]>
git.ipfire.org Git - thirdparty/snort3.git/log
Pull request #4726: stream_tcp: deprecate the reassemble_async configuration option
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:deprecate_reassemble_async to master
Squashed commit of the following:
commit
18400e7d9fda158c3fc59d73060312b70795f93f
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue May 6 08:29:46 2025 -0400
stream_tcp: deprecate the reassemble_async configuration option
commit
a5a8fe2fb28ee6cc33391f1453b5599c3e0928e0
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon May 5 23:18:17 2025 -0400
snort2lua: add include for cstdint to provide standard c++ integer types
Pull request #4719: flow: implement a per flow check of the packet timestamp and drop packets if the timestamp is earlier than the timestamp of the previous packet
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:drop_stale_packets to master
Squashed commit of the following:
commit
27a0456758a6713b2c5cdc94f3d2c59eaa9aa9dc
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon May 5 23:18:17 2025 -0400
snort2lua: add include for cstdint to provide standard c++ integer types
commit
63de2df3d4e5c871a0069b646c0a5c06588d9aa7
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Apr 4 14:45:29 2025 -0400
flow: implement a per flow check of the packet timestamp and drop packets if the timestamp is earlier than the timestamp of the previous packet
flow: always count stale packets, only drop if that is enabled by config, set default value for drop_stale_packets to false (disabled)
Priyanka Bangalore Gurudev (prbg) [Fri, 9 May 2025 17:17:23 +0000 (17:17 +0000)]
Pull request #4736: build: generate and tag 3.8.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.8.0.0 to master
Squashed commit of the following:
commit
a191b6ffeda07cc2431c0a197d86e81e80ee1772
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu May 8 20:44:30 2025 -0400
build: generate and tag 3.8.0.0
Steve Chew (stechew) [Fri, 9 May 2025 00:26:40 +0000 (00:26 +0000)]
Pull request #4683: packet_io: add trace logs when injecting packets.
Merge in SNORT/snort3 from ~STECHEW/snort3:inject_trace_logs to master
Squashed commit of the following:
commit
4aee3268aab234a62231870a3ff8764b463b7948
Author: Steve Chew <stechew@cisco.com>
Date: Wed Apr 2 00:50:04 2025 -0400
packet_io: add trace logs when injecting packets.
Steve Chew (stechew) [Fri, 9 May 2025 00:05:53 +0000 (00:05 +0000)]
Pull request #4732: Fix alias name
Merge in SNORT/snort3 from ~STECHEW/snort3:oleksii_alias_fix to master
Squashed commit of the following:
commit
e14bdcd2196c9151048a2afb8559a64ab6fb4358
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 2 15:54:45 2025 +0300
framework: make alias name internal to inspector instance
commit
32450f01541938b7e3b80d1b52df3ad172bf56c3
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 2 14:07:16 2025 +0300
managers: update formatting
Priyanka Bangalore Gurudev (prbg) [Thu, 8 May 2025 18:26:14 +0000 (18:26 +0000)]
Pull request #4722: build: generate and tag 3.7.4.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.7.4.0 to master
Squashed commit of the following:
commit
6f6d275e11180e523aa96f991908a07d960d8d72
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon May 5 22:24:20 2025 -0400
build: generate and tag 3.7.4.0
Pull request #4725: mp_data_bus: standartize data types
Merge in SNORT/snort3 from ~OSTEPANO/snort3:mp_transport_types to master
Squashed commit of the following:
commit
f8c03a985161f9c8b3963064d136fd364936e74e
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Tue May 6 10:19:37 2025 -0400
mp_data_bus: standartize data types
Pull request #4657: extractor: add ips events logging
Merge in SNORT/snort3 from ~ANOROKH/snort3:extr_detection to master
Squashed commit of the following:
commit
582e912a61e0993915ed83d84e77f1841f4e3423
Author: anorokh <anorokh@cisco.com>
Date: Thu Feb 20 02:28:16 2025 +0200
extractor: add weird and notice logging
Umang Sharma (umasharm) [Sun, 4 May 2025 16:19:14 +0000 (16:19 +0000)]
Pull request #4721: AppID Third party sync events for Multiprocess
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_tp_syncevents to master
Squashed commit of the following:
commit
e9776d26a8d485b85ba3d99c37f8a841f8c960ee
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri May 2 17:28:07 2025 -0400
appid: multiprocess init for appid tp syncevents
Pull request #4718: mp_data_bus: Adding stats and CLI commands to MPDataBus
Merge in SNORT/snort3 from ~OSTEPANO/snort3:cli_stats_mp to master
Squashed commit of the following:
commit
8160a86149c4b0030e74b6a04a6919ce55bf3913
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Apr 28 06:02:08 2025 -0400
mp_data_bus: Adding peg stats and socket commands for MPDataBus
Pull request #4699: http_inspect: add dynamic length-limited publishing of request and response body
Merge in SNORT/snort3 from ~VTRON/snort3:publish_http_body to master
Squashed commit of the following:
commit
2dba6d67d600da2f03621ce84dd10bda0486b926
Author: Vitalii Tron <vtron@cisco.com>
Date: Tue Oct 22 13:17:54 2024 -0400
http_inspect: add dynamic length-limited publishing of request and response body
Pull request #4717: Fix build for newer LuaJIT
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:build_fix to master
Squashed commit of the following:
commit
7fa3b137336f512a60351e5462050e09d3931897
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Apr 29 10:34:02 2025 +0300
build: apply workaround only for lower versions of LuaJIT
Thanks to Michael Cho for reporting the issue.
Bhumika Sachdeva (bsachdev) [Mon, 28 Apr 2025 20:04:17 +0000 (20:04 +0000)]
Pull request #4708: appid: fixed crash while printing appid debug
Merge in SNORT/snort3 from ~BSACHDEV/snort3:crash_shadow_traffic_fix to master
Squashed commit of the following:
commit
565bd492cad3143672f4d3c6cd4ab425dfe81305
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Apr 21 12:53:15 2025 -0400
appid: fixed crash while printing appid debug
Adrian Mamolea (admamole) [Mon, 28 Apr 2025 18:39:39 +0000 (18:39 +0000)]
Pull request #4705: extractor: extend dns support
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:dns3 to master
Squashed commit of the following:
commit
a66400442cc0567df4607d23f5a070e670b6d76a
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Apr 15 13:55:28 2025 -0400
extractor: extend dns support
Michael Matirko (mmatirko) [Mon, 28 Apr 2025 15:13:22 +0000 (15:13 +0000)]
Pull request #4703: flow: don't offset flow instance number by 1 when printing flows
Merge in SNORT/snort3 from ~MMATIRKO/snort3:flow_off_by_one to master
Squashed commit of the following:
commit
3a644db3963d2fef5638e7b30a792d85fd9abe30
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Apr 15 12:46:20 2025 -0400
flow: don't offset flow instance number by 1 when printing flows
Umang Sharma (umasharm) [Sat, 26 Apr 2025 00:34:17 +0000 (00:34 +0000)]
Pull request #4692: mp_data_bus: core logic for mp databus
Merge in SNORT/snort3 from ~UMASHARM/snort3:mp_dbus to master
Squashed commit of the following:
commit
7fc8f62dac71aea14203346fe12d2d3bc9605f9c
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu Apr 24 15:29:53 2025 -0400
mp_data_bus: core logic for mp databus
Pull request #4712: mp_unix_transport: clang compilation fix
Merge in SNORT/snort3 from ~OSTEPANO/snort3:crunch_fix to master
Squashed commit of the following:
commit
2a9ddee769279b2a03d32ac93d84e9369bc7463e
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Apr 25 07:08:40 2025 -0400
mp_unix_transport: clang compilation fix
Pull request #4695: mp_unix_transport: mp_transport plugin type, implementation of unix domain name based mp transport
Merge in SNORT/snort3 from ~OSTEPANO/snort3:mp_transport_layer to master
Squashed commit of the following:
commit
edb3158929808ca911049623f5e676554134eab7
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Mar 27 16:06:10 2025 -0400
mp_unix_transport: mp_transport plugin type, implementation of unix domain name based mp transport
Maya Dagon (mdagon) [Wed, 23 Apr 2025 18:38:15 +0000 (18:38 +0000)]
Pull request #4709: extractor: support conn.log orig_bytes, resp_bytes
Merge in SNORT/snort3 from ~MDAGON/snort3:conn_bytes_final to master
Squashed commit of the following:
commit
ee59534a98148aaed8a16339ced286afbe3d1e80
Author: maya dagon <mdagon@cisco.com>
Date: Fri Aug 30 12:54:48 2024 -0400
extractor: support conn.log orig_bytes, resp_bytes
Priyanka Bangalore Gurudev (prbg) [Mon, 21 Apr 2025 15:29:07 +0000 (15:29 +0000)]
Pull request #4706: build: generate and tag 3.7.3.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.7.3.0 to master
Squashed commit of the following:
commit
f76d18521571fb953de123b540e13d0082937a73
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Apr 20 11:49:44 2025 -0400
build: generate and tag 3.7.3.0
Abhishek Rawat (abhrawat) [Wed, 16 Apr 2025 12:54:28 +0000 (12:54 +0000)]
Pull request #4650: main: added show snort latency data cli support
Merge in SNORT/snort3 from ~ABHRAWAT/snort3:snort_latency_dioctl to master
Squashed commit of the following:
commit
2f8aec88f4b3e329f931ada996bb272ff2a0716b
Author: abhrawat <abhrawat@cisco.com>
Date: Mon Sep 9 09:17:38 2024 +0000
main: added show snort latency data cli support
Pull request #4700: Handle utility Shell calls
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:ha_fix to master
Squashed commit of the following:
commit
6e62646b481c53a5b0d54acee0a2adc570c5c003
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Sat Apr 12 00:32:33 2025 +0300
main: do not collect configurations for utility shells
This fixes null pointer de-reference.
Pull request #4694: packet_capture: rename pcaps and change max_packet_count default value
Merge in SNORT/snort3 from ~NIRMVENK/snort3:limit_pcap to master
Squashed commit of the following:
commit
ff811e9a73ec19d4408d83715ab2a8e32ca445cd
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Mon Apr 7 15:58:00 2025 -0400
packet_capture: fix unit test
commit
52d5c0094cdfa7d0c7d72cad5552936ccfce8553
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Mon Apr 7 13:06:46 2025 -0400
packet_capture: max_packet_count default value modification
commit
dc033ddad141a77f519a2ad1d6f34efb17ea6bd1
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Mon Apr 7 12:59:18 2025 -0400
packet_capture: rename pcaps and change default value
Pull request #4649: appid: Caching for tcp dns packets.
Merge in SNORT/snort3 from ~VIIZHYK/snort3:dns_caching_appid to master
Squashed commit of the following:
commit
2845f901f9c45b7e284f84378f3cae66ed677ba3
Author: viizhyk <viizhyk@cisco.com>
Date: Wed Apr 2 14:16:49 2025 -0400
appid: Added caching for dns detector.
Pull request #4690: Static checker warning
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fixup to master
Squashed commit of the following:
commit
de0d2c021f3d2d6de648e5b92121635cf368649b
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Apr 7 09:18:50 2025 +0300
extractor: fix static checker warning
Adrian Mamolea (admamole) [Fri, 4 Apr 2025 14:06:39 +0000 (14:06 +0000)]
Pull request #4675: extractor: extend dns logging
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:extractor_dns2 to master
Squashed commit of the following:
commit
92b7e2c0ab8f1b0fba620f80a2882dea301cbc8c
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Mar 24 17:03:25 2025 -0400
extractor: extend dns logging
Pull request #4687: TSV formatting
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_tsv to master
Squashed commit of the following:
commit
7139b13db0f2864f003d18e7e1e1ba00398e7883
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 3 11:56:48 2025 +0300
control: fix types in comparison
commit
7c3600f896b812b7dbb5ca262207789bf37ad598
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 3 11:14:01 2025 +0300
extractor: enable TSV formatting
commit
e7dde81c4dc9ee3772ea3cea7470ae36b0ade1b9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 2 18:03:10 2025 +0300
extractor: add escaping for TSV
commit
85df6b89ed7427f0ac72028b56a5cf820a9e0dbc
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 2 18:01:46 2025 +0300
extractor: add configurable delimiter in CSV logger
commit
56382b7d389a132523ba183323dc217ebe884031
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 2 17:12:07 2025 +0300
extractor: simplify CSV logger implementation
Pull request #4688: Extractor Parser
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_parse_warning to master
Squashed commit of the following:
commit
1fff5b9cb510f73b7696a76261b618986622c8a9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 3 15:21:30 2025 +0300
extractor: make parsing more strict
Wei Wang (weiwa) [Thu, 3 Apr 2025 18:56:15 +0000 (18:56 +0000)]
Pull request #4679: DNS: Handle multi trans_IDs in single DNS-UDP flow
Merge in SNORT/snort3 from ~WEIWA/snort3:weiwa-dns-udp-flow-multi-tx to master
Squashed commit of the following:
commit
bd686ccda796712e9545afa72fbcce4e31e50af1
Author: Wei Wang <weiwa@cisco.com>
Date: Thu Apr 3 22:33:06 2025 +0530
DNS: Handle multi trans_IDs in single DNS-UDP flow
Bhumika Sachdeva (bsachdev) [Wed, 2 Apr 2025 14:11:31 +0000 (14:11 +0000)]
Pull request #4673: appid: fixed unknown payload case for domain fronting
Merge in SNORT/snort3 from ~BSACHDEV/snort3:domain_fronting_payload_unknown to master
Squashed commit of the following:
commit
ca35caad3f65496e8ca02cdbca4f39f599a287db
Author: bsachdev <bsachdev@cisco.com>
Date: Fri Mar 21 17:28:28 2025 -0400
appid: fixed unknown payload case for domain fronting
Pull request #4654: snort3: resolve issues reported by Coverity static analysis
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:resolve_coverity_issues to master
Squashed commit of the following:
commit
dbbb96a44df54ec5d8074befd0b2be937950ace8
Author: davis mcpherson <davmcphe@cisco.com>
Date: Sat Mar 15 17:16:36 2025 -0400
main: redirect stdin, stdout, stderr to /dev/null with the freopen system call
main: check return code on mkdir system call and FatalError if it fails
main: refactor signal handling switch statement to eliminate unreachable code
commit
975bae48e44d038495e4649384dcf847dadf253d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Mar 11 09:40:47 2025 -0400
loggers: allocate large buffer for writing unified2 extra data from heap instead of stack
snort: in for loops that use auto keyword add & so the iterator assign a reference for each container element instead of doing a copy. coverity issue: AUTO_CAUSES_COPY
filters: initialize struct fields when instance is defined
unified2: use uint64_t to hold time values to eliminate Y2K38 time rollover issues
managers: use std::move to pass shared ptr to new owner to avoid a copy
commit
77bd1f1b7fc21d6fecf0d51682866bfa08149cf5
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Mar 6 14:19:47 2025 -0500
flow: fix coverity SWAPPED ARGUMENTS and Y2K38_SAFETY issues
helpers: validate input from conf file to verify port number string is valid digits
host_tracker: recode while loop to avoid bogus coverity infinite loop warning
ips_options: allocate large buffer for base64 decode from heap instead of on stack
http: initialize class member variables in the ctor
Pull request #4682: control: data race in ControlConn touch method fix
Merge in SNORT/snort3 from ~VSHPYRKA/snort3:ctrl_connn_dr_fix to master
Squashed commit of the following:
commit
6efb3d5acac88957a17886969ae9145fb21b0222
Author: Volodymyr Shpyrka <vshpyrka@cisco.com>
Date: Mon Mar 31 03:24:58 2025 -0400
control: fix data race in ControlConn touch method
Pull request #4659: http2_inspect: builtin rule for large settings max frame size
Merge in SNORT/snort3 from ~JCANOGOM/snort3:http2_rule_large_settings_max_frame_size to master
Squashed commit of the following:
commit
c0a3a471ecdc029bee8984bed2e38edea6e00531
Author: Jose Cano <jcanogom@cisco.com>
Date: Tue Mar 11 11:52:25 2025 -0400
http2_inspect: added settings_max_frame_size parameter and built-in rule 121:44 to check for max frame size
Priyanka Bangalore Gurudev (prbg) [Mon, 31 Mar 2025 17:29:53 +0000 (17:29 +0000)]
Pull request #4681: build: generate and tag 3.7.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.7.2.0 to master
Squashed commit of the following:
commit
7efd9bbf77cdcb9923acb17a0214ed8e48689a51
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Mar 30 22:19:53 2025 -0400
build: generate and tag 3.7.2.0
Sumit Kumar (sumikum7) [Thu, 27 Mar 2025 06:04:19 +0000 (06:04 +0000)]
Pull request #4662: dce_rpc: fixing coverity in dce_rpc code
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:coverity_CSCwo16686_snort to master
Squashed commit of the following:
commit
92afd8abbce3613447019c469eb0f7f02eb7ffc3
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Mon Mar 24 15:16:03 2025 +0530
dce_rpc: ignoring false positives and fixing spell checks
Sumit Kumar (sumikum7) [Wed, 26 Mar 2025 09:35:39 +0000 (09:35 +0000)]
Pull request #4651: file_api: making current_context as nullptr before it gets the value of ctx
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:coverity_CSCwo20068_snort to master
Squashed commit of the following:
commit
4004df617faf5598c181ae672b1b304e3e440c1b
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Wed Mar 5 15:31:53 2025 +0530
file_api: making current_context as nullptr before it gets the value of ctx
file_api: since current_context would never be file_got hence removing this style check
file_api: making current_context as nullptr before it gets the value of ctx and removing redundant part of if check
Shijin Bose (shibose) [Wed, 26 Mar 2025 06:36:31 +0000 (06:36 +0000)]
Pull request #4665: unified2 : add packet dump to unified event with reassembled udp packet
Merge in SNORT/snort3 from ~SHIBOSE/snort3:unified_udp_data to master
Squashed commit of the following:
commit
e351244d1ffb8e22a6bf706f217d434101604931
Author: shibose <shibose@cisco.com>
Date: Wed Mar 12 15:15:41 2025 +0000
unified2 : add packet dump to unified event with reassembled udp packet
Pull request #4674: PID into dump file name
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:cfg_dump_pid to master
Squashed commit of the following:
commit
818389e207fe57ac24e3095dbc42f4cf9eeeff35
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Mar 24 15:45:24 2025 +0200
dump_config: include PID into dump file name
Brian Morris (bmorris2) [Mon, 24 Mar 2025 19:36:33 +0000 (19:36 +0000)]
Pull request #4671: main: initialize openssl at startup
Merge in SNORT/snort3 from ~BMORRIS2/snort3:init_ssl to master
Squashed commit of the following:
commit
88f0d54f906864cee226dff4e994b2303444237a
Author: Brian Morris <bmorris2@cisco.com>
Date: Wed Mar 19 16:48:26 2025 -0500
main: initialize openssl at startup
Pull request #4672: packet_capture: use existing util function to check directory path
Merge in SNORT/snort3 from ~NIRMVENK/snort3:fix_error to master
Squashed commit of the following:
commit
47e879770de81b34013c58c66f73713bbb2dcb42
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Fri Mar 21 13:24:01 2025 -0400
packet_capture: use existing util function to check directory path
Juweria Ali Imran (jaliimra) [Mon, 24 Mar 2025 17:15:42 +0000 (17:15 +0000)]
Pull request #4670: stream_tcp: rename OS policy names to prevent conflict with existing macros
Merge in SNORT/snort3 from ~JALIIMRA/snort3:bsd_identifier to master
Squashed commit of the following:
commit
b12a29259c3e9a0fea148e841d4cdb91686fcb27
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri Mar 21 11:48:21 2025 -0400
stream_tcp: rename OS policy names to prevent conflict with existing macros
Umang Sharma (umasharm) [Sat, 22 Mar 2025 14:44:08 +0000 (14:44 +0000)]
Pull request #4645: connectors: new Unix Domain Connector
Merge in SNORT/snort3 from ~UMASHARM/snort3:unixdomain_connector to master
Squashed commit of the following:
commit
2efb114f729caa16f9044e06789d1ebff6c44321
Author: Umang Sharma <umasharm@cisco.com>
Date: Sun Mar 2 20:36:19 2025 -0500
connectors: new unix domain connector
Umang Sharma (umasharm) [Fri, 21 Mar 2025 23:31:28 +0000 (23:31 +0000)]
Pull request #4664: Multiprocess DataBus Framework
Merge in SNORT/snort3 from ~UMASHARM/snort3:mpubsub_dbus to master
Squashed commit of the following:
commit
e5e650f62e17bb9529b5c7d05cfd27234261613d
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu Mar 13 08:25:05 2025 -0400
mp_data_bus: basic framework with skeleton APIs
Wei Wang (weiwa) [Wed, 19 Mar 2025 14:30:20 +0000 (14:30 +0000)]
Pull request #4610: dns-bee-message: add tenant-fqdn as key in bee-messages
Merge in SNORT/snort3 from ~WEIWA/snort3:weiwa-master-fqdn-bee-compaction-key to master
Squashed commit of the following:
commit
745433c3a261d0dded615b83c89a65785bcb102d
Author: Wei Wang <weiwa@cisco.com>
Date: Tue Mar 18 22:13:56 2025 +0530
dns: pass packet in DnsResponseEvent
Pull request #4547: stream_tcp: refactor tcp normalizer initialization to eliminate duplicate initializations
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:stream_tcp_norm_init to master
Squashed commit of the following:
commit
e8a5e275d89b22f5eb9d3b688a2b84650cb5e209
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Sep 24 15:57:10 2024 -0400
imap:pop: delete if expression that compared session flag to the packet_flag filed
commit
395f937f5ec39f22e735cdc094fc34008c0ce359
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Jan 30 09:51:01 2025 -0500
stream_tcp: make member variables private to improve tracker class encapsulation
commit
3934da1fee6f5f0c72bfa55cf2c5a02d9f651cc0
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Mar 13 10:41:54 2025 -0400
stream_tcp: reduce verbosity of packet tracer log messages for normalizer initialization actions
stream_tcp: split StreamPolicy enum into enums specific to normalization and to overlap resolution
commit
a3e4777c89136f3de3bcc67d365626dca7563b51
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Sep 12 11:03:06 2024 -0400
stream_tcp: eliminate redundant calls to initialize the normalizer policy
stream_tcp: only allow legacy OS and FIRST normalizer policies to be configurable. Proxy and missed 3whs modes are determined dynamically per flow
stream_tcp: initialize each tracker's normalizer for missed 3whs behavior invidually when the initial packet is processed by the tracker
Pull request #4623: appid: added flag to enable inspection of ooo packets
Merge in SNORT/snort3 from ~OSTEPANO/snort3:ssl_ooo_ch to master
Squashed commit of the following:
commit
ec43974fa2a3ddc6acf1716f6c1bec0fb5dad657
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Feb 17 07:34:48 2025 -0500
appid: added flag to inspect ooo packets
Pull request #4635: packet_capture: support packet capture limit and location
Merge in SNORT/snort3 from ~NIRMVENK/snort3:pcap_limit to master
Squashed commit of the following:
commit
397c78f1e44a6e9e6ba976b7387182377739e87f
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Mon Feb 24 17:56:54 2025 -0500
packet_capture: support packet capture limit and location
Bhumika Sachdeva (bsachdev) [Wed, 12 Mar 2025 20:27:06 +0000 (20:27 +0000)]
Pull request #4658: appid: Modified shadow traffic status to default
Merge in SNORT/snort3 from ~BSACHDEV/snort3:status_shadow_traffic_default to master
Squashed commit of the following:
commit
752c252429c631f756fcbe0bcae670067f9e83a5
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Mar 11 10:23:44 2025 -0400
appid: Modified shadow traffic status to default
Priyanka Bangalore Gurudev (prbg) [Wed, 12 Mar 2025 19:20:10 +0000 (19:20 +0000)]
Pull request #4661: build: generate and tag 3.7.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build__3.7.1.0 to master
Squashed commit of the following:
commit
69333ea7033b53c5bf730daba90f8a04ecb9e62a
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Mar 12 00:30:17 2025 -0400
build: generate and tag 3.7.1.0
Ron Dempster (rdempste) [Tue, 11 Mar 2025 18:31:25 +0000 (18:31 +0000)]
Pull request #4626: Appid flow data
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:appid_flow_data to master
Squashed commit of the following:
commit
17d3c097c366d0624f25424a0d1f5d4705ec686a
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jan 30 10:22:48 2025 -0500
appid: fixes for coverity and cppcheck issues
commit
e5932f8567cbd7eef6ca8569691328b101803734
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Feb 18 10:25:11 2025 -0500
appid: change get_appid_session_api to use the stash
commit
fb1fe44bbe2e8204cff7d84d4d6ab7e29df6375e
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Nov 27 11:57:09 2024 -0500
appid: convert appid flow data to use objects
Pull request #4653: file_api: add log message for reset ctx
Merge in SNORT/snort3 from ~OTORUBAR/snort3:improve_logging to master
Squashed commit of the following:
commit
e60995fd30f3b16162f9d4f1a5618f5bca5a8bb7
Author: otorubar <otorubar@cisco.com>
Date: Tue Mar 4 04:48:58 2025 -0800
file_api: add log message for reset ctx
Pull request #4656: extractor: add tenant id as common field
Merge in SNORT/snort3 from ~ANOROKH/snort3:extr_add_tenant_field to master
Squashed commit of the following:
commit
2a414abe67d6ffd4bc4d94171a595031a3fa1a89
Author: anorokh <anorokh@cisco.com>
Date: Tue Mar 4 14:21:32 2025 +0200
extractor: add tenant id as common field
Pull request #4655: Extractor timestamp field
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_field_types to master
Squashed commit of the following:
commit
22aae83d1edfaa22a7145501068a29954370d38d
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Mar 6 17:37:52 2025 +0200
extractor: add time formatting in loggers
commit
bdd2f2ac6ccf9f7aa2984bc22455a5959bc6745c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Mar 5 17:36:14 2025 +0200
extractor: add configuration option for time formatting
commit
df147998fd47b5e3813e909328748e85e254c8b0
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Mar 5 17:10:53 2025 +0200
extractor: remove obsolete includes
Adrian Mamolea (admamole) [Fri, 7 Mar 2025 18:57:44 +0000 (18:57 +0000)]
Pull request #4634: Extractor dns
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:extractor_dns to master
Squashed commit of the following:
commit
eff76203471fb2129af3d0e1ecd04b6b946f88a6
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri Feb 14 12:28:13 2025 -0500
extractor: dns support
Andres Avila Segura (aavilase) [Thu, 6 Mar 2025 13:44:04 +0000 (13:44 +0000)]
Pull request #4618: appid: adding logs while creating third party context to monitor hanging
Merge in SNORT/snort3 from ~AAVILASE/snort3:third_party_reload_logging to master
Squashed commit of the following:
commit
fd570b5fc85d6b700a4f30ab5ae406e661b84328
Author: Andres Avila <aavilase@cisco.com>
Date: Thu Feb 13 08:40:19 2025 -0500
appid: Adding log while creating third party context to monitor hanging
Pull request #4638: build: add version check for numactl library
Merge in SNORT/snort3 from ~DZIKRATY/snort3:add_version_check_for_numactl to master
Squashed commit of the following:
commit
3bdbc66908dce164db28ec693021224e38d8263d
Author: Denys Zikratyi -X (dzikraty - SOFTSERVE INC at Cisco) <dzikraty@cisco.com>
Date: Wed Feb 26 07:13:27 2025 -0500
build: add version check for numactl
Sumit Kumar (sumikum7) [Wed, 5 Mar 2025 13:14:09 +0000 (13:14 +0000)]
Pull request #4646: config_parser : fixing unchecked return in snort_config
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:coverity_CSCwo20129 to master
Squashed commit of the following:
commit
14a2c51a860fde5116dcd22d153b94acbad38c2c
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Wed Mar 5 11:48:26 2025 +0530
config_parser : fixing the no return check warning rather than supressing it
commit
55404aa73c8ef2cbd06c1d39044816222b644066
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Tue Mar 4 19:58:50 2025 +0530
config_parser : turning down false positive warnings
commit
9b72c801eedcf5109044ff620b314fb04ab9e481
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Tue Mar 4 11:23:56 2025 +0530
config_parser : turning down false positive warnings
Sumit Kumar (sumikum7) [Wed, 5 Mar 2025 06:28:53 +0000 (06:28 +0000)]
Pull request #4647: file_api: making sha256 point to null to avoid dangling cases
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:sdwan_fix_on_master_780 to master
Squashed commit of the following:
commit
46292646970137ee5d7499d53de1eec36924b7dc
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Mon Mar 3 16:43:12 2025 +0530
file_api: making sha256 point to null to avoid dangling cases
Rishabh Choudhary (rishacho) [Mon, 3 Mar 2025 16:10:36 +0000 (16:10 +0000)]
Pull request #4617: ftp_telnet: flow data creation when port command is issued for active ftp
Merge in SNORT/snort3 from ~RISHACHO/snort3:ftp_ooo_syn to master
Squashed commit of the following:
commit
9066270442fc46634998807e238b9fe5b55c3489
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed Feb 12 22:06:26 2025 +0530
ftp_telnet: flow data creation when port command is issued for active ftp
Pull request #4641: extractor: fix spelling
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:data_log_filtering to master
Squashed commit of the following:
commit
161c04c2fa063198c56ea6675d5f14af3920b455
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Feb 21 15:31:35 2025 +0200
extractor: fix spelling
Pull request #4640: helpers: add missing include for unit tests
Merge in SNORT/snort3 from ~ANOROKH/snort3:fix_platforms_js_stream to master
Squashed commit of the following:
commit
9b5d56627d559663368700a8616ac49f62222551
Author: anorokh <anorokh@cisco.com>
Date: Fri Feb 28 10:35:04 2025 +0200
helpers: add missing include for unit tests
Bhumika Sachdeva (bsachdev) [Tue, 25 Feb 2025 17:37:00 +0000 (17:37 +0000)]
Pull request #4632: appid: fixed functionality for domain fronting for shadow traffic
Merge in SNORT/snort3 from ~BSACHDEV/snort3:domain_fronting_more_changes to master
Squashed commit of the following:
commit
d627b1cb893d5a0ab4bfeff381c5062b9196b69e
Author: bsachdev <bsachdev@cisco.com>
Date: Fri Feb 21 15:20:58 2025 -0500
appid: fixed functionality for domain fronting for shadow traffic
Pull request #4633: thread_config: fix numa build issue
Merge in SNORT/snort3 from ~DZIKRATY/snort3:fix_numa_build_issue to master
Squashed commit of the following:
commit
c65a808e9f7ad41122b4921875d397b6dfb88adf
Author: Denys Zikratyi -X (dzikraty - SOFTSERVE INC at Cisco) <dzikraty@cisco.com>
Date: Mon Feb 24 04:14:31 2025 -0500
thread_config: fix numa build issue
Bhumika Sachdeva (bsachdev) [Thu, 20 Feb 2025 15:51:13 +0000 (15:51 +0000)]
Pull request #4628: appid: added publishing of domain fronting event
Merge in SNORT/snort3 from ~BSACHDEV/snort3:domain_fronting_publish to master
Squashed commit of the following:
commit
3d1ae6604b0870ae73795193030a0d9a488e819a
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Feb 19 17:13:54 2025 -0500
appid: added publishing of domain fronting event
Pull request #4612: thread_config: add option for setting NUMA memory policy
Merge in SNORT/snort3 from ~DZIKRATY/snort3:add_option_for_numa_mpol to master
Squashed commit of the following:
commit
44a1028f45a1e0f5a93fba57b9f6a43fd0d77d26
Author: Denys Zikratyi -X (dzikraty - SOFTSERVE INC at Cisco) <dzikraty@cisco.com>
Date: Mon Feb 10 11:35:48 2025 -0500
thread_config: add option for setting NUMA memory policy
Pull request #4597: stream_tcp: changed asymmetric flows counter increment conditions
Merge in SNORT/snort3 from ~VSHPYRKA/snort3:asymmetric_flows_increment to master
Squashed commit of the following:
commit
b39215a709fac5e03c82d424561a169ac622f221
Author: Volodymyr Shpyrka <vshpyrka@cisco.com>
Date: Mon Feb 3 10:41:07 2025 -0500
stream_tcp: changed asymmetric flows counter increment conditions
Shilpa Nagpal (shinagpa) [Wed, 19 Feb 2025 10:38:31 +0000 (10:38 +0000)]
Pull request #4621: shadowtraffic_aggregator: changes for fake TLS
Merge in SNORT/snort3 from ~SHINAGPA/snort3:lov_domain_faking to master
Squashed commit of the following:
commit
4d3828522fe071fddc45f66cce7faecb375674b7
Author: Shilpa Nagpal <shinagpa@cisco.com>
Date: Mon Feb 17 15:26:38 2025 +0530
shadowtraffic_aggregator: changes for domain faking
Pull request #4592: pub_sub: add ips rule event for extractor
Merge in SNORT/snort3 from ~ANOROKH/snort3:extr_rule_events to master
Squashed commit of the following:
commit
86b80f37d26c1ba03e46feaff262bd6b65d716c2
Author: anorokh <anorokh@cisco.com>
Date: Thu Jan 30 15:57:16 2025 +0200
pub_sub: add ips rule event for extractor
Bhumika Sachdeva (bsachdev) [Tue, 18 Feb 2025 19:04:17 +0000 (19:04 +0000)]
Pull request #4596: appid: implemented domain fronting support for shadow traffic
Merge in SNORT/snort3 from ~BSACHDEV/snort3:domain_fronting_appid to master
Squashed commit of the following:
commit
5aca0b79cf47ea432ce7fdd3ec40c160cc3f5413
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Feb 3 10:12:32 2025 -0500
appid: implemented domain fronting support for shadow traffic
Michael Matirko (mmatirko) [Tue, 18 Feb 2025 16:34:25 +0000 (16:34 +0000)]
Pull request #4620: main: allow toggling generation of instance_map output
Merge in SNORT/snort3 from ~MMATIRKO/snort3:toggle_map to master
Squashed commit of the following:
commit
63701bbedc562453be74a1c0323f3038cbaa821f
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Feb 14 16:13:29 2025 -0500
main: allow toggling generation of instance_map output
Russ Combs (rucombs) [Fri, 14 Feb 2025 12:59:45 +0000 (12:59 +0000)]
Pull request #4616: ips: fix tsan issue with logging rule tree construction
Merge in SNORT/snort3 from ~RUCOMBS/snort3:fp_tsan_update to master
Squashed commit of the following:
commit
32d12f5db433e20cd99cb1bf6ddcab428344d39a
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Feb 11 13:43:06 2025 -0500
ips: fix tsan issue with logging rule tree construction
Pull request #4611: extractor: add escaping for special charachers
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_escape to master
Squashed commit of the following:
commit
b766cfe070915adee99fe84474a07d644020670d
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Feb 3 13:13:16 2025 +0200
extractor: add escaping for special characters
Ashutosh Gupta (ashugup3) [Fri, 14 Feb 2025 08:11:36 +0000 (08:11 +0000)]
Pull request #4601: file_api: Fix for file capture issue
Merge in SNORT/snort3 from ~ASHUGUP3/snort3:bug_CSCwn57820 to master
Squashed commit of the following:
commit
ea8bad098f8578f924bae4f7957c631b31a5717f
Author: ashutosh <ashugup3@cisco.com>
Date: Tue Feb 4 17:01:05 2025 +0530
file_api: Setting current file data inside mutex with file data received before accessing it
Bhumika Sachdeva (bsachdev) [Thu, 13 Feb 2025 14:09:04 +0000 (14:09 +0000)]
Pull request #4613: appid: Implemented support for Evasive VPN & Multihop proxy
Merge in SNORT/snort3 from ~BSACHDEV/snort3:multihop_evasive to master
Squashed commit of the following:
commit
c6bb3ceb3ed9afe5986e6fc347cca9efcb55211c
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Feb 10 12:34:53 2025 -0500
appid: implemented support for shadow traffic evasive vpn & multihop proxy
Shilpa Nagpal (shinagpa) [Thu, 13 Feb 2025 10:15:20 +0000 (10:15 +0000)]
Pull request #4608: file_api: file event generated for asymmetric flow
Merge in SNORT/snort3 from ~SHINAGPA/snort3:file_event_asymmetric to master
Squashed commit of the following:
commit
4c31d728b366af41c1bd8cb2cbb401cdbc20ba79
Author: Shilpa Nagpal <shinagpa@cisco.com>
Date: Fri Feb 7 18:14:50 2025 +0530
file_api: file event generated for asymmetric flow
Pull request #4615: SSE: deletion of continuations
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:sse_recall_old_cont_on_limit to master
Squashed commit of the following:
commit
fad4d37f74ab9445fc00aab2a72bf84eed8532e7
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Feb 6 17:13:32 2025 +0200
detection: fix leave_group call which should be against current packet only
Pull request #4607: copyright: update year to 2025
Merge in SNORT/snort3 from ~OFATIEIE/snort3:update_copyright_year to master
Squashed commit of the following:
commit
e25503302223b72e2cb5924d6fcb53fb8fcc9454
Author: Oleksandr Fatieiev <ofatieie@cisco.com>
Date: Thu Feb 6 10:51:00 2025 +0200
copyright: update year to 2025
Brandon Stultz (brastult) [Tue, 11 Feb 2025 09:28:46 +0000 (09:28 +0000)]
Pull request #4595: snort_ml: build models into a BinaryClassifierSet
Merge in SNORT/snort3 from ~BRASTULT/snort3:snort_ml to master
Squashed commit of the following:
commit
e4f35d63b7bc2fa38176408466afe8576d0f77f0
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jan 31 02:43:25 2025 -0500
snort_ml: build models into a BinaryClassifierSet
commit
7ac7827b65192d6319893498585b48e0c7809e1b
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jan 31 01:16:00 2025 -0500
utils: add is_directory_path
commit
e3897fe6bf08d2fba2406f612b4bf3b31e07cfea
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Jan 30 11:57:53 2025 -0500
network_inspectors: rename kaizen to snort_ml
Pull request #4604: file_api, http_inspect: add info about partial download to FileInfo
Merge in SNORT/snort3 from ~OTORUBAR/snort3:partial_download to master
Squashed commit of the following:
commit
db3bf9c938d28a59851e9a74969cb580a78fcf78
Author: otorubar <otorubar@cisco.com>
Date: Fri Jan 31 10:20:46 2025 -0800
file_api, http_inspect: add info about partial download to FileInfo
Adrian Mamolea (admamole) [Sat, 8 Feb 2025 13:34:46 +0000 (13:34 +0000)]
Pull request #4537: http_inspect: save mime filenames in transaction
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:file_name to master
Squashed commit of the following:
commit
5dd25eff54a4eae0be022c27c6b64156ddc62774
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Dec 4 16:57:33 2024 -0500
extractor: add support for file name and type for mime
Pull request #4585: main: snort --create-pidfile cmd parameter update
Merge in SNORT/snort3 from ~VSHPYRKA/snort3:snort_pid_file_mgmt to master
Squashed commit of the following:
commit
1ca28acfc46ed38d28f702cfada9e6450b0dc159
Author: Volodymyr Shpyrka <vshpyrka@cisco.com>
Date: Fri Jan 24 06:44:09 2025 -0500
main: snort --create-pidfile cmd line parameter update and support for --max-peers commaand line parameter implemented
Bhumika Sachdeva (bsachdev) [Fri, 7 Feb 2025 14:21:49 +0000 (14:21 +0000)]
Pull request #4571: appid: Adding general AppID design to support shadow traffic and Encrypted DNS Support
Merge in SNORT/snort3 from ~BSACHDEV/snort3:shadow_traffic_encrypted_dns to master
Squashed commit of the following:
commit
e1e9f557a7fb265f71b210c5d35a7653260b744f
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Dec 10 10:02:46 2024 -0500
appid: Adding general appid support and encrypted dns
Pull request #4589: extractor: print null for fields that require missing packet context
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_no_pkt to master
Squashed commit of the following:
commit
b190f237b7b9c5bb65fcd48e02f70d6ba20db0e1
Author: vhorbato <vhorbato@cisco.com>
Date: Tue Jan 28 18:24:14 2025 +0200
extractor: print null for fields that require missing packet context
Priyanka Bangalore Gurudev (prbg) [Wed, 5 Feb 2025 14:08:13 +0000 (14:08 +0000)]
Pull request #4606: build: generate and tag 3.7.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build__3.7.0.0 to master
Squashed commit of the following:
commit
f664321fe8b841c7e0597a88efec8083dc4a11c9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Feb 4 17:28:46 2025 -0500
build: generate and tag 3.7.0.0
Pull request #4534: ips_options: allow to repeat same option in applicable cases
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:max_use_ips_opts to master
Squashed commit of the following:
commit
1d8be1756fd38036f57da52f03da931d7540e3a3
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jan 20 10:52:27 2025 +0200
framework: bump base API version
commit
c7df294a0bb9e5fae4f031569c4465ec112412f5
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Jan 15 16:39:07 2025 +0200
framework: bump ips option version
commit
621ab44a5b237e5a08a47b69e19bab5ba33b5acf
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Dec 2 12:04:08 2024 +0200
ips_options: warn about excessive detection options
commit
96ebf9b723fcb6c15ab751f70d7d84ff33e5ca1a
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Dec 13 18:24:17 2024 +0200
framework: add interface to warn about reaching limit of ips opt re-usage
Pull request #4587: Data log filtering
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:data_log_filtering to master
Squashed commit of the following:
commit
5d73e7676db2bb678860ba07607cb840ea6ab516
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Jan 31 15:12:28 2025 +0200
extractor: rework parsing messages
commit
653b4570e28aff6a62fb71dc4d83bc11f881a7c3
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Jan 31 12:07:38 2025 +0200
extractor: fix subscription to be global
As the inspector itself is global, it ought to get events from all policies.
commit
d60c29383e5c0841f09659dc226dc57e29fe56a8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jan 28 14:51:23 2025 +0200
extractor: add default filter
commit
450ba51ae1f3833b7c8f80a38fcf633a768dd319
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jan 23 14:41:57 2025 +0200
extractor: export service types
Exported ServiceType value renamed to make it more clear for an external module.
commit
be29879348a0ed24cad06618fe6ec59d62c53bcf
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Nov 18 15:42:46 2024 +0200
extractor: add logging constraints
Being a part of logging filtering Tenant ID is not cached.
In absence of native filters the extractor sets filtering unconditionally.
Priyanka Bangalore Gurudev (prbg) [Tue, 4 Feb 2025 21:07:47 +0000 (21:07 +0000)]
Pull request #4599: build: generate and tag 3.6.3.0
Merge in SNORT/snort3 from ~PRBG/snort3:build__3.6.3.0 to master
Squashed commit of the following:
commit
4aaa7b6507d312917138f91ea7df986827240d33
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Feb 3 23:31:51 2025 -0500
build: generate and tag 3.6.3.0
Ron Dempster (rdempste) [Tue, 4 Feb 2025 16:28:47 +0000 (16:28 +0000)]
Pull request #4602: perf_monitor: update flow state value reset
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:flow_ip_tracker to master
Squashed commit of the following:
commit
11c222dd8db3a6addba6240b6d4c6769cd3a5ddb
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Feb 4 07:59:18 2025 -0500
perf_monitor: update flow state value reset
Ron Dempster (rdempste) [Thu, 30 Jan 2025 18:16:11 +0000 (18:16 +0000)]
Pull request #4591: Inspector slot
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:inspector_slot to master
Squashed commit of the following:
commit
c4e59a334e1e81abd3219f4b288589cc2825b83c
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jan 30 10:15:12 2025 -0500
perf_monitor: update structure clearing to c++ method
commit
7157fa425c4002f5a394da3fe65f158cf8c1270b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Jan 30 10:14:29 2025 -0500
framework: remove inspector slot and use get_instance_id instead
Priyansh Jaseja (pjaseja) [Thu, 30 Jan 2025 08:12:38 +0000 (08:12 +0000)]
Pull request #4572: mercury: telemetry file changes for multiprocess snort
Merge in SNORT/snort3 from ~PJASEJA/snort3:mercury_telemetry_files to master
Squashed commit of the following:
commit
1f8f3ba43e12e9e153fb72df119d47ebe8c78096
Author: Priyansh Jaseja <pjaseja@b18-vms-vm0114.cisco.com>
Date: Thu Jan 23 11:17:01 2025 +0530
mercury: telemetry file changes for multiprocess snort
Pull request #4588: main: move tsc clock scale init to Snort::setup
Merge in SNORT/snort3 from ~OSTEPANO/snort3:perf_fix to master
Squashed commit of the following:
commit
8f69882b0b0abb840aa005ec07d28fca9c8b238b
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 29 05:26:44 2025 -0500
main: move tsc clock scale init to Snort::setup
Pull request #4586: packet_io: check the DAQ_Msg_h parameter on api calls and return an error code when it is a null pointer
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:add_daq_api_parameter_checks to master
Squashed commit of the following:
commit
bbc8506425b0e322a327284b0d682d7ace3e18a6
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Jan 28 09:09:13 2025 -0500
ftp_telnet: only add expected flows when the daq_msg fieldin the control packet is not null.
commit
58d45bda1ee4118c50d35987582807b02be075fe
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jan 24 15:20:27 2025 -0500
packet_io: check the DAQ_Msg_h parameter on api calls and return an error code when it is a null pointer
Maya Dagon (mdagon) [Tue, 28 Jan 2025 17:49:41 +0000 (17:49 +0000)]
Pull request #4557: extractor: conn.log support
Merge in SNORT/snort3 from ~MDAGON/snort3:conn_sub to master
Squashed commit of the following:
commit
d6d6945d5c52d77ff401201b6e6112348002dc57
Author: maya dagon <mdagon@cisco.com>
Date: Fri Nov 8 13:50:25 2024 -0500
extractor: support connection logs
Shilpa Nagpal (shinagpa) [Mon, 27 Jan 2025 14:25:40 +0000 (14:25 +0000)]
Pull request #4580: file: Added support for retry when file cache is full and verdict is pending
Merge in SNORT/snort3 from ~SHINAGPA/snort3:file_cache_fix to master
Squashed commit of the following:
commit
b49347d1e727792ee23301b5cb9dd03d4671c3d1
Author: Shilpa Nagpal <shinagpa@cisco.com>
Date: Tue Jan 21 22:31:15 2025 +0530
file: retrying the packet when file cache is full
Pull request #4583: main: Add thread_id in instance_mapping output file
Merge in SNORT/snort3 from ~NIRMVENK/snort3:instance_thread_id_master to master
Squashed commit of the following:
commit
33420792595efbdfb901fb9cc2a20a2f49b4afae
Author: Nirmala Subbaiah <nirmvenk@cisco.com>
Date: Wed Jan 22 12:28:03 2025 -0500
main: Add thread_id in instance_mapping output file
Manav Soneja (msoneja) [Fri, 24 Jan 2025 05:23:15 +0000 (05:23 +0000)]
Pull request #4582: file: malware and file events when action changed from block malware to cloud malware lookup event
Merge in SNORT/snort3 from ~MSONEJA/snort3:block_cloud_lookup_eventing to master
Squashed commit of the following:
commit
629d79ba2528b6fa776a2a0cad960e03e5bc37b1
Author: msoneja <msoneja@cisco.com>
Date: Wed Jan 22 15:33:57 2025 +0000
file: malware and file events when action changed from block malware to cloud malware lookup event
Pull request #4566: Add summary of flows
Merge in SNORT/snort3 from ~DZIKRATY/snort3:add_summary_of_flows to master
Squashed commit of the following:
commit
d03bc68913f2fc84b562a7ed97d89fea0e133afe
Author: Denys Zikratyi <dzikraty@cisco.com>
Date: Tue Jan 7 06:10:58 2025 -0500
flow: add command that dumps only flow summaries
Pull request #4581: appid: added check for brute force manager presence
Merge in SNORT/snort3 from ~OSTEPANO/snort3:brute_force_check to master
Squashed commit of the following:
commit
7cf6fc77529bf4c9ff7fd7bda65cd6eba5367803
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jan 22 06:21:43 2025 -0500
appid: added check for brute force manager presence
Pull request #4575: dump_config: add --gen-dump-config option
Merge in SNORT/snort3 from ~YCHALOV/snort3:gen_config_dump_implementation to master
Squashed commit of the following:
commit
62e3fb3c6998ca0d71ff543bfb826fa83f68a22d
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Jan 13 13:17:29 2025 +0100
dump_config: implement dump config generation in a file
Pull request #4578: extractor: add handling for connector creation failure
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_def_conn to master
Squashed commit of the following:
commit
d92481c95a95629cbef6d4f289fb7ab7aeb7a148
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Jan 17 17:47:52 2025 +0200
extractor: add handling for connector creation failure
projects / thirdparty / snort3.git / log
