cleanup cases
Merge in SNORT/snort3 from ~CHSHERWI/snort3:ip_counters2 to master
Squashed commit of the following:
commit
744d42e3c0424f5b49f76ce9b7e30a136fd1f1ed
Author: Chris Sherwin <chsherwi@cisco.com>
Date: Mon Jun 5 10:54:04 2023 -0400
stream ip: Fix session counters in timeout and cleanup cases
Ron Dempster (rdempste) [Wed, 7 Jun 2023 20:00:47 +0000 (20:00 +0000)]
Pull request #3868: appid: always publish a change message after do not decrypt
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:cert_viz_3 to master
Squashed commit of the following:
commit
bac5cc09c3745ee518d865d3767f73c129ac9a18
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed May 31 12:39:00 2023 -0400
appid: always publish a change message after do not decrypt
Steve Chew (stechew) [Wed, 7 Jun 2023 04:33:44 +0000 (04:33 +0000)]
Pull request #3870: detection: Handle case when no rule tree node is found for a policy ID.
Merge in SNORT/snort3 from ~STECHEW/snort3:detection_fix to master
Squashed commit of the following:
commit
fcfd02235de65ead825b0892946c8f960104e4d6
Author: Steve Chew <stechew@cisco.com>
Date: Tue Jun 6 23:20:28 2023 -0400
detection: Handle case when no rule tree node is found for a policy ID.
Steve Chew (stechew) [Sun, 4 Jun 2023 16:19:50 +0000 (16:19 +0000)]
Pull request #3855: flow: introduced granular counters for idle_prunes
Merge in SNORT/snort3 from ~RCONJEEV/snort3:rconjeev_us824999 to master
Squashed commit of the following:
commit
e0b6f73b0314f204e536403604d48c93355cc0d7
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Fri May 19 15:26:27 2023 +0530
flow: introduced granular counters for idle_prunes
Priyanka Bangalore Gurudev (prbg) [Fri, 2 Jun 2023 19:53:06 +0000 (19:53 +0000)]
Pull request #3866: build: generate and tag 3.1.63.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.63.0 to master
Squashed commit of the following:
commit
a13e97e42f217a66596af5add0744ef034e37d74
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 1 16:10:04 2023 -0400
build: generate and tag 3.1.63.0
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 31 May 2023 17:40:18 +0000 (17:40 +0000)]
Pull request #3810: appid: Changes logic in ssl pattern matching
Merge in SNORT/snort3 from ~LCZARNIK/snort3:wildcard to master
Squashed commit of the following:
commit
6231d29de020c2bcd883429293b9c5fb28775efb
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Mon Apr 17 09:50:20 2023 -0400
appid: Changes logic in ssl pattern matching
Steven Baigal (sbaigal) [Wed, 31 May 2023 14:02:06 +0000 (14:02 +0000)]
Pull request #3862: stream_tcp: account for data from zero window probes
Merge in SNORT/snort3 from ~JALIIMRA/snort3:zero_window_block_master to master
Squashed commit of the following:
commit
494f3504d6db1dae1979aba9032e8f890465c544
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 17 08:51:34 2023 -0400
stream_tcp: account for data from zero window probes
Ron Dempster (rdempste) [Wed, 31 May 2023 13:11:54 +0000 (13:11 +0000)]
Pull request #3864: perf_monitor: fix data bus subscription
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:sse_identity to master
Squashed commit of the following:
commit
1e2e532752bce48867954eeb6ad6a24711f5f910
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue May 30 21:46:37 2023 -0400
perf_monitor: fix data bus subscription
Pull request #3854: Handle return code from daq
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:return_error_daq_handling to master
Squashed commit of the following:
commit
48dbb1120a85078f6eaefbf4ee824d08f684d619
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed May 17 15:32:47 2023 +0300
main: add Pig destructor to free dynamic memory
commit
07073ca724c9f6dea8d7d352b3503b157b530c25
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 5 16:00:32 2023 +0300
main: handling the return code in case of error in creation of daq instance
Steve Chew (stechew) [Thu, 25 May 2023 22:53:12 +0000 (22:53 +0000)]
Pull request #3857: main: Allow network IDs to use up to 32 bits.
Merge in SNORT/snort3 from ~STECHEW/snort3:network_id_update to master
Squashed commit of the following:
commit
f349d2e213663779010377679bf07b9062d89f0a
Author: Steve Chew <stechew@cisco.com>
Date: Fri May 19 18:00:48 2023 -0400
main: Allow network IDs to use up to 32 bits.
Ron Dempster (rdempste) [Wed, 24 May 2023 13:13:18 +0000 (13:13 +0000)]
Pull request #3853: loggers: reuse sensor_id u2 event field for tenant_id value
Merge in SNORT/snort3 from ~SVLASIUK/snort3:events_tenant_id to master
Squashed commit of the following:
commit
967bb1f63af20b3c219a1a190b9b5fbbb995e36f
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu May 11 18:37:03 2023 +0300
loggers: reuse sensor_id u2 event field for tenant_id value
Steven Baigal (sbaigal) [Tue, 23 May 2023 15:23:59 +0000 (15:23 +0000)]
Pull request #3852: http_inspect: rebuild start line
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:fix_pkt_event to master
Squashed commit of the following:
commit
b0461bdcef28d7c669ef1bd38ce11bd5d706f2db
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri May 5 09:17:25 2023 -0400
http_inspect: rebuild start line
Priyanka Bangalore Gurudev (prbg) [Mon, 22 May 2023 01:30:00 +0000 (01:30 +0000)]
Pull request #3858: build: generate and tag 3.1.62.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.62.0 to master
Squashed commit of the following:
commit
67e8ebf226049ffa7e08ec6f6a74b121794120cd
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun May 21 12:12:26 2023 -0400
build: generate and tag 3.1.62.0
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 18 May 2023 15:16:52 +0000 (15:16 +0000)]
Pull request #3844: appid: Added fallback check for encrypted appid before port check in SSL inspection flow
Merge in SNORT/snort3 from ~OSTEPANO/snort3:ssl_fallback_to_encrypted_appid to master
Squashed commit of the following:
commit
32a0e9b13a63fe5ccf2c9b74ca1e264b846b4f6b
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed May 10 08:59:16 2023 -0400
appid: Added logic to check for encrypted appid before assigning SSL service based on port
Ron Dempster (rdempste) [Wed, 17 May 2023 20:54:44 +0000 (20:54 +0000)]
Pull request #3804: flow: do not recycle flow cache entries
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:free_flow to master
Squashed commit of the following:
commit
36cc202818b9d2d7eefd918943ee2c2739d2a414
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Apr 25 09:49:46 2023 -0400
decompress, detetion, file_api, framework: cppcheck fixes
commit
281da6ad7f3ad3b8aecfb363fd0895132ff6e301
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Apr 25 09:51:25 2023 -0400
flow: clean up flow termination
commit
dc4f6ee866c7aefab7964eb4e5682c9af9d5d2db
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Apr 10 10:12:23 2023 -0400
flow: do not recycle flow cache entries
Pull request #3843: profiler: add json formatter
Merge in SNORT/snort3 from ~ANOROKH/snort3:add_json_formatter to master
Squashed commit of the following:
commit
94832c6e4e72b9a95e644288b349eacf0560f056
Author: Anna Norokh <anorokh@cisco.com>
Date: Wed May 3 16:55:55 2023 +0300
profiler: add json formatter
* separated table output;
* added json formatter;
* added output argument to rule_dump() command;
* added function to put termination to json output in json_stream class;
Shanmugam S (shanms) [Tue, 16 May 2023 06:31:14 +0000 (06:31 +0000)]
Pull request #3823: main: Disable watchdog when Snort 3 process exits gracefully
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:watchdog_quit_master to master
Squashed commit of the following:
commit
05fbd9ecb7a8225b8c573e90954ed0c343abed91
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Apr 25 02:03:45 2023 -0400
main: Disable watchdog when Snort 3 process exits gracefully
Steven Baigal (sbaigal) [Fri, 12 May 2023 15:19:10 +0000 (15:19 +0000)]
Pull request #3814: Forward-port: (master) add extra jemalloc stats
Merge in SNORT/snort3 from ~MMATIRKO/snort3:mem_counts_master to master
Squashed commit of the following:
commit
9a5d8dabaf88dadbe29cd01b54602b5631b1a9bd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 15 14:22:22 2023 -0400
memory: add extra jemalloc counts for tracking
commit
1c078c5fa8c4fd0a99469677269d92f7b7837891
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Mar 14 22:24:37 2023 -0400
memory: use jemalloc stats.mapped for process total
Pull request #3838: Snort2lua reference upd
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:snort2lua_reference_upd to master
Squashed commit of the following:
commit
8db269261c14e17be57daa913a5924154541e6c6
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu May 4 16:06:25 2023 +0300
snort2lua: remove 'reference' option during conversion
Steve Chew (stechew) [Wed, 10 May 2023 15:42:34 +0000 (15:42 +0000)]
Pull request #3841: Add check for missing Geneve layer in get_geneve_options
Merge in SNORT/snort3 from ~STECHEW/snort3:fix_get_geneve_option to master
Squashed commit of the following:
commit
26ce9e4993fb40e1487e5eb5c466ec61099fd536
Author: Steve Chew <stechew@cisco.com>
Date: Wed May 10 08:33:57 2023 -0400
sfip/test: Fix a miscalculation of the number of codes entries.
commit
2bd6ed3dcc1e64a44fbdad95094d677f9cb00794
Author: Steve Chew <stechew@cisco.com>
Date: Wed May 10 08:31:54 2023 -0400
protocols: Add check for missing Geneve layer in get_geneve_options.
projects / thirdparty / snort3.git / log
