]>
git.ipfire.org Git - thirdparty/snort3.git/log
Mike Stepanek (mstepane) [Tue, 27 Jul 2021 17:47:27 +0000 (17:47 +0000)]
Merge pull request #2976 in SNORT/snort3 from ~SVLASIUK/snort3:fix_reject_inline_u2 to master
Squashed commit of the following:
commit
a2fec11b2fe6016bc4cc2c342c3db5e5ed3af3b4
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 23 10:06:58 2021 +0300
framework: update base API version to 4
commit
4a3afcd4aeda61ac6ced9527582cee5601f2d6c7
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 9 16:32:22 2021 +0300
actions: session data stay accessible for loggers for reject rule action
Reject action does reset session. Reset session includes drop flow in particular
destruct HttpFlowData object. Alerts may include addiotional information from flow
in case of unified2 events it aggregates http headers. To avoid bad access exceptions,
flow data should be available in place of generating alerts and cleaned up after.
Tom Peters (thopeter) [Mon, 26 Jul 2021 16:48:37 +0000 (16:48 +0000)]
Merge pull request #2997 in SNORT/snort3 from ~KATHARVE/snort3:issues_fix to master
Squashed commit of the following:
commit
b616ac88a9716e843939404d638da82c71aabd62
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jul 26 10:28:24 2021 -0400
http2_inspect: remove unused variables
Mike Stepanek (mstepane) [Mon, 26 Jul 2021 09:56:57 +0000 (09:56 +0000)]
Merge pull request #2991 in SNORT/snort3 from ~YVELYKOZ/snort3:fix_byte_options to master
Squashed commit of the following:
commit
60ab3f1566c6697f4ebd3baee0de8e4104f69100
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 22 23:24:12 2021 +0300
ips_options: address compiler warnings
Tom Peters (thopeter) [Fri, 23 Jul 2021 20:30:30 +0000 (20:30 +0000)]
Merge pull request #2990 in SNORT/snort3 from ~KATHARVE/snort3:h2i_partial_buffer_fix to master
Squashed commit of the following:
commit
288ed022ae6a31f5bb2b98e84b8a42cc2bff7b5e
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 20 14:33:28 2021 -0400
http_inspect: don't allocate 0-length partial inspection buffer
Tom Peters (thopeter) [Fri, 23 Jul 2021 15:09:47 +0000 (15:09 +0000)]
Merge pull request #2978 in SNORT/snort3 from ~KATHARVE/snort3:h2i_hpack_fix to master
Squashed commit of the following:
commit
2001a8e9a9d3fdb5417ae1b3d24aebc5806f07f0
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jul 7 16:49:55 2021 -0400
http2_inspect: fix HPACK dynamic table size update management
Mike Stepanek (mstepane) [Thu, 22 Jul 2021 12:50:55 +0000 (12:50 +0000)]
Merge pull request #2989 in SNORT/snort3 from ~YVELYKOZ/snort3:fix_byte_options to master
Squashed commit of the following:
commit
4241b0ac03324e23a059408a51e3e35c4ae0ca8e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 22 11:56:35 2021 +0300
ips_options/byte_options: address compiler warnings
Tom Peters (thopeter) [Wed, 21 Jul 2021 17:52:36 +0000 (17:52 +0000)]
Merge pull request #2988 in SNORT/snort3 from ~MDAGON/snort3:complete to master
Squashed commit of the following:
commit
605e1f86c087e13ed7a459cd75559ad6ee7b8b00
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon Jul 12 16:57:25 2021 -0400
http_inspect: add rule option http_raw_header_complete
Mike Stepanek (mstepane) [Wed, 21 Jul 2021 15:51:19 +0000 (15:51 +0000)]
Merge pull request #2974 in SNORT/snort3 from ~YVELYKOZ/snort3:ips_byte_options_update to master
Squashed commit of the following:
commit
acf28ee21eba548ff0eae5119e57eb70683c52d7
Author: VytalyGorbatov <vytalygorbatovwork@gmail.com>
Date: Mon May 17 09:14:21 2021 +0300
ips_options: refactor byte_extract, byte_test, byte_math, byte_jump and related tests
Move common logic to extract.cc.
commit
65523a0c2b8c6c8ac7dc6629ed7ab697776642d5
Author: Crowy-o <egor1velikogon@gmail.com>
Date: Thu May 13 14:22:34 2021 +0300
ips_options: add catch tests for byte_test, byte_jump, byte_math, byte_extract
Tom Peters (thopeter) [Wed, 21 Jul 2021 15:28:48 +0000 (15:28 +0000)]
Merge pull request #2985 in SNORT/snort3 from ~KATHARVE/snort3:http2_wizard to master
Squashed commit of the following:
commit
f62e3474a5d5a2e6991082af8bd87b203a118496
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jul 19 14:09:30 2021 -0400
lua: update HTTP/2 default_wizard hex with S2C pattern match
Steve Chew (stechew) [Tue, 20 Jul 2021 20:18:36 +0000 (20:18 +0000)]
Merge pull request #2975 in SNORT/snort3 from ~SBAIGAL/snort3:control_expire to master
Squashed commit of the following:
commit
69747b5e417ef9603f71dc6bfab54c6885c8ee0d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jul 9 19:02:34 2021 -0400
control: add idle expire removal to control channels
Mike Stepanek (mstepane) [Tue, 20 Jul 2021 12:21:59 +0000 (12:21 +0000)]
Merge pull request #2982 in SNORT/snort3 from ~VHORBATO/snort3:js_bytes_pegcount to master
Squashed commit of the following:
commit
af890287cb5c3b13031b0b018e48c78ff804b7ca
Author: Vitalii <vhorbato@cisco.com>
Date: Wed Jul 14 19:10:31 2021 +0300
http_inspect: add peg count for script bytes processed
Bhargava Jandhyala (bjandhya) [Tue, 20 Jul 2021 08:00:50 +0000 (08:00 +0000)]
Merge pull request #2984 in SNORT/snort3 from ~VKAMBALA/snort3:offset_fix to master
Squashed commit of the following:
commit
8f90cc5f5fff118034b5f55065b0e3ec4b0ce31e
Author: krishnakanth <vkambala@cisco.com>
Date: Fri Jul 16 06:39:49 2021 -0400
file_api: Handling file_cache inspection for non zero offset
Steve Chew (stechew) [Mon, 19 Jul 2021 21:49:09 +0000 (21:49 +0000)]
Merge pull request #2925 in SNORT/snort3 from ~SBAIGAL/snort3:cli to master
Squashed commit of the following:
commit
09519fc596dfb0dd1b406a9ee5bb26b2520c2d32
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 4 12:30:10 2021 -0400
dump_stats: direct output back to command channel
stats: update file and appid stats to use Log functions provided from stats.cc
add LogText for simple string logging without separator logic
Tom Peters (thopeter) [Fri, 16 Jul 2021 02:07:37 +0000 (02:07 +0000)]
Merge pull request #2979 in SNORT/snort3 from ~KATHARVE/snort3:h2i_assert_fix to master
Squashed commit of the following:
commit
8a7d79a6f743f696efe67be5b889cd295108c0a9
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jul 14 16:58:50 2021 -0400
http2_inspect: change xor to or in assert that was failing due to uninitialized variable
Mike Stepanek (mstepane) [Thu, 15 Jul 2021 12:20:40 +0000 (12:20 +0000)]
Merge pull request #2983 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.8.0 to master
Squashed commit of the following:
commit
207c13bac190688826dd2e58271efe0849cc7d20
Author: Mike Stepanek <mstepane@cisco.com>
Date: Thu Jul 15 06:32:44 2021 -0400
build: generate and tag 3.1.8.0
Mike Stepanek (mstepane) [Wed, 14 Jul 2021 18:41:54 +0000 (18:41 +0000)]
Merge pull request #2977 in SNORT/snort3 from ~SHASLAD/snort3:revert_events_id to master
Squashed commit of the following:
commit
a12bc01526b3f1e930c421b398e0a8c82a6b4ab2
Author: Shashi Lad <shaslad@cisco.com>
Date: Wed Jul 14 13:36:03 2021 -0400
Revert "Merge pull request #2957 in SNORT/snort3 from ~STECHEW/snort3:events_id to master"
This reverts commit
a77d77d7f24982b93672b385daef92a9304eec3e .
Steve Chew (stechew) [Tue, 13 Jul 2021 22:46:38 +0000 (22:46 +0000)]
Merge pull request #2957 in SNORT/snort3 from ~STECHEW/snort3:events_id to master
Squashed commit of the following:
commit
4615dadb6a99cdff0b9d2b510fa11fd031ec2de8
Author: Steve Chew <stechew@cisco.com>
Date: Tue Jul 13 14:47:21 2021 -0400
Update
commit
9976e20f54ce0ca6d2d3d3906dd0bb1375bec726
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 25 16:38:13 2021 -0400
events: Use instance_id to make event_id unique across threads.
Bhargava Jandhyala (bjandhya) [Mon, 12 Jul 2021 18:39:23 +0000 (18:39 +0000)]
Merge pull request #2973 in SNORT/snort3 from ~VKAMBALA/snort3:file_segment to master
Squashed commit of the following:
commit
28576ac68af95cca16c672970f01880e1ab661b0
Author: krishnakanth <vkambala@cisco.com>
Date: Wed Jul 7 01:48:20 2021 -0400
file_api: Handling overlap segments
Bhargava Jandhyala (bjandhya) [Sun, 11 Jul 2021 16:03:00 +0000 (16:03 +0000)]
Merge pull request #2972 in SNORT/snort3 from ~DIPANDIT/snort3:pinhole_fix to master
Squashed commit of the following:
commit
846148ae043eb8d919ae152b08ab467f726d55f7
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri Jul 9 12:09:48 2021 -0400
dce_rpc: fix crash when expected session comes after snort reload
Mike Stepanek (mstepane) [Fri, 9 Jul 2021 09:18:31 +0000 (09:18 +0000)]
Merge pull request #2971 in SNORT/snort3 from ~OSHUMEIK/snort3:s2l_rawbytes to master
Squashed commit of the following:
commit
7ee3dce4ab3049449811c4bb4cc933c1c5e5ea1c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jul 8 13:49:40 2021 +0300
snort2lua: set raw_data buffer for rawbytes and B flag in PCRE
Tom Peters (thopeter) [Thu, 8 Jul 2021 20:32:06 +0000 (20:32 +0000)]
Merge pull request #2969 in SNORT/snort3 from ~MDAGON/snort3:unreachable to master
Squashed commit of the following:
commit
a9a7be092a4d4a97fd53dc562e7b27c48ba0d7c6
Author: Maya Dagon <mdagon@cisco.com>
Date: Tue Jul 6 12:10:50 2021 -0400
packet_io: unreachable packets shouldn't be sent for ICMP
Bhargava Jandhyala (bjandhya) [Thu, 8 Jul 2021 13:26:41 +0000 (13:26 +0000)]
Merge pull request #2970 in SNORT/snort3 from ~BSACHDEV/snort3:full_run to master
Squashed commit of the following:
commit
e38eec5ab109c35ad82cc04c1210a9eb853a4536
Author: bsachdev <bsachdev@cisco.com>
Date: Thu Jul 8 07:17:02 2021 -0400
dce_smb: Fixed macro definition for SMB_DEBUG
Signed-off-by: bsachdev <bsachdev@cisco.com>
Mike Stepanek (mstepane) [Thu, 8 Jul 2021 11:55:57 +0000 (11:55 +0000)]
Merge pull request #2967 in SNORT/snort3 from ~OSHUMEIK/snort3:js_shorten_tag to master
Squashed commit of the following:
commit
d853999fc0f48c55f04ab69099abfef234fe8246
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jul 5 14:32:06 2021 +0300
http_inspect: add built-in alert for script tags in a short form
Lokesh Bevinamarad (lbevinam) [Wed, 7 Jul 2021 16:39:03 +0000 (16:39 +0000)]
Merge pull request #2961 in SNORT/snort3 from ~BSACHDEV/snort3:smb_trace_infra to master
Squashed commit of the following:
commit
7351c4a1f14b9b7b2456064fb054e79082458829
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Jun 28 04:19:08 2021 -0400
dce_smb: Added trace messages and multiple level logging for SMB module
Signed-off-by: bsachdev <bsachdev@cisco.com>
Mike Stepanek (mstepane) [Wed, 7 Jul 2021 09:58:07 +0000 (09:58 +0000)]
Merge pull request #2968 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_warning to master
Squashed commit of the following:
commit
d27f3da7bfab2d1f2ca0ebe212967934d3b892d8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jul 6 14:31:32 2021 +0300
doc: fix build warnings
Thanks to jiangrj (github.com/jiangrij) for reporting the issue.
Fixing indention, nested list.
Escaping control characters.
Shravan Rangarajuvenkata (shrarang) [Tue, 6 Jul 2021 18:01:09 +0000 (18:01 +0000)]
Merge pull request #2958 in SNORT/snort3 from ~DANMCGAR/snort3:ssh-client-patterns to master
Squashed commit of the following:
commit
cb11ffef012d75d00e3635a62e652dd5c570d8cb
Author: Daniel McGarvey <danmcgar@cisco.com>
Date: Mon Jun 21 11:57:48 2021 -0400
appid: support SSH client detection through lua detector
Bhargava Jandhyala (bjandhya) [Mon, 5 Jul 2021 06:47:23 +0000 (06:47 +0000)]
Merge pull request #2966 in SNORT/snort3 from ~VKAMBALA/snort3:eicar to master
Squashed commit of the following:
commit
bd1c2d1e18fa3ec4e1efac72f0ea924a9b252407
Author: krishnakanth <vkambala@cisco.com>
Date: Thu Jul 1 05:06:31 2021 -0400
dce_rpc: Handling raw packets
Mike Stepanek (mstepane) [Fri, 2 Jul 2021 10:27:05 +0000 (10:27 +0000)]
Merge pull request #2965 in SNORT/snort3 from ~SVLASIUK/snort3:dump_empty_modules to master
Squashed commit of the following:
commit
8f2aa27901ee6785d6dcf95d7d0012b7845eabff
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Jul 1 15:37:26 2021 +0300
dump_config: support modules without config options in text format
Mike Stepanek (mstepane) [Fri, 2 Jul 2021 10:19:42 +0000 (10:19 +0000)]
Merge pull request #2937 in SNORT/snort3 from ~BRASTULT/snort3:ssh_spell_fix to master
Squashed commit of the following:
commit
675c5d0d624e2b559f504d6b1b9cb982a1e091d2
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Jun 10 12:23:31 2021 -0400
wizard: make SSH spell more specific
Tom Peters (thopeter) [Thu, 1 Jul 2021 19:04:25 +0000 (19:04 +0000)]
Merge pull request #2960 in SNORT/snort3 from ~MDAGON/snort3:reject to master
Squashed commit of the following:
commit
df880cdbcad839afa1d1daac99ea790bf75bed02
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Jun 25 15:15:54 2021 -0400
packet_io: check if unreachable_candidate before sending unreachable
Tom Peters (thopeter) [Wed, 30 Jun 2021 21:34:13 +0000 (21:34 +0000)]
Merge pull request #2962 in SNORT/snort3 from ~KATHARVE/snort3:h2i_flow_depth_fix to master
Squashed commit of the following:
commit
260a2df1f41085de49e947507deb45a4c42f334b
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 29 14:59:48 2021 -0400
http2_inspect: clean data cutter internal state after exhausting flow depth
Mike Stepanek (mstepane) [Wed, 30 Jun 2021 15:07:06 +0000 (15:07 +0000)]
Merge pull request #2963 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.7.0 to master
Squashed commit of the following:
commit
85517e1fb597d0d159fcf7728de68c86fcee39da
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 30 09:53:05 2021 -0400
build: generate and tag 3.1.7.0
Tom Peters (thopeter) [Tue, 29 Jun 2021 21:12:21 +0000 (21:12 +0000)]
Merge pull request #2959 in SNORT/snort3 from ~THOPETER/snort3:version3 to master
Squashed commit of the following:
commit
be78cd5e45d518c782398c453c141b490bf7a9a3
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 29 13:52:56 2021 -0400
framework: update base API version to 3
Tom Peters (thopeter) [Tue, 29 Jun 2021 16:39:28 +0000 (16:39 +0000)]
Merge pull request #2956 in SNORT/snort3 from ~KATHARVE/snort3:http_ooo_injection to master
Squashed commit of the following:
commit
89629a45d15511a400494d22d3921540476036ec
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jun 25 12:31:16 2021 -0400
payload_injector: don't inject if there are unflushed S2C TCP packets queued
Shravan Rangarajuvenkata (shrarang) [Fri, 25 Jun 2021 19:34:59 +0000 (19:34 +0000)]
Merge pull request #2951 in SNORT/snort3 from ~SHRARANG/snort3:appid_update_doc to master
Squashed commit of the following:
commit
84e9e2256994ec90e99fa4e4d8908efe91fee24c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jun 21 23:31:38 2021 -0400
appid: update documentation
Shravan Rangarajuvenkata (shrarang) [Fri, 25 Jun 2021 19:22:39 +0000 (19:22 +0000)]
Merge pull request #2953 in SNORT/snort3 from ~SATHIRKA/snort3:mem_track_mimesession to master
Squashed commit of the following:
commit
d8b5ba3d0e62d020189b2ec9012bb21d63e0240a
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Jun 24 15:44:33 2021 -0400
mime: Track memory for mime sessions
Steve Chew (stechew) [Fri, 25 Jun 2021 17:33:45 +0000 (17:33 +0000)]
Merge pull request #2952 in SNORT/snort3 from ~SBAIGAL/snort3:better to master
Squashed commit of the following:
commit
bf82e65e3296202f7d81e1bd14d7447d1baa25c3
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Jun 23 11:39:45 2021 -0400
control: resolve socket issues due to race conditions
Shravan Rangarajuvenkata (shrarang) [Thu, 24 Jun 2021 14:37:55 +0000 (14:37 +0000)]
Merge pull request #2936 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_smb_payload_apps to master
Squashed commit of the following:
commit
cc9d61b77d6abecef2d2474c3aa66f39e3410d7e
Author: cljudge <cljudge@cisco.com>
Date: Tue Jun 1 01:41:02 2021 -0400
appid: enhance netbios service detector to identify SMB versions as web app.
Lokesh Bevinamarad (lbevinam) [Wed, 23 Jun 2021 09:06:16 +0000 (09:06 +0000)]
Merge pull request #2942 in SNORT/snort3 from ~SMULKA/snort3:si_ip to master
Squashed commit of the following:
commit
ec2eb797ce03425f2c8ebcc0ec5d40313c381f56
Author: smulka <smulka@cisco.com>
Date: Sun Jun 13 21:05:12 2021 -0400
reputation: include list id for daq trace log
Tom Peters (thopeter) [Wed, 23 Jun 2021 04:08:57 +0000 (04:08 +0000)]
Merge pull request #2950 in SNORT/snort3 from ~KATHARVE/snort3:doc_h2i to master
Squashed commit of the following:
commit
d3d998e9162a3ab633e7c321838b496e3b2fcf75
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 22 12:01:03 2021 -0400
doc: updates for http2_inspect
Shravan Rangarajuvenkata (shrarang) [Tue, 22 Jun 2021 15:15:26 +0000 (15:15 +0000)]
Merge pull request #2949 in SNORT/snort3 from ~RDEMPSTE/snort3:dns to master
Squashed commit of the following:
commit
0cb6be3a1f0d87e5f43cf1a812035bff6acb1309
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Jun 21 16:09:49 2021 -0400
appid: Update the DNS detector to support the all record request
Pranav Bhalerao (prbhaler) [Tue, 22 Jun 2021 08:25:49 +0000 (08:25 +0000)]
Merge pull request #2947 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_snort2lua to master
Squashed commit of the following:
commit
42c8ad67b4071a5a0ff649050308462602ee707f
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Wed Jun 16 05:14:25 2021 -0400
snort2lua: Fixing lua conversion of unsupported http preproc options without parameters
Masud Hasan (mashasan) [Mon, 21 Jun 2021 19:18:23 +0000 (19:18 +0000)]
Merge pull request #2930 in SNORT/snort3 from ~MMATIRKO/snort3:snort_docker to master
Squashed commit of the following:
commit
d3a7ea0a8a94c50ca91bd3bb45be34337a8e8721
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Jun 10 11:03:41 2021 -0400
main: implement test_features run flag to enable debug-like output
commit
bdb3926895abb3d78dbc27046430d48c0bdd10cc
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jun 4 11:38:12 2021 -0400
sfip: fix unit tests for non-regtest builds
commit
2afa7a822c85641dbb7acaf9585b86781968baa9
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Jun 3 15:58:32 2021 -0400
snort2lua: remove footprint size config
Masud Hasan (mashasan) [Wed, 16 Jun 2021 20:42:37 +0000 (20:42 +0000)]
Merge pull request #2941 in SNORT/snort3 from ~SMINUT/snort3:is_ack_valid to master
Squashed commit of the following:
commit
c1f81f31a14a16a57e4addc67ea971f39d43f9e5
Author: Silviu Minut <sminut@cisco.com>
Date: Thu Jun 10 17:15:12 2021 -0400
stream: fix is_ack_valid to return true even when current ack is to the left of snd_una, per RFC793
Mike Stepanek (mstepane) [Wed, 16 Jun 2021 17:21:49 +0000 (17:21 +0000)]
Merge pull request #2948 in SNORT/snort3 from ~MSTEPANE/snort3:build_3.1.6.0 to master
Squashed commit of the following:
commit
dcfadb49048e7fcf325d1e0660092c0d22921b2c
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 16 07:21:42 2021 -0400
build: generate and tag 3.1.6.0
Steve Chew (stechew) [Tue, 15 Jun 2021 22:10:26 +0000 (22:10 +0000)]
Merge pull request #2945 in SNORT/snort3 from ~SBAIGAL/snort3:shell3 to master
Squashed commit of the following:
commit
3a742fa01840835d4c7f92caac80e8ded9176d1b
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Jun 15 09:08:33 2021 -0400
control: remove SHELL compile flag from header
Shravan Rangarajuvenkata (shrarang) [Tue, 15 Jun 2021 17:56:10 +0000 (17:56 +0000)]
Merge pull request #2938 in SNORT/snort3 from ~SHRARANG/snort3:vdb_ci to master
Squashed commit of the following:
commit
ba7463da922459e8a37fd2b04114f89c181ea80c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jun 14 22:01:11 2021 -0400
appid: remove error message when userappid.conf is not present
commit
b6e776d4eed4389886195847fe878f842e668a45
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Jun 10 23:26:55 2021 -0400
appid: remove unused metadata offset functionality
commit
3a4a71e8787986f41947811106d632c5a917704c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jun 9 17:30:24 2021 -0400
appid: support fragmented metadata
Mike Stepanek (mstepane) [Tue, 15 Jun 2021 10:10:26 +0000 (10:10 +0000)]
Merge pull request #2944 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_js2 to master
Squashed commit of the following:
commit
e5dde2ff73f6fc89be263273aa2981d1f1c6079c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 15 12:32:18 2021 +0300
doc: remove 'sticky buffer' from manual
Steve Chew (stechew) [Mon, 14 Jun 2021 21:38:26 +0000 (21:38 +0000)]
Merge pull request #2911 in SNORT/snort3 from ~RAMANKS/snort3:geneve to master
Squashed commit of the following:
commit
f0c32fd35d5763b7e32f1c04b03f5fa457d3552f
Author: Raman Krishnan <ramanks@cisco.com>
Date: Fri Jun 11 19:52:06 2021 -0700
codecs: geneve: incorporate review comments
commit
abf8a20f05b7a2be16af0472b0d98b4cddded7be
Author: Raman Krishnan <ramanks@cisco.com>
Date: Sat Jun 5 23:09:27 2021 -0700
codecs: geneve: add vni to alert_csv and alert_json
commit
fb516639ed8f29972df650b782fb5c721c946e60
Author: Raman Krishnan <ramanks@cisco.com>
Date: Tue Apr 13 15:13:59 2021 -0700
codecs: geneve: Support for Geneve encapsulation
Mike Stepanek (mstepane) [Mon, 14 Jun 2021 19:04:21 +0000 (19:04 +0000)]
Merge pull request #2943 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_js to master
Squashed commit of the following:
commit
a24accc260061aecc80c35861248ed2913629cf5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 14 15:31:03 2021 +0300
http_inspect: add JS Normalizer to dev_notes
commit
d675003d85f98da62d77f989b5daecb6eec9f742
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 14 15:30:41 2021 +0300
doc: update JS normalizer options
Mike Stepanek (mstepane) [Mon, 14 Jun 2021 13:20:36 +0000 (13:20 +0000)]
Merge pull request #2940 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_opts to master
Squashed commit of the following:
commit
2369f1fe6526c58ac35aa51f394526bc26a7ea46
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 15:50:00 2021 +0300
trace: place trace options under the DEBUG_MSGS macro
Excluding:
* trace.modules.snort.inspector_manager
* trace.modules.wizard
Check that option index is not out-of-bounds.
dev_notes.txt updated.
commit
34e1b91e91cc7c973aa132bd60f4b9fc5a238d3f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 14:55:58 2021 +0300
iec104: delete trailing spaces
Tom Peters (thopeter) [Fri, 11 Jun 2021 20:18:17 +0000 (20:18 +0000)]
Merge pull request #2939 in SNORT/snort3 from ~KATHARVE/snort3:httpevent_uri_host to master
Squashed commit of the following:
commit
4de5aba60ebef55abb31bec0be889f3431bfd0f2
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 10 15:04:13 2021 -0400
pub_sub: add get_uri_host() to HttpEvent
Tom Peters (thopeter) [Thu, 10 Jun 2021 14:54:17 +0000 (14:54 +0000)]
Merge pull request #2934 in SNORT/snort3 from ~KATHARVE/snort3:http_host_fix to master
Squashed commit of the following:
commit
1ae238c8b83ea926d2b3843f8715743abda678e0
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 8 12:55:20 2021 -0400
pub_sub: update HttpEvent::get_host to get_authority - now always includes port if there is one
Pranav Bhalerao (prbhaler) [Wed, 9 Jun 2021 17:28:56 +0000 (17:28 +0000)]
Merge pull request #2924 in SNORT/snort3 from ~AMARNAYA/snort3:sunRPC_port_based_binder to master
Squashed commit of the following:
commit
86d3a6674f7dc15467d9cc4513226d11b2fe3d25
Author: Amarnath Nayak <amarnaya@cisco.com>
Date: Fri Jun 4 13:16:52 2021 -0400
ips_options: fix intrusion alerts generation for tcp rpc PORTMAP traffic when rpc_decode is bound to the flow
Mike Stepanek (mstepane) [Wed, 9 Jun 2021 16:02:56 +0000 (16:02 +0000)]
Merge pull request #2935 in SNORT/snort3 from ~OSHUMEIK/snort3:revert to master
Squashed commit of the following:
commit
4114c60f610929b86db30d4e34730f76cb6c4ff2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jun 9 17:42:39 2021 +0300
build: reverting back
adb5e30c101fb2b7ea54a5df3d5b6a1cf68a1cb7
Shravan Rangarajuvenkata (shrarang) [Wed, 9 Jun 2021 15:10:01 +0000 (15:10 +0000)]
Merge pull request #2919 in SNORT/snort3 from ~SATHIRKA/snort3:telemetry_stats to master
Squashed commit of the following:
commit
a756810f7043722ebb25d5b2abb974758ab3b26d
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jun 2 13:44:52 2021 -0400
time: make Periodic class SO_PUBLIC
Mike Stepanek (mstepane) [Wed, 9 Jun 2021 13:38:41 +0000 (13:38 +0000)]
Merge pull request #2931 in SNORT/snort3 from ~OSERHIIE/snort3:dump_config to master
Squashed commit of the following:
commit
ddc9f5cae9538ae04a1ce6f161a457b4bb217b53
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Jun 7 12:50:48 2021 +0300
main: fix config dump for list-based inspector aliases
Bhargava Jandhyala (bjandhya) [Wed, 9 Jun 2021 06:30:14 +0000 (06:30 +0000)]
Merge pull request #2933 in SNORT/snort3 from ~DIPANDIT/snort3:multichannel_shared_ptr to master
Squashed commit of the following:
commit
98177702616043e80f1c7c20df6b4731696c763a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Jun 8 13:37:02 2021 -0400
dce_rpc: store shared pointer of session tracker
commit
e6a88c3afe70c9d690489cd5f004ce2782bab9b6
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Jun 8 07:47:55 2021 -0400
dce_rpc: handle reload prune for smb session cache
Steve Chew (stechew) [Tue, 8 Jun 2021 22:07:23 +0000 (22:07 +0000)]
Merge pull request #2932 in SNORT/snort3 from ~SBAIGAL/snort3:fix_test_cppchk to master
Squashed commit of the following:
commit
60df4227963eea528ca74439b4a98d074f82457d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Jun 8 09:58:12 2021 -0400
host_cache: remove unused lua mock code from the tests
Tom Peters (thopeter) [Tue, 8 Jun 2021 15:54:45 +0000 (15:54 +0000)]
Merge pull request #2928 in SNORT/snort3 from ~ARMANDAV/snort3:filter to master
Squashed commit of the following:
commit
3b834ec3d3dcdd849f7bb730bc7bdc8018e78160
Author: snorty <snorty@localhost.localdomain>
Date: Tue Jun 8 00:48:34 2021 -0400
protocols: Remove inline specifiers for functions defined within a structure declaration
commit
a85fd8ace95bdfafcf697d36ccc873b51e5aa3bc
Author: snorty <snorty@localhost.localdomain>
Date: Fri Jun 4 14:42:12 2021 -0400
filters: Support rate filter to work with PDUs
Tom Peters (thopeter) [Tue, 8 Jun 2021 15:43:48 +0000 (15:43 +0000)]
Merge pull request #2926 in SNORT/snort3 from ~KATHARVE/snort3:hi_zlib_mem_tracking to master
Squashed commit of the following:
commit
b4eaceae64f5e73979c4faedf183df491044ba62
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jun 4 16:47:27 2021 -0400
http_inspect: track memory footprint of zlib inflation
Mike Stepanek (mstepane) [Tue, 8 Jun 2021 11:08:37 +0000 (11:08 +0000)]
Merge pull request #2929 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_opts_build to master
Squashed commit of the following:
commit
b5ae30b8b24685b4d5bc90ba0cbfff08c56e4f70
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 7 13:39:03 2021 +0300
trace: update the dev_notes.txt
TraceOption description and how it should be used.
commit
ab4c20664b34db9c45f0be3f222988b553165da0
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 15:50:00 2021 +0300
trace: place trace options under the DEBUG_MSGS macro
Excluding:
* trace.modules.snort.inspector_manager
* trace.modules.wizard
commit
305b2e740c65951ffbd5a3a23e871053086b7af4
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jun 3 14:55:58 2021 +0300
iec104: delete trailing spaces
Mike Stepanek (mstepane) [Tue, 8 Jun 2021 10:22:25 +0000 (10:22 +0000)]
Merge pull request #2915 in SNORT/snort3 from ~SVLASIUK/snort3:js_external_script to master
Squashed commit of the following:
commit
ec3d59e7ec908f71cddb89782e6c9c5d76379d2d
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon May 24 19:03:11 2021 +0300
http_inspect: add JS normalization for external scripts
Support multiple PDUs and partial detection
Support existing JS built-in rules
Add new built-in rule when script body after script-src attribute is not comments
Tom Peters (thopeter) [Mon, 7 Jun 2021 05:26:01 +0000 (05:26 +0000)]
Merge pull request #2918 in SNORT/snort3 from ~NIHDESAI/snort3:nhi_section_size to master
Squashed commit of the following:
commit
ac6c621966284a445cc295569842129e24517951
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Jun 2 15:02:09 2021 -0400
http_inspect: limit section size target for file processing
Lokesh Bevinamarad (lbevinam) [Sun, 6 Jun 2021 15:17:12 +0000 (15:17 +0000)]
Merge pull request #2927 in SNORT/snort3 from ~BSACHDEV/snort3:fix_ci_smb to master
Squashed commit of the following:
commit
0f5b34c33a5fe358754cbf8f696b1e629e7fb365
Author: bsachdev <bsachdev@cisco.com>
Date: Sat Jun 5 08:25:53 2021 -0400
dce_rpc: Fixed warnings
Signed-off-by: bsachdev <bsachdev@cisco.com>
Shravan Rangarajuvenkata (shrarang) [Sat, 5 Jun 2021 22:23:01 +0000 (22:23 +0000)]
Merge pull request #2900 in SNORT/snort3 from ~ADIKAPOO/snort3:adikapoo-extradata to master
Squashed commit of the following:
commit
20a235eea96f40bf1d8af2c44f7b502934370830
Author: adikapoo <adikapoo@cisco.com>
Date: Fri Jun 4 14:42:36 2021 -0400
mime: store extra data in stash
Tom Peters (thopeter) [Fri, 4 Jun 2021 21:57:28 +0000 (21:57 +0000)]
Merge pull request #2922 in SNORT/snort3 from ~MDAGON/snort3:hpack to master
Squashed commit of the following:
commit
e59cf270b46659a38b44dc92091deb10e7c3e593
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed Jun 2 10:40:50 2021 -0400
http2_inspect: track dynamic table memory allocation
Bhargava Jandhyala (bjandhya) [Fri, 4 Jun 2021 21:44:56 +0000 (21:44 +0000)]
Merge pull request #2876 in SNORT/snort3 from ~DIPANDIT/snort3:multichannel to master
Squashed commit of the following:
commit
3efdf0d7995c31a869edcfc34f1a57bf42cbed0a
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Sun May 30 12:00:55 2021 -0400
dce_rpc: SMB multichannel - handle negotiate command to create expected flow
commit
5bb575762f0ea11171a167deb59e199177576ae9
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Tue Mar 23 03:31:05 2021 -0400
dce_rpc: SMB multichannel - own memory tracking in global cache
commit
82b15dd65de7c4d44b36622c3ffd15f3199b877e
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Wed May 5 10:11:55 2021 -0400
dce_rpc: SMB multichannel - added smb multichannel file support
commit
bc61306af569d4dd0b4d865db70597d590760efd
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Wed Feb 17 07:25:36 2021 -0500
dce_rpc: SMB multichannel - make session cache global
commit
c24c372ee61232a27cff1e0a5d92734b96aa106d
Author: Dipto Pandit <dipandit@cisco.com>
Date: Thu Oct 8 06:55:59 2020 -0400
dce_rpc: SMB multichannel - introduce locks
Russ Combs (rucombs) [Fri, 4 Jun 2021 16:09:29 +0000 (16:09 +0000)]
Merge pull request #2923 in SNORT/snort3 from ~SBAIGAL/snort3:shell2 to master
Squashed commit of the following:
commit
d6c6e803d46423198b4a7bed1c610ea10db799c5
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 4 10:13:26 2021 -0400
control: cleanup cppcheck issues
Steve Chew (stechew) [Fri, 4 Jun 2021 04:23:06 +0000 (04:23 +0000)]
Merge pull request #2891 in SNORT/snort3 from ~RAMANKS/snort3:ifnat to master
Squashed commit of the following:
commit
dc99b72290f72631d5bf16b2a4ea4096e8386fd4
Author: Raman Krishnan <ramanks@cisco.com>
Date: Mon May 17 14:20:37 2021 -0700
codecs: support inner flor NAT
Steve Chew (stechew) [Thu, 3 Jun 2021 20:11:01 +0000 (20:11 +0000)]
Merge pull request #2921 in SNORT/snort3 from ~SBAIGAL/snort3:shelldef to master
Squashed commit of the following:
commit
43e72c52e4464cad36fefe63742db279192dfc66
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jun 3 11:04:11 2021 -0400
control: allow compile with shell disabled
Tom Peters (thopeter) [Thu, 3 Jun 2021 00:03:31 +0000 (00:03 +0000)]
Merge pull request #2912 in SNORT/snort3 from ~MDAGON/snort3:rst_stream to master
Squashed commit of the following:
commit
15ad62d816e69a377d649563b5adf609ae11872a
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 17:06:54 2021 -0400
http2_inspect: don't perform valid sequence check on rst_stream frame
Tom Peters (thopeter) [Wed, 2 Jun 2021 23:56:43 +0000 (23:56 +0000)]
Merge pull request #2920 in SNORT/snort3 from ~MDAGON/snort3:fix_platform_rt to master
Squashed commit of the following:
commit
c4541b26a1e895d7674f3a52bdfabef9a25072a0
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed Jun 2 17:13:12 2021 -0400
http_inspect: update test mock api
Ron Dempster (rdempste) [Wed, 2 Jun 2021 19:31:42 +0000 (19:31 +0000)]
Merge pull request #2908 in SNORT/snort3 from ~SMULKA/snort3:si_ip to master
Squashed commit of the following:
commit
afd5ac41ba87a6a2bfd8321fe8c18947bca0e907
Author: smulka <smulka@cisco.com>
Date: Tue May 25 18:33:45 2021 -0400
reputation: daq trace log
Bhargava Jandhyala (bjandhya) [Wed, 2 Jun 2021 19:25:56 +0000 (19:25 +0000)]
Merge pull request #2916 in SNORT/snort3 from ~DIPANDIT/snort3:flow_from_file_context to master
Squashed commit of the following:
commit
5272707f8728164a2996e8e128bf6fa34ba05741
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Sun May 30 15:30:49 2021 -0400
file_api: store processing flow in context
Bhargava Jandhyala (bjandhya) [Wed, 2 Jun 2021 18:36:33 +0000 (18:36 +0000)]
Merge pull request #2914 in SNORT/snort3 from ~DIPANDIT/snort3:enable_multi_pinhole to master
Squashed commit of the following:
commit
6c01d79f5fe0e1a8f97273eeda35c35fa4d9b834
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:17:32 2021 -0400
stream: enable support for multiple expected sessions
commit
3a4a0ef78eeec528f37a95ac0da488f54084af5f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:14:04 2021 -0400
flow: enable support for multiple expected sessions
commit
b4bdb05a1c69c9e4db890447d0fa67e160a64880
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon May 31 03:04:00 2021 -0400
packet_io: enable expected session flags
Shravan Rangarajuvenkata (shrarang) [Wed, 2 Jun 2021 17:31:30 +0000 (17:31 +0000)]
Merge pull request #2906 in SNORT/snort3 from ~KAMURTHI/snort3:strm_id_h2i_publish_req_body to master
Squashed commit of the following:
commit
4d1cffd596d448faaa47076d2f2182587122310d
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon May 24 16:16:12 2021 -0400
appid: perform detection on request body for HTTP2 traffic.
commit
de11bcc69069ec43181e32a7cb91bcc60ba657d7
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Apr 12 16:29:09 2021 -0400
http_inspect: publish event for http/2 request bodies
Steve Chew (stechew) [Wed, 2 Jun 2021 16:47:38 +0000 (16:47 +0000)]
Merge pull request #2847 in SNORT/snort3 from ~SBAIGAL/snort3:control to master
Squashed commit of the following:
commit
f796ba1326bf9713867d2bde5234273887282f98
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Apr 22 14:56:59 2021 -0400
control: expose ContrlConn API
commit
3d0c000b8d0652bec02df2a08db9f23d2be971ec
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Feb 23 12:38:31 2021 -0500
control: Remove unused IdleProcessing functionality
commit
90df551fac422ae1bf5ddee21a0d040dd111373c
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Nov 14 12:05:10 2019 -0500
control: refactor control channel management to better handle control responses
commit
5d017cb4965f875f80dc5bf8edc3d074128f4c4e
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Feb 10 12:05:49 2021 -0500
Revert "Merge pull request #2639 in SNORT/snort3 from ~STECHEW/snort3:control_request_fix_shared_ptr to master"
This reverts commit
e7250bd6995941337e37529fd8594093de4db2ef .
Shravan Rangarajuvenkata (shrarang) [Tue, 1 Jun 2021 23:31:45 +0000 (23:31 +0000)]
Merge pull request #2917 in SNORT/snort3 from ~SHRARANG/snort3:appid_aux_ip to master
Squashed commit of the following:
commit
9eadae760d41137e95f28f10dddd07751088e2c7
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue May 11 11:00:56 2021 -0400
appid: extract auxiliary ip when uri is provided by third-party
Tom Peters (thopeter) [Tue, 1 Jun 2021 21:49:44 +0000 (21:49 +0000)]
Merge pull request #2907 in SNORT/snort3 from ~MDAGON/snort3:nhi_memory to master
Squashed commit of the following:
commit
5dc2f46fb2ec58c29d8760bc74274cdb51571da7
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 14:06:39 2021 -0400
Code Review
commit
ef675a1befeccbd27e3f0fd208a0726da17483ef
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu May 27 12:22:06 2021 -0400
code review
commit
b0cd942dddef767021e96dfbed2d47b0cc9c20c2
Author: Maya Dagon <mdagon@cisco.com>
Date: Wed May 26 11:56:50 2021 -0400
Remove sizeof(uint8_t) for consistency
commit
97cd8ecca1a45aa80c65ad31a2b54e91fff0209b
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 24 13:27:48 2021 -0400
http_inspect: additional memory tracking
Shravan Rangarajuvenkata (shrarang) [Tue, 1 Jun 2021 19:44:21 +0000 (19:44 +0000)]
Merge pull request #2910 in SNORT/snort3 from ~AMARNAYA/snort3:sun_RPC_pinhole to master
Squashed commit of the following:
commit
3131b9eacfc44357e312a0a74260b3d21b2bb429
Author: Amarnath Nayak <amarnaya@cisco.com>
Date: Thu May 27 10:12:06 2021 -0400
appid: use 32 bits for storing protocol field in RPC port map message
Shanmugam S (shanms) [Tue, 1 Jun 2021 03:28:50 +0000 (03:28 +0000)]
Merge pull request #2903 in SNORT/snort3 from ~APOORAJ/snort3:gtp_prime_check to master
Squashed commit of the following:
commit
2e3375e0e41661091889f1aa9aa204bebd572ee2
Author: Apoorv Raj <apooraj@cisco.com>
Date: Mon May 24 05:56:05 2021 -0700
gtp : check protocol type according to gtp version
Pranav Bhalerao (prbhaler) [Mon, 31 May 2021 12:46:22 +0000 (12:46 +0000)]
Merge pull request #2897 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_CSCvy23818 to master
Squashed commit of the following:
commit
b347ac156107b59a54a2779b4bbcf242eddda540
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date: Tue May 18 07:06:46 2021 -0400
ftp: creating additional expected session if negotiated ip is different from server IP on packet
Mike Stepanek (mstepane) [Fri, 28 May 2021 20:07:20 +0000 (20:07 +0000)]
Merge pull request #2913 in SNORT/snort3 from ~OSHUMEIK/snort3:fix_empty_stmnt to master
Squashed commit of the following:
commit
f4320ca09ec0f9189a588aa58843bc721ce20948
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri May 28 21:40:54 2021 +0300
utils: fix warning about empty statement
A macros which expanded to curly braces should not be followed by semicolon.
Steve Chew (stechew) [Fri, 28 May 2021 18:02:25 +0000 (18:02 +0000)]
Merge pull request #2901 in SNORT/snort3 from ~DERAMADA/snort3:set_packet_context to master
Squashed commit of the following:
commit
78dd1cbbc6e4f52c0616652f38855ecdc5054290
Author: Deepak Ramadass <deramada@cisco.com>
Date: Fri May 21 11:06:39 2021 -0400
stream_tcp: populate flow contents in context for non-wire packets
Masud Hasan (mashasan) [Fri, 28 May 2021 17:13:27 +0000 (17:13 +0000)]
Merge pull request #2894 in SNORT/snort3 from ~MASHASAN/snort3:aux_ip_reload to master
Squashed commit of the following:
commit
c99146d5876c23277920b795a9dd7c6d8f6d9df3
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue May 18 20:54:15 2021 -0400
reputation: Supporting auxiliary IP matching upon reload
Mike Stepanek (mstepane) [Fri, 28 May 2021 15:25:37 +0000 (15:25 +0000)]
Merge pull request #2904 in SNORT/snort3 from ~OSHUMEIK/snort3:js_mpdu to master
Squashed commit of the following:
commit
33f6bc94d027eb9db5680b3bb3eeba0a2944f8c7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon May 24 11:22:15 2021 +0300
http_inspect: support partial detect for Javascripts
Normalizer context is allocated and freed once per PDU inspection.
As a partial flush happens at the closing script tag,
it enables context reusage in the following normalizations.
Chunked data is supported as well (by resetting the context).
commit
89043ad68d74323cfb2d4a64a6558929dae9b534
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue May 18 11:15:31 2021 +0300
utils: refactor JSTokenizer
Parsing is done mostly by the lexer's rules.
Temporary buffer (for unicode) reworked.
commit
f0952f4f9565e2f61c0bbcd76bf06474147ab90c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 13 16:02:47 2021 +0300
http_inspect: extend built-in alerts for Javascript processing
Alerts follow:
- nested opening tag
- closing tag seen in an unexpected place
- bad token happened
commit
e6d50626331e7bc8d30a07905ef8c8341bc0d1c7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 29 14:38:38 2021 +0300
utils: rework JSNormalizer class
JSNormalizer can be instantiated meaningfully.
It returns the state via the return codes.
JSNormalizer context is placed on the flow (if needed).
Normalization depth is the property of the context.
Flow memory usage is updated.
UNIT_TEST_BUILD macro added.
The inline script count is increased upon the opening tag seeing.
commit
6a8cad0fc881f94318b4679396e1364cb82ba012
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Apr 21 14:11:24 2021 +0300
http_inspect: improve MPSE in HttpJsNorm (script start conditions)
Naming and code style.
Rework match callback functions.
Combine some patterns in the opening tag into a single search.
Allocate the output buffer only if it is needed.
Masud Hasan (mashasan) [Thu, 27 May 2021 18:55:39 +0000 (18:55 +0000)]
Merge pull request #2909 in SNORT/snort3 from ~MASHASAN/snort3:filter_dhcp to master
Squashed commit of the following:
commit
e98fe541ff4d5972373d2a8c5124fb1b727fa3a3
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue May 25 17:10:00 2021 -0400
rna: Filtering DHCP events and some refactoring
Bhargava Jandhyala (bjandhya) [Wed, 26 May 2021 20:41:01 +0000 (20:41 +0000)]
Merge pull request #2878 in SNORT/snort3 from ~DIPANDIT/snort3:thread_wise_resume to master
Squashed commit of the following:
commit
30f9f9897dd34aba4a6743c499cbf0dea39dda5f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri May 7 06:39:14 2021 -0400
main: added support for resuming particular thread
Bhargava Jandhyala (bjandhya) [Tue, 25 May 2021 13:30:56 +0000 (13:30 +0000)]
Merge pull request #2898 in SNORT/snort3 from ~BSACHDEV/snort3:file_count to master
Squashed commit of the following:
commit
5cfba19416d2f864eb6fb9e1bc490ba66a499c4a
Author: bsachdev <bsachdev@cisco.com>
Date: Fri May 21 07:23:10 2021 -0400
file_api: increase file count only once per file
Signed-off-by: bsachdev <bsachdev@cisco.com>
Tom Peters (thopeter) [Mon, 24 May 2021 20:26:37 +0000 (20:26 +0000)]
Merge pull request #2899 in SNORT/snort3 from ~NIHDESAI/snort3:h2_rule_options to master
Squashed commit of the following:
commit
eee6084bae7e383f5b2dce1728b324cd2a4dd2e4
Author: Nihal Desai <nihdesai@cisco.com>
Date: Sun May 16 23:32:05 2021 -0400
http2_inspect: rule options and doc clean up
Masud Hasan (mashasan) [Mon, 24 May 2021 17:50:35 +0000 (17:50 +0000)]
Merge pull request #2896 in SNORT/snort3 from ~ARMANDAV/snort3:ratefilter to master
Squashed commit of the following:
commit
381fb7df3faa8e3185c6c6fc29cba022031260bd
Author: Arun Mandava <armandav@cisco.com>
Date: Wed May 12 14:37:59 2021 -0400
filters: Change rate filter to use network policy id instead of ips policy id
Tom Peters (thopeter) [Mon, 24 May 2021 16:27:50 +0000 (16:27 +0000)]
Merge pull request #2882 in SNORT/snort3 from ~KATHARVE/snort3:h2i_start_line to master
Squashed commit of the following:
commit
c11b631dee6a73b0b2190b1bfe65383e5ac10842
Author: Katura Harvey <katharve@cisco.com>
Date: Mon May 10 12:47:20 2021 -0400
http2_inspect: improve request line generation and checks
Masud Hasan (mashasan) [Thu, 20 May 2021 20:41:32 +0000 (20:41 +0000)]
Merge pull request #2892 in SNORT/snort3 from ~MMATIRKO/snort3:last_seen_fix to master
Squashed commit of the following:
commit
a320cce2f258f3390fbddca2993c19ca108a6ff5
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Apr 20 11:38:37 2021 -0400
rna: update last seen time on deleted host rediscovery
Russ Combs (rucombs) [Thu, 20 May 2021 20:36:00 +0000 (20:36 +0000)]
Merge pull request #2895 in SNORT/snort3 from ~RUCOMBS/snort3:build_3.1.5.0 to master
Squashed commit of the following:
commit
b637ab5f94cd7a24fdae969509bb183f3fa2a6c8
Author: Russ Combs <rucombs@cisco.com>
Date: Thu May 20 13:55:40 2021 -0400
build: Generate and tag 3.1.5.0
Tom Peters (thopeter) [Wed, 19 May 2021 20:08:05 +0000 (20:08 +0000)]
Merge pull request #2890 in SNORT/snort3 from ~MDAGON/snort3:memory to master
Squashed commit of the following:
commit
506959d13ea92852540f493e0d3818ed3977e6e4
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 17 13:15:59 2021 -0400
memory: free_space cleanup
Masud Hasan (mashasan) [Tue, 18 May 2021 22:22:52 +0000 (22:22 +0000)]
Merge pull request #2886 in SNORT/snort3 from ~MMATIRKO/snort3:monitor_but_better to master
Squashed commit of the following:
commit
72c8a3dc6e826e107e11ff901c9d14f6bb9f5ed2
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu May 13 12:07:52 2021 -0400
reputation: track monitor ID via flow; minor code cleanup
Tom Peters (thopeter) [Tue, 18 May 2021 21:05:04 +0000 (21:05 +0000)]
Merge pull request #2885 in SNORT/snort3 from ~MDAGON/snort3:res_depth to master
Squashed commit of the following:
commit
94b659b9e667930660a9434d0c9a514d3b187617
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Apr 23 11:03:32 2021 -0400
http2_inspect: optimize processing after reaching flow depth
Tom Peters (thopeter) [Tue, 18 May 2021 17:03:57 +0000 (17:03 +0000)]
Merge pull request #2887 in SNORT/snort3 from ~MDAGON/snort3:update_print to master
Squashed commit of the following:
commit
d58a66cbe0559ed5394f49cfef620cb65b237833
Author: Maya Dagon <mdagon@cisco.com>
Date: Mon May 17 15:41:18 2021 -0400
http2_inspect: update discard print
Steve Chew (stechew) [Mon, 17 May 2021 19:47:08 +0000 (19:47 +0000)]
Merge pull request #2877 in SNORT/snort3 from ~DERAMADA/snort3:load_lua_exit to master
Squashed commit of the following:
commit
5a4ccf3e529c7f3b96b4330c0dad66a3d3d14d57
Author: Deepak Ramadass <deramada@cisco.com>
Date: Thu Apr 29 16:25:03 2021 -0400
shell: exit gracefully when sanbox lua is misconfigured
projects / thirdparty / snort3.git / log
