git.ipfire.org Git - thirdparty/snort3.git/log

Merge pull request #2770 in SNORT/snort3 from ~SVLASIUK/snort3:doc_ips_states to master

Squashed commit of the following:

commit 1c155320fdadbb0513af094e96f98d034bf91c25
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Mar 2 14:35:09 2021 +0200

doc: update documentation for ips.states

Merge pull request #2774 in SNORT/snort3 from ~MMATIRKO/snort3:funky_flush to master

Squashed commit of the following:

commit 12979dc9a9035a732d7be73a2a1b0d42000c97b8
Author: russ <rucombs@cisco.com>
Date:   Mon Mar 1 10:21:38 2021 -0500

    stream_tcp: Ensure flows aren't pruned while processing a PDU

    Externally triggered flushes require a new context if a packet is not
    already in play. All external flushes require a new packet.

Merge pull request #2759 in SNORT/snort3 from ~OSHUMEIK/snort3:cvars to master

Squashed commit of the following:

commit 5a87d044fb559592ece9f0d340f79d1f330b3095
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Feb 16 17:09:05 2021 +0200

    detection: use IP and port variables from the targeted policy

    Port lists are updated for every duped RTN if its ports have been changed.

Merge pull request #2772 in SNORT/snort3 from ~DERAMADA/snort3:ftp_held_pkt_detection to master

Squashed commit of the following:

commit 26c02c56d90d25bcbd9b8e62e1dcf0e12ca991df
Author: Deepak Ramadass <deramada@cisco.com>
Date:   Thu Feb 25 11:04:05 2021 -0500

    stream: set block pending flag when a flow is dropped

commit dd01cd19943517c5dcada77d82c3079dd20a2c64
Author: Deepak Ramadass <deramada@cisco.com>
Date:   Thu Feb 25 11:03:02 2021 -0500

    ftp_telnet: implement init_partial_flush for ftp data

Merge pull request #2754 in SNORT/snort3 from ~SPADALKA/snort3:perf_tracker_crash to master

Squashed commit of the following:

commit f5cbcb1e165ad8c3ba18f921c0dd5dc2a656e9d7
Author: Satyajit Padalkar <spadalkar@gmail.com>
Date: Wed Mar 3 16:52:35 2021 -0500

perf_monitor: Fix finalizing JSON output files for trackers

Merge pull request #2773 in SNORT/snort3 from ~MIALTIZE/snort3:textlog_format to master

Squashed commit of the following:

commit cc15aa3048a4006dcede48ae2c74292f1185ef44
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 2 13:03:42 2021 -0500

log: Add printf format attribute to TextLog_Print() and clean up the fallout

Merge pull request #2403 in SNORT/snort3 from ~KBHANDAN/snort3:cleanup_cmd_line to master

Squashed commit of the following:

commit 1e5322ae5ba0f32c3af2ccf35d52c637a556ffe2
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Fri Aug 14 16:12:59 2020 -0400

snort_config: remove unnecessary command line options

Merge pull request #2746 in SNORT/snort3 from ~APOORAJ/snort3:portscan_fixit_delimiter to master

Squashed commit of the following:

commit c4088ca495e7bb1cfb4e244243d43e3878a9de25
Author: Apoorv Raj <apooraj@cisco.com>
Date: Sat Feb 6 17:22:13 2021 -0500

portscan: Fix delimiter for ports in config

Merge pull request #2769 in SNORT/snort3 from ~PUNEETKU/snort3:pkt_cp_chry_pk to master

Squashed commit of the following:

commit 491324ec7ff4267206c353402e932a0fc91a0323
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Fri Feb 19 00:32:34 2021 -0500

packet_capture: add group filter for packet capture

Merge pull request #2768 in SNORT/snort3 from ~SHRARANG/snort3:appid_cppcheck to master

Squashed commit of the following:

commit 540aa99530d3d7e9ff6282691891553fcb9153da
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 26 12:41:42 2021 -0500

appid: fixes for cppcheck warnings

Merge pull request #2747 in SNORT/snort3 from ~SBAIGAL/snort3:perf_ha to master

Squashed commit of the following:

commit 8a93f67c57c000a089e52459f3f6ddd425387a28
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Thu Feb 18 16:31:11 2021 -0500

    stream: do not update service from appid to host attributes if nothing is changed

commit 58111934f03848ddb29be00ba9268ca93d801262
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Thu Feb 18 13:40:20 2021 -0500

    host_attributes: updated api to reduce use of shared_pointer

commit 678f77983e959ac97e659ceb000dd3bcb4d05baa
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date:   Thu Feb 18 12:43:56 2021 -0500

    binder: use service inspector caching to improve get_gadget() performance

Merge pull request #2760 in SNORT/snort3 from ~MASHASAN/snort3:flush_on_fin_recv to master

Squashed commit of the following:

commit 2eab74e332742c3afbffbdcf2f366a90a7bcd0db
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Feb 18 22:05:52 2021 -0500

stream_tcp: Flush queued segments when FIN is received

Merge pull request #2767 in SNORT/snort3 from ~BBANTWAL/snort3:alias_fix to master

Squashed commit of the following:

commit aec73724ee2ba89181730c41662031e90ef4232d
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Feb 24 16:55:10 2021 -0500

managers: Perform sanity checks on set_alias() parameters

Merge pull request #2764 in SNORT/snort3 from ~JRITTLE/snort3:iec104_trace_fix to master

Squashed commit of the following:

commit 888682bccf55b3b6f93c6d2a023fc295e34b99d6
Author: jrittle <jrittle@cisco.com>
Date: Wed Feb 24 09:40:49 2021 -0500

iec104: additional input sanitization, syntax, and style changes

Merge pull request #2765 in SNORT/snort3 from ~JRITTLE/snort3:doc_iec104_service_inspector to master

Squashed commit of the following:

commit f6e25e62a7ab803c360f168349da23a6f6609db0
Author: jrittle <jrittle@cisco.com>
Date: Mon Feb 22 14:36:01 2021 -0500

iec104: adding documentation for iec104 service inspector

Merge pull request #2743 in SNORT/snort3 from ~JRITTLE/snort3:iec104_service_inspector to master

Squashed commit of the following:

commit 4f3019db2c8f24111cbf99e154feb30f1876ef70
Author: jrittle <jrittle@cisco.com>
Date: Tue Feb 23 14:20:42 2021 -0500

iec104: integrating new iec104 protocol service inspector

Merge pull request #2762 in SNORT/snort3 from ~SATHIRKA/snort3:optimize_loading_lua_detectors to master

Squashed commit of the following:

commit 38a9cd5cffc0e971391be078f2499f04085e37ae
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Dec 14 16:11:23 2020 -0500

appid: Load lua detectors for packet threads from compiled lua bytecode during detector reload

Merge pull request #2741 in SNORT/snort3 from ~BBANTWAL/snort3:binder_aliases to master

Squashed commit of the following:

commit 9ca8c58d0bf04b18e4441bed7e9b61c42c984688
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date:   Wed Feb 10 14:19:28 2021 -0500

    managers: enforce strict parsing for binder aliases

    1. don't load aliased table when alias type is not known
    2. don't load aliased table when alias type is not bindable
    3. error and don't load aliased table when alias name is not empty
    and alias type is a singleton (global usage)
    4. error and don't load aliased table when alias name is a known module

Merge pull request #2750 in SNORT/snort3 from ~SVLASIUK/snort3:pcre_relative to master

Squashed commit of the following:

commit c23a528787f8a0f9d7052e6e0dba7c84b17473ae
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Feb 11 18:29:10 2021 +0200

ips_options: update cursor position for relative pcre

Merge pull request #2738 in SNORT/snort3 from ~DERAMADA/snort3:reputation_cleanup to master

Squashed commit of the following:

commit 82c01b1afb0e625f836a7ae09ae0df5098024aff
Author: Deepak Ramadass <deramada@cisco.com>
Date: Wed Feb 10 11:21:08 2021 -0500

reputation: remove redundant terms

Merge pull request #2756 in SNORT/snort3 from ~MDAGON/snort3:rst_frame to master

Squashed commit of the following:

commit 54dc3d9568f8cc05da2b84a6457f131bc589912f
Author: mdagon <mdagon@cisco.com>
Date: Fri Jan 22 15:18:07 2021 -0500

http2_inspect: process rst_stream frame

Merge pull request #2751 in SNORT/snort3 from ~DIPANDIT/snort3:smb1_file_api to master

Squashed commit of the following:

commit 2c8805d21d2106d95ea496a320bcf4898bb4e4fe
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Mon Feb 15 04:20:50 2021 -0500

dce_rpc: pass proper file id in file api from smb1

Merge pull request #2753 in SNORT/snort3 from ~ARMANDAV/snort3:oomkill to master

Squashed commit of the following:

commit 41f16cfa0a59259aabc849b50ac39b16868fed88
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Feb 11 20:50:55 2021 -0500

memory: free memory space while updating allocation

Merge pull request #2740 in SNORT/snort3 from ~MDAGON/snort3:chunk_partial to master

Squashed commit of the following:

commit 4549c4b769a5cb8f0cc2535385a1525dcc0da6e1
Author: mdagon <mdagon@cisco.com>
Date: Thu Jan 28 09:12:47 2021 -0500

http_inspect: partial inspection for 0 length chunk

Merge pull request #2755 in SNORT/snort3 from ~THOPETER/snort3:di_reversion to master

Squashed commit of the following:

commit 182ae204f53679e1a86031649361399cf757637f
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Feb 18 13:44:19 2021 -0500

http_inspect: temporarily restore detained_inspection parameter

Merge pull request #2749 in SNORT/snort3 from ~SHRARANG/snort3:appid_remove_forecast to master

Squashed commit of the following:

commit 8b16b5b54d078478ddffa3b4899b68eda7a4641d
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 12 17:17:55 2021 -0500

appid: remove app forecast method

Merge pull request #2745 in SNORT/snort3 from ~MDAGON/snort3:doc_remove_detained to master

Squashed commit of the following:

commit 18a1323b4462d37298071fa023a070b3d2786a7b
Author: mdagon <mdagon@cisco.com>
Date: Fri Feb 12 17:02:33 2021 -0500

doc: remove http detained inspection from user manual

Merge pull request #2748 in SNORT/snort3 from ~THOPETER/snort3:nhttp155 to master

Squashed commit of the following:

commit f6efaf5d3ed10d81275a38931dcaeba00b4564ab
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Feb 15 17:11:57 2021 -0500

http_inspect: remove detained inspection

Merge pull request #2742 in SNORT/snort3 from ~THOPETER/snort3:nhttp154 to master

Squashed commit of the following:

commit 9c6dd8194ed2f3549d7731affc566dc7127a4801
Author: Tom Peters <thopeter@cisco.com>
Date:   Thu Feb 11 13:35:28 2021 -0500

    http_inspect: IPv6 authority in URI

commit ab9cb850c58828dc3ecebe67c3345019dd5433d6
Author: Tom Peters <thopeter@cisco.com>
Date:   Mon Feb 8 11:46:48 2021 -0500

    http_inspect: Javascript support cleanup

Merge pull request #2739 in SNORT/snort3 from ~MIALTIZE/snort3:binder_stuff2 to master

Squashed commit of the following:

commit b38c4c0fbf677313717ccc289a77cbacb4f047ab
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Feb 9 12:13:25 2021 -0500

    ftp_telnet: Respect telnet_cmds config for raising 125:1

commit 9ab2924a28b50726a8d185eaae10990d7b224cb6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Feb 4 12:35:21 2021 -0500

    binder: Apply host attribute table information at the beginning of flow setup

commit d794f0481b9e1d886fe65ae0cec87e6af33ecd76
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Dec 4 15:26:00 2020 -0500

    binder: Use the first match for non-terminal binding usage

commit 76d7cea0d784afcab575a173c57c8a65ac0a6153
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Dec 4 15:13:31 2020 -0500

    binder: Clean up std namespace usage

commit 464fd2c44019b3a48c8c44c6b9c7bed82b3dc0b2
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Dec 4 14:51:22 2020 -0500

    inspector_manager: Instantiate default binder as long as a wizard or stream are present

commit 7f0be69877ff16e0fc74716c0c73e9850eca1a46
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Dec 3 15:05:37 2020 -0500

    module_manager: Enforce interest in global modules only in the default policy

commit 0cacbbc73299aecd52ba1f08700fb996c089a8a0
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Dec 16 13:49:06 2020 -0500

    action_manager: Remove unused cached reject action

Merge pull request #2733 in SNORT/snort3 from ~OSHUMEIK/snort3:sslv2_curse to master

Squashed commit of the following:

commit af61d25062a0f28247cd017cd9a2f4269f0655bc
Author: ryanhoff <ryanhoff@cisco.com>
Date:   Tue Jan 21 16:55:33 2020 -0500

    wizard: add support for sslv2 detection

    The curse ignores specs/challenge/session_id length values.
    It's up to the inspector to decide about it.

Merge pull request #2736 in SNORT/snort3 from ~OSHUMEIK/snort3:default_module_end to master

Squashed commit of the following:

commit 597c069734ebcddf8763bbde18bf4d48adf430ae
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Fri Feb 5 16:00:28 2021 +0200

    managers: pass the configuration to default module's end()

    Thanks to W. Michael Petullo for reporting the issue.

Merge pull request #2735 in SNORT/snort3 from ~SHRARANG/snort3:appid_remove_obsolete_detectors to master

Squashed commit of the following:

commit 37dc196d8111a349c7acb34d2333a70dc1d6fde1
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Feb 5 09:45:23 2021 -0500

appid: remove detectors for obsolete apps - AOL instant messenger and Yahoo messenger

Merge pull request #2668 in SNORT/snort3 from ~SUNIMUKH/snort3:clear_counter to master

Squashed commit of the following:

commit edc690f9464477764c96dbc175411d6e2b0e543f
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Dec 8 03:14:39 2020 -0500

snort: clear snort counter for modules, daq, file_id, appid

Merge pull request #2727 in SNORT/snort3 from ~SMINUT/snort3:rna_netbios to master

Squashed commit of the following:

commit b3850b1ddb6329274d502de7c4c7312cf8f0207b
Author: Silviu Minut <sminut@cisco.com>
Date:   Fri Jan 29 12:30:22 2021 -0500

    rna: discover NetBIOS name

    Discover NetBIOS in appid, publish an event and log it in rna.

Merge pull request #2662 in SNORT/snort3 from ~APOORAJ/snort3:port_scan_fixes to master

Squashed commit of the following:

commit 27a5e5b0592fe2a2d8102385755223f51edc6f3b
Author: Apoorv Raj <apooraj@cisco.com>
Date:   Tue Dec 22 05:05:08 2020 -0500

    portscan: fix decoy and distributed scan logic

commit 508c3052a2f17456ca68389722438cd48c78bf5d
Author: Apoorv Raj <apooraj@cisco.com>
Date:   Mon Dec 7 02:14:42 2020 -0500

    portscan: Fix IP scans not alerting

Merge pull request #2732 in SNORT/snort3 from ~THOPETER/snort3:nhttp153 to master

Squashed commit of the following:

commit 3f388128feedc0ece93e4312f48feafb69a1cb4d
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 29 17:11:40 2021 -0500

http_inspect: remove unused events

Merge pull request #2731 in SNORT/snort3 from ~ARMANDAV/snort3:napbug to master

Squashed commit of the following:

commit 4152a7d9d0d407bcd976cf00c344e3e653d69343
Author: Arun Mandava <armandav@cisco.com>
Date: Mon Feb 1 13:26:24 2021 -0500

stream: always use latest splitter from tracker after paf_check

Merge pull request #2730 in SNORT/snort3 from ~DIPANDIT/snort3:handle_async to master

Squashed commit of the following:

commit 904c98bc58f715b3369622c07fe727e2492d904f
Author: Dipto Pandit (dipandit) <dipandit@cisco.com>
Date: Fri Jan 29 05:52:41 2021 -0500

dce_rpc: handle async responses in smbv2

Merge pull request #2718 in SNORT/snort3 from ~MASHASAN/snort3:tcp_dso to master

Squashed commit of the following:

commit 4cc835adb34938ecb1e9c1b9c9e5bf914ed09558
Author: Masud Hasan <mashasan@cisco.com>
Date: Sun Jan 17 20:34:34 2021 -0500

stream_tcp: Supporting data on SYN by default with or without Fast Open option

Merge pull request #2728 in SNORT/snort3 from ~SHRARANG/snort3:file_magic_pcap to master

Squashed commit of the following:

commit b042f7abee48221fa96006d8151d35aab2973e67
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Feb 1 14:33:49 2021 -0500

file_magic: add pattern for pcapng

Merge pull request #2724 in SNORT/snort3 from ~AGIURGIU/snort3:pcapng_pattern to master

Squashed commit of the following:

commit 79691dc526824df6b74f77c777572f6810058c74
Author: Alexandru Giurgiu <agiurgiu@cisco.com>
Date: Thu Jan 28 13:10:29 2021 +0200

file_magic: New pattern for pcapng

Merge pull request #2721 in SNORT/snort3 from ~KATHARVE/snort3:h2i_stream_limit to master

Squashed commit of the following:

commit 8dc19216a06d0e2b18fc4f02aabc4b2955e2e65e
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jan 22 14:46:34 2021 -0500

http2_inspect: limit number of concurrent streams

Merge pull request #2722 in SNORT/snort3 from ~SATHIRKA/snort3:reload_detectors_response to master

Squashed commit of the following:

commit 6af6fafdf8634b8176bf7dcd040d0014e769aca5
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jan 26 13:09:14 2021 -0500

appid: Send reloading detectors message to socket immediately

Merge pull request #2725 in SNORT/snort3 from ~MIALTIZE/snort3:3_1_1_0 to master

Squashed commit of the following:

commit 094794410a5872f3da801bc83644d481489dcfb1
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jan 28 10:46:22 2021 -0500

build: Generate and tag 3.1.1.0

Merge pull request #2723 in SNORT/snort3 from ~MDAGON/snort3:napth to master

Squashed commit of the following:

commit 3043fc34dfe875a1362407c007dfc5c07d80ae4e
Author: mdagon <mdagon@cisco.com>
Date: Tue Jan 26 15:59:22 2021 -0500

codecs: update tcp naptha check to make sure it is ipv4 traffic

Merge pull request #2695 in SNORT/snort3 from ~SHIKV/snort3:snmp to master

Squashed commit of the following:

commit 35e3bfc98489be91544c74e671fc2eb31c7c4dc4
Author: shikv <shikv@cisco.com>
Date: Sun Jan 10 16:57:40 2021 -0500

appid: add support for snmpv3 report pdu

Merge pull request #2719 in SNORT/snort3 from ~DIPANDIT/snort3:handle_stop_verdict to master

Squashed commit of the following:

commit 7d259f788d761da3eacb91122e54d52c3e0ac4e3
Author: Dipto Pandit <dipandit@cisco.com>
Date: Mon Jan 25 04:29:18 2021 -0500

file_api: stop processing signature when type verdict is 'FILE_VERDICT_STOP'

Merge pull request #2693 in SNORT/snort3 from ~SMINUT/snort3:host_cache_rna to master

Squashed commit of the following:

commit ec7f9504910ba29d2899c7669f833195b29fd6dd
Author: Silviu Minut <sminut@cisco.com>
Date:   Fri Jan 8 10:55:59 2021 -0500

    rna: Minimize synchronization overhead

    Avoid some locks during network discovery in order to increase speed,
    by caching the host trackers locally in the RNAFlow, in a way in which
    the cached host trackers do not spill memory into the host cache during
    pruning.

Merge pull request #2700 in SNORT/snort3 from ~SHRARANG/snort3:appid_lua_cleanup to master

Squashed commit of the following:

commit b99a830b4eaefa3394534da367df1f1fcd6aed10
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Jan 11 10:52:37 2021 -0500

appid: remove unused code; cleanup FIXIT comments related to reload

Merge pull request #2713 in SNORT/snort3 from ~SATHIRKA/snort3:reload_response to master

Squashed commit of the following:

commit ab0f7d9e35572f611a339eb4ff7ddeeeb8b3c547
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jan 8 11:19:29 2021 -0500

appid: Send reload detectors and third-party messages to socket immediately if appid is not enabled

Merge pull request #2717 in SNORT/snort3 from ~KATHARVE/snort3:hi_scheme_length to master

Squashed commit of the following:

commit 3ba32d1935436a4246e8242302935abb38a92c13
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Jan 22 10:53:37 2021 -0500

http_inspect: validate URI scheme length

Merge pull request #2681 in SNORT/snort3 from ~PRBHALER/snort3:fw_ha to master

Squashed commit of the following:

commit 8947b45af8169786b9b46a8f6139e3532abcde20
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Mon Jan 18 10:17:47 2021 -0500

flow: updating direction and interface info in HA flow.

Merge pull request #2689 in SNORT/snort3 from ~SBAIGAL/snort3:ftps_eof to master

Squashed commit of the following:

commit bf862aa1e46a75147da1332d0f343faed2b273d6
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Dec 15 13:09:53 2020 -0500

ftp: using hold_packet to handle ftp-data eof

Merge pull request #2703 in SNORT/snort3 from ~SHRARANG/snort3:appid_sip_reload to master

Squashed commit of the following:

commit 14adfff5e37a683b77cc1426edf78c37bdbc2897
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 15 00:03:42 2021 -0500

appid: do not process sip event for an existing session after detector reload

Merge pull request #2711 in SNORT/snort3 from ~OSHUMEIK/snort3:fix to master

Squashed commit of the following:

commit 46d8bcdb2067c1c169de3e4666bac9c2804a62f6
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Jan 20 13:44:33 2021 +0200

managers: change the message to be a warning

Merge pull request #2712 in SNORT/snort3 from ~RDEMPSTE/snort3:inspector_ref_count to master

Squashed commit of the following:

commit 8787270d1f835699059f2b6163435b222d076088
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jan 15 14:40:08 2021 -0500

inspector: add a global reference count for uses that are not thread specific

Merge pull request #2709 in SNORT/snort3 from ~MDAGON/snort3:settings to master

Squashed commit of the following:

commit 40fdd7a388e51d4d2c8cdac04b79178989a6dea4
Author: mdagon <mdagon@cisco.com>
Date: Tue Jan 12 16:57:13 2021 -0500

payload_injector: inject settings frame

Merge pull request #2714 in SNORT/snort3 from ~THOPETER/snort3:nhttp152 to master

Squashed commit of the following:

commit d183c08a43839b51274b9323e808b05b14470177
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jan 20 17:15:56 2021 -0500

http_inspect: add chunked processing to dev notes

Merge pull request #2710 in SNORT/snort3 from ~SATHIRKA/snort3:ha_crash_appid to master

Squashed commit of the following:

commit 94e65ca756857fbe3e2a8940c12e813e033a62b2
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jan 15 09:28:39 2021 -0500

appid: always store container session api object in stash

Merge pull request #2704 in SNORT/snort3 from ~ANTOROZC/snort3:opoluian_cert_cache_size to master

Squashed commit of the following:

commit be2fccccd8674196c0454f70b749534bdc150c0e
Author: Oleh Poluianskyi <opoluian@cisco.com>
Date: Thu Jan 14 19:32:19 2021 +0200

lrucache: changes for memcap for support constant cache objects with variable size.

Merge pull request #2686 in SNORT/snort3 from ~OSHUMEIK/snort3:purge_trash to master

Squashed commit of the following:

commit 6946763e813ab16584b977647cf8c3b7fce5e434
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Dec 22 13:42:38 2020 +0200

    managers: clean all inactive inspectors ignoring referenced ones

    At the exit the framework guarantees all inactive inspectors will be cleaned up.

Merge pull request #2705 in SNORT/snort3 from ~KATHARVE/snort3:file_context to master

Squashed commit of the following:

commit 43e965a50c52225c8abf584a511f75db6923b00b
Author: Katura Harvey <katharve@cisco.com>
Date:   Thu Jan 14 15:55:38 2021 -0500

    mime: provide file_id to set file name and read new return value

commit e6de4fd92c3ce02a905aa18ed095d80e847413c9
Author: Katura Harvey <katharve@cisco.com>
Date:   Thu Jan 14 15:55:04 2021 -0500

    http_inspect: provide file_id to set file name and read new return value

commit 1197b3c8a80b2703a739704e11aeb4032e76ef90
Author: Katura Harvey <katharve@cisco.com>
Date:   Tue Jan 12 17:25:06 2021 -0500

    file_api: remove file context after file name set if processing is complete

Merge pull request #2701 in SNORT/snort3 from ~THOPETER/snort3:nhttp151 to master

Squashed commit of the following:

commit 590e02e4b68adfb5105de46c844b31c8cf3aaac5
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Jan 11 18:49:18 2021 -0500

http_inspect: validate and normalize scheme

Merge pull request #2699 in SNORT/snort3 from ~MIALTIZE/snort3:version to master

Squashed commit of the following:

commit fde481c81ff3499cd9b5cf8f18557a4801378021
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jan 13 12:57:23 2021 -0500

    build: Generate and tag 3.1.0

commit d8ba67eba1dac5e7e6ef19b02d252c4f1f6985f4
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jan 13 12:57:23 2021 -0500

    build: Add support for version sublevel and build via CMake

    The sublevel version in CMakeLists.txt acts as a fourth digit for the
    version.  It is expected to be 0 in the master branch in all but the
    rarest cases.

    The VERSION_BUILD CMake variable can be defined and used by an external
    build system for artifact tracking.  If a build number is not manually
    defined, all mention of build numbers will be stripped from Snort's
    output.  To set VERSION_BUILD from configure_cmake.sh, the
    SNORT_BUILD_NUMBER variable is used from the command line options.

    Note: A build number of 0 will be ignored and treated as though it was
    not set.

commit 8dff1244a18d88b2f2f3da7241f335d7f97159ed
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Jan 13 12:57:23 2021 -0500

    stream_tcp: Remove obsolete flush_data_ready() function

Merge pull request #2691 in SNORT/snort3 from ~KBHANDAN/snort3:whd_ids to master

Squashed commit of the following:

commit c3914b6900a5570dd7eb87806da9749560971605
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Thu Jan 7 17:00:08 2021 -0500

packet_io: ids mode should not give blacklist verdict for Intrusion event

Merge pull request #2682 in SNORT/snort3 from ~OSHUMEIK/snort3:log_buffered to master

Squashed commit of the following:

commit 640bdaa5a20b77c4ba8db4d571f1a7e9a52a48b9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Dec 16 17:54:34 2020 +0200

    log: reuse TextLog buffer for a large data

    Thanks to Chris White for reporting the issue.

Merge pull request #2688 in SNORT/snort3 from ~SATHIRKA/snort3:navl_conn_destroy_core to master

Squashed commit of the following:

commit 8f96caf9be67da55952502cee1e0822a72ec64c9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jan 6 10:40:59 2021 -0500

appid: tear down third-party when appid gets disabled

Merge pull request #2697 in SNORT/snort3 from ~KATHARVE/snort3:hi_fix_test to master

Squashed commit of the following:

commit 0d0f2b28cd6f25b3ad851cfd2538a5c7f487ad34
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jan 11 13:01:08 2021 -0500

http_inspect: fix type of unit test mock function

Merge pull request #2692 in SNORT/snort3 from ~MDAGON/snort3:nhi_alert to master

Squashed commit of the following:

commit 45db5f4a4e9eadc2ddb6565824ed3407063b4307
Author: mdagon <mdagon@cisco.com>
Date: Tue Dec 22 15:44:07 2020 -0500

http_inspect: alert on truncated chunked and content-length message bodies

Merge pull request #2690 in SNORT/snort3 from ~KATHARVE/snort3:h2_in_hi to master

Squashed commit of the following:

commit 955281029abbb6d30732b10660a5edde2594f78a
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jan 5 14:59:13 2021 -0500

http_inspect: abort on HTTP/2 connection preface

Merge pull request #2684 in SNORT/snort3 from ~ARMANDAV/snort3:rnafilter to master

Squashed commit of the following:

commit f4e3ff89854a11ff6d1cf3acd9bb7f99c2445314
Author: Arun Mandava <armandav@cisco.com>
Date: Tue Dec 22 15:49:13 2020 -0500

rna: Perform appropriate filter check based on the event type

Merge pull request #2687 in SNORT/snort3 from ~SHRARANG/snort3:appid_test_cleanup to master

Squashed commit of the following:

commit 4110a15eb824ce2ef4b4535ce7dae21ed831931b
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Sat Jan 2 06:50:48 2021 -0500

appid: store stats in map

Merge pull request #2683 in SNORT/snort3 from ~PSREENAT/snort3:http_bytes_telemetry to master

Squashed commit of the following:

commit c52d4abbe0dc3a0256504ed7b66f6c22eba9af2b
Author: Prajwal Srinivas Sreenath <psreenat@cisco.com>
Date:   Tue Dec 22 00:03:57 2020 -0500

    http_inspect: added total_bytes peg to track HTTP data bytes inspected
    http2_inspect: added total_bytes peg to track HTTP/2 data bytes inspected

Merge pull request #2669 in SNORT/snort3 from ~DAVMCPHE/snort3:max_pdu_only to master

Squashed commit of the following:

commit c3b1baf2fd09a5aaf58ee09a26efd7048c8d3ea9
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Tue Dec 22 11:30:01 2020 -0500

    stream_tcp: delete redundant calls to check if the tcp packet contains a data payload

commit ed0484fe30ec0e9fbd7808aaab06dbdbc8d61a75
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Tue Dec 22 11:28:56 2020 -0500

     stream_tcp: on midstream pickup, when first packet is a data segment, set flag on talker tracker to reinit seglist base seg on first received data packet

commit c2d0eadde2b5eee60372c891b931bc39f626fc4f
Author: davis mcpherson <davmcphe@cisco.com>
Date:   Tue Dec 1 16:51:47 2020 -0500

    stream_tcp: fix issues causing overrun of the pdu reassembly buffer.  make splitters authoritative of size of the reassembled pdu

    rpc_decode: implement adjust_to_fit for RPC splitter

Merge pull request #2685 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala to master

Squashed commit of the following:

commit 76711cb440bcab2b58522e661f99762d22b05b38
Author: krishnakanth <vkambala@cisco.com>
Date: Tue Dec 22 01:10:13 2020 -0500

dce_rpc: Handling Flow from File inspection

Merge pull request #2680 in SNORT/snort3 from ~MDAGON/snort3:stretch2 to master

Squashed commit of the following:

commit 2612410ad696c131fdb4218657cf4c0452c375b4
Author: mdagon <mdagon@cisco.com>
Date: Wed Dec 16 08:57:08 2020 -0500

http_inspect: support stretch for Http2

Merge pull request #2679 in SNORT/snort3 from ~MMATIRKO/snort3:hc_stats to master

Squashed commit of the following:

commit edff674d34c782734c05856c288423ba9ac448e4
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Dec 17 18:31:36 2020 -0500

host_cache: add command to output host_cache usage, pegs, and memcap

Merge pull request #2677 in SNORT/snort3 from ~ARMANDAV/snort3:revertperffix to master

Squashed commit of the following:

commit f75ee339e475c3a8c67a66f200f3c666eaf8a346
Author: Arun Mandava <armandav@cisco.com>
Date:   Thu Dec 17 23:20:40 2020 -0500

    rna: Fix version, vendor and user string comparison at maximum length

commit 55d146d81e50c91b372b3545fc5af399901f3b39
Author: Arun Mandava <armandav@cisco.com>
Date:   Thu Dec 17 18:58:06 2020 -0500

    rna: Revert rna performance optimizations

Merge pull request #2676 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_6 to master

Squashed commit of the following:

commit e6ef79fc5f08a0dd29383e846527615e91ec85ea
Author: Michael Altizer <mialtize@cisco.com>
Date: Sun Dec 20 13:33:56 2020 -0500

build: Generate and tag 3.0.3 build 6

Merge pull request #2665 in SNORT/snort3 from ~KAMURTHI/snort3:interactive_block to master

Squashed commit of the following:

commit 66f73911e305ece27134da3d24a6c326dc3da5ea
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Tue Dec 8 17:29:07 2020 -0500

appid: allow checking appid availability for a given http/2 stream

Merge pull request #2673 in SNORT/snort3 from ~SBAIGAL/snort3:ha_leak to master

Squashed commit of the following:

commit 346acd5e8b316701a2f5b7e98ff780bd6e68a095
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Dec 16 16:00:06 2020 -0500

reload_config: fix memory leak casued by incorrect code merge

Merge pull request #2672 in SNORT/snort3 from ~OSERHIIE/snort3:bug_CSCvw81752 to master

Squashed commit of the following:

commit 396f8663f2fb7cc95a318675dc0f961abf1ca2d6
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Dec 16 13:52:00 2020 +0200

parser: fix escape logic for --dump-rule-meta output

Merge pull request #2674 in SNORT/snort3 from ~SMINUT/snort3:rna_misc to master

Squashed commit of the following:

commit 284465093b36806f241318cd9e68ac8be2b03f89
Author: Silviu Minut <sminut@cisco.com>
Date:   Wed Dec 16 18:14:42 2020 -0500

    rna:
    * do null check on the RnaInspector rather than the RnaModule in the control commands
    * make the mac cache persist over reload config

Merge pull request #2675 in SNORT/snort3 from ~DERAMADA/snort3:revert_reputation to master

Squashed commit of the following:

commit e9c62d807056426a8702607b7c10bed407f624da
Author: Deepak Ramadass <deramada@cisco.com>
Date:   Thu Dec 17 10:26:37 2020 -0500

    reputation: retain backward compatibility

    This reverts commit 29c66e6d5d11a680633b1d8ac6f00b8c1c8e98d2.

Merge pull request #2659 in SNORT/snort3 from ~DERAMADA/snort3:reputation_cleanup to master

Squashed commit of the following:

commit bc3c243b24e39ca16a5f80c127dcd670a9bd3a00
Author: Deepak Ramadass <deramada@cisco.com>
Date: Mon Dec 7 15:32:05 2020 -0500

reputation: remove redundant terms

Merge pull request #2660 in SNORT/snort3 from ~KBHANDAN/snort3:whd to master

Squashed commit of the following:

commit 32eb1b6bf8f56b10a1f3de6fc57ac2f4bf96e415
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Wed Dec 9 12:28:38 2020 -0500

flow: Pause logging during timeout processing

Merge pull request #2667 in SNORT/snort3 from ~THOPETER/snort3:h2i19 to master

Squashed commit of the following:

commit ec134c29fde5e04d049e59c04363b0244abc8aec
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Dec 1 12:39:37 2020 -0500

http_inspect: script detection for HTTP/2

Merge pull request #2671 in SNORT/snort3 from ~THOPETER/snort3:h2i_extra_zero_fix to master

Squashed commit of the following:

commit 1478154ce4eb86a0c526ed6a16a7319e596c64d3
Author: mdagon <mdagon@cisco.com>
Date: Wed Nov 25 11:45:43 2020 -0500

http2_inspect: remove 0 length scan for most cases

Merge pull request #2654 in SNORT/snort3 from ~KATHARVE/snort3:http_mem to master

Squashed commit of the following:

commit 1d1ae0a0c472fd241db960b3463c451271d5bdd5
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Dec 3 12:34:01 2020 -0500

http_inspect: explicit memory allocation for transactions and partial inspections

Merge pull request #2646 in SNORT/snort3 from ~OSERHIIE/snort3:bug_CSCvw42309 to master

Squashed commit of the following:

commit 35252f9f1f00e0d9a637ff3c39374d1c1b9c37e7
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Nov 30 11:46:59 2020 +0200

parser: add escaping for double quotes and special chars in a rule body

Merge pull request #2666 in SNORT/snort3 from ~KATHARVE/snort3:h2i_inspection_depth2 to master

Squashed commit of the following:

commit 0ac7d7a247071936d351a9b514d7aa240ad9386b
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Dec 10 16:36:19 2020 -0500

http2_inspect: fix bug with exceeding inspection depth

Merge pull request #2663 in SNORT/snort3 from ~DIPANDIT/snort3:file_stat to master

Squashed commit of the following:

commit 55bed1f3cba5e8cdedc29e044bb1d802618aaa62
Author: Dipto Pandit <dipandit@cisco.com>
Date: Thu Dec 10 05:31:04 2020 -0500

file_api: fixed stats which weren't cleared when there were no stats for signature processing

Merge pull request #2656 in SNORT/snort3 from ~KAMURTHI/snort3:ha_appid to master

Squashed commit of the following:

commit 040522d0063caca6466e808eeeb0bbd44a9e277e
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun Nov 15 11:58:35 2020 -0500

appid: add support for apps, http host, url and tls host in HA

Merge pull request #2657 in SNORT/snort3 from ~SATHIRKA/snort3:dhcp_fp_unified to master

Squashed commit of the following:

commit d37742db24cf3a3aae8e30d0df0a310347911d97
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Dec 3 12:58:16 2020 -0500

rna: Use service ip and port provided by appid for DHCP discovery events

Merge pull request #2645 in SNORT/snort3 from ~NEHASH4/snort3:key_mismatch to master

Squashed commit of the following:

commit 567db0ec9a92eeab9ca8d915f01d8d8f96273d0f
Author: Neha Sharma <nehash4@cisco.com>
Date: Mon Nov 30 04:48:26 2020 -0500

high_availability: Adding the check for packet key equals ha key before consume

Merge pull request #2647 in SNORT/snort3 from ~RDEMPSTE/snort3:removed_inspectors to master

Squashed commit of the following:

commit 7225fb279cd1e10e52599be338717df86035b943
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Tue Dec 8 08:00:54 2020 -0500

    packet_tracer: Fix the debug session information for non-ip packets

commit d9a1d78c903830f71fbe33dc834912204e7f6579
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Wed Dec 2 11:52:54 2020 -0500

    stream: fix stream clean up when going from enabled to disabled

commit 5e6d47c4f4b8370769bb30a88e706ceccb5899ba
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Wed Nov 25 13:51:08 2020 -0500

    managers: don't allow a referenced inspector to stall emptying the trash

commit 1843e30d47f5083a2d84f0061ba56d97dd2b0fe7
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date:   Sat Dec 5 08:02:49 2020 -0500

    managers: track removed inspectors during reload and call tear_down and tterm to release resources

Merge pull request #2658 in SNORT/snort3 from ~MIALTIZE/snort3:catch_update to master

Squashed commit of the following:

commit 8ade74b146db3de41d78a540a1f083793fd02322
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Dec 8 18:09:05 2020 -0500

    build: Clean up various cppcheck warnings

commit 515fdcc0e0d733396c13a256d46fde3087540b55
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Sep 8 11:07:35 2020 -0400

    catch: Avoid using INTERNAL_CATCH_UNIQUE_NAME in our headers

commit 2084175f47ec1007db9952518670d93d9382e8fe
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Dec 8 17:48:18 2020 -0500

    catch: Update to Catch v2.13.3

Merge pull request #2651 in SNORT/snort3 from ~ARMANDAV/snort3:rna_perf to master

Squashed commit of the following:

commit 2e694a09af5ebd6b65fefc0d1d6cefc498e40122
Author: Arun Mandava <armandav@cisco.com>
Date: Mon Nov 23 12:54:13 2020 -0500

rna: Reduce host cache lock usage to improve performance

Merge pull request #2652 in SNORT/snort3 from ~MDAGON/snort3:response_depth to master

Squashed commit of the following:

commit 96069fe351ed5344e37c0b4ca75866cd99e1bbc9
Author: mdagon <mdagon@cisco.com>
Date: Fri Dec 4 12:08:47 2020 -0500

http2_inspect: handle discard