git.ipfire.org Git - thirdparty/snort3.git/log

Merge pull request #2639 in SNORT/snort3 from ~STECHEW/snort3:control_request_fix_shared_ptr to master

Squashed commit of the following:

commit ac1f3fa3866ba47d09512acc3fb3e969b27f5603
Author: Steve Chew <stechew@cisco.com>
Date: Fri Nov 20 11:48:19 2020 -0500

main: convert Request to shared_ptr to avoid memory problems.

Merge pull request #2609 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_ha_deactive to master

Squashed commit of the following:

commit e5fe144e3e7b55dd493680d3730ed31664776083
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Nov 10 09:49:42 2020 -0500

stream_ha: only flush on ha deactivate if not in STANDBY, set ha state to STANDBY when new Flow created

Merge pull request #2608 in SNORT/snort3 from ~SHRARANG/snort3:lua_sandbox to master

Squashed commit of the following:

commit bd0c2a888b69a9791bb2b8dd196c8a6fdd53ca1c
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Fri Jul 31 12:05:26 2020 -0400

    shell: support for loading configuration in lua sandbox

    Load snort configuration in a Lua sandbox. Sandbox configuration file can be specified
    with the command line option "--lua-sandbox". Snort expects this file to contain a Lua
    table named sandbox_env. sandbox_env should specify a list of allowed Lua functions.
    This table is used as the sandbox environment. Snort loads the following in the sandbox:
     - top-level configuration file specified by command line option "-c"
     - subpolicy files
     - all of the included files in above files and also files included in the included files
     - configuration overrides specified with command line option "--lua"
    If any of the above use Lua functionality not allowed in sandbox_env, snort will exit with
    a fatal error.

Merge pull request #2625 in SNORT/snort3 from ~DERAMADA/snort3:interfaces_fix to master

Squashed commit of the following:

commit 5b862eeddb95eb76cba66efb8ce0b4a836b87630
Author: Deepak Ramadass <deramada@cisco.com>
Date: Tue Nov 17 11:09:55 2020 -0500

stream_tcp: set interfaces in both directions

Merge pull request #2640 in SNORT/snort3 from ~SMINUT/snort3:data_purge to master

Squashed commit of the following:

commit a6bd13f8bafcf6c639ca28303a97309d860b0079
Author: Silviu Minut <sminut@cisco.com>
Date: Mon Nov 23 18:19:29 2020 -0500

rna: support data purge command

Merge pull request #2649 in SNORT/snort3 from ~SATHIRKA/snort3:dump_userappid_conf to master

Squashed commit of the following:

commit b95f65c4330ecf0758c267356413fced7b29d781
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Mon Nov 30 15:43:53 2020 -0500

    cppcheck

commit 51eb4856a7f9ef6e9654e6d4b7a1c6b6126f3af7
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Wed Nov 25 17:03:22 2020 -0500

    appid: Dump userappid configurations upon reloading third-party

Merge pull request #2641 in SNORT/snort3 from ~KATHARVE/snort3:h2i_ss_fix to master

Squashed commit of the following:

commit 59e4058b0b81e8c526ace95e04589dbcae6632ab
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Nov 24 11:05:24 2020 -0500

http2_inspect: fix empty queue access and some bookkeeping

Merge pull request #2634 in SNORT/snort3 from ~OSERHIIE/snort3:bug_CSCvv38951 to master

Squashed commit of the following:

commit b4a2526daa76194707d882be2656afc89fd164b0
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Mon Nov 23 15:47:52 2020 +0200

    inspector_manager: search for an instance considering inspector type

        * inspector_manager: update instance search API to pass inspector type
        * binder: specify inspector type when getting an instance

Merge pull request #2569 in SNORT/snort3 from ~NEHASH4/snort3:null_flow_crash to master

Squashed commit of the following:

commit fa300bfbf81b674b23c18de4ee80ffad10e9ec2d
Author: Neha Sharma <nehash4@cisco.com>
Date: Fri Oct 23 03:01:20 2020 -0400

dce_rpc: fixed incorrect accessing of FileFlows while pruning the flow

Merge pull request #2643 in SNORT/snort3 from ~SATHIRKA/snort3:dhcp_fp_decrypt_store to master

Squashed commit of the following:

commit eb8a898bfbd86b6e7daf74acac95f5d604e8e2a9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Nov 24 15:32:47 2020 -0500

rna: Remove unused function

Merge pull request #2629 in SNORT/snort3 from ~MMATIRKO/snort3:active_fix to master

Squashed commit of the following:

commit 41c21f977ec4d6b040353937c7c2f5511a8975f2
Author: Michael Matirko <mmatirko@cisco.com>
Date:   Fri Nov 20 09:36:58 2020 -0500

    active: Fix falling back on using raw IP for active responses when no device is specified

    This only takes effect when the DAQ module does not support injection.

Merge pull request #2638 in SNORT/snort3 from ~SBAIGAL/snort3:shell_core_fix to master

Squashed commit of the following:

commit 0058db07c7aaa0690898c550a2b5310b25a7feb3
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Nov 23 15:31:21 2020 -0500

reload: reset default policies after failed reload

Merge pull request #2636 in SNORT/snort3 from ~SATHIRKA/snort3:reload_tp_fix to master

Squashed commit of the following:

commit 01f04c1fc93fe47a35064224fb695d1dbf8d54b1
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Nov 20 10:52:28 2020 -0500

appid: Mark reload third-party complete after unloading old library and creating new third-party context

Merge pull request #2642 in SNORT/snort3 from ~THOPETER/snort3:h2i18 to master

Squashed commit of the following:

commit fe4ebaed9bd43d59603aaee23890cbd7e3ae740e
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Nov 23 15:55:12 2020 -0500

http2_inspect: HI error handling improvements

Merge pull request #2637 in SNORT/snort3 from ~MIALTIZE/snort3:metabegone to master

Squashed commit of the following:

commit 60f61048379b17f9a577bfaa78cd90e51dd75153
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Nov 23 12:17:22 2020 -0500

    snort: Add OopsHandlerSuspend for suspending Snort's crash handler

    This is an RAII-style mechanism that will uninstall Snort's "oops"
    handler when created and reinstall it when it goes out of scope.

commit f4f202749f27de376b63f6cc353dbe45c1a4661b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Nov 23 11:47:06 2020 -0500

    helpers: Handle SIGILL and SIGFPE with the oops handler

commit 49ba9014e5df70bc3c78be25569e092aad38b642
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Nov 20 15:58:41 2020 -0500

    inspector_manager: Remove unused inspector_exists_in_any_policy() function

commit 731ee59c29b04ee0baaa903860a7596d4c5ea046
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Nov 20 15:56:58 2020 -0500

    inspector: Remove obsolete metapacket processing functionality

Merge pull request #2631 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_init_alerts_array to master

Squashed commit of the following:

commit 64ec6d368b42815ad17ae05c6871490e034c80ee
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Nov 20 09:39:25 2020 -0500

stream_tcp: initialize the alerts array to empty when a TcpReassembler instance is initialized or reset

Merge pull request #2630 in SNORT/snort3 from ~MDAGON/snort3:h2i_err2 to master

Squashed commit of the following:

commit 89ff0a660518e90ad8cbf8dc7557d70d913b1490
Author: mdagon <mdagon@cisco.com>
Date: Thu Nov 12 16:01:31 2020 -0500

http2_inspect: check for invalid flags

Merge pull request #2618 in SNORT/snort3 from ~THOPETER/snort3:h2i17 to master

Squashed commit of the following:

commit 58296aa1e56005645325b178504e68f3278b7f0d
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Nov 9 12:36:10 2020 -0500

http2_inspect: improve error handling

Merge pull request #2633 in SNORT/snort3 from ~RDEMPSTE/snort3:export_forwarding_packet to master

Squashed commit of the following:

commit 3bdb73fff9ce36714c447ac5755c969287a75462
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Nov 18 14:57:13 2020 -0500

packet_io: export forwarding_packet function

Merge pull request #2632 in SNORT/snort3 from ~MMATIRKO/snort3:rna_tabs to master

Squashed commit of the following:

commit c5b2f7783477161450f5188f0eeaf783557c5956
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Nov 20 09:48:36 2020 -0500

rna: replace some tabs with spaces as per style guidelines

Merge pull request #2624 in SNORT/snort3 from ~MMATIRKO/snort3:cdp to master

Squashed commit of the following:

commit 2f63f2b745c53ad2a62bb3563d3c05248662bc54
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Nov 18 12:54:25 2020 -0500

rna: generate new host event for CDP traffic

Merge pull request #2626 in SNORT/snort3 from ~KATHARVE/snort3:binder to master

Squashed commit of the following:

commit 08ec70c0f5695bc204a00b5a11c580daeac6b1d8
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Nov 17 11:41:09 2020 -0500

binder: pass service to get_bindings on flow service change

Merge pull request #2617 in SNORT/snort3 from ~SHRARANG/snort3:appid_http_fixes to master

Squashed commit of the following:

commit b7ab85456eef818f937b46a2451a2de19c1961cc
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Fri Nov 13 16:35:59 2020 -0500

    appid: do not override http fields with empty values

commit adcccb07de640c0298b5cf4c89da19fe36d6a436
Author: Shravan Rangaraju <shrarang@cisco.com>
Date:   Fri Nov 13 16:35:29 2020 -0500

    appid: for http2 flow, return service id as http2 when no streams are yet created

Merge pull request #2613 in SNORT/snort3 from ~KATHARVE/snort3:h2i_headers_close to master

Squashed commit of the following:

commit 85d3938fcd179b22ee2bceac441be1b1d9049738
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Oct 29 12:39:05 2020 -0400

http2_inspect: handle connection close during headers frames

Merge pull request #2621 in SNORT/snort3 from ~KAMURTHI/snort3:lua_detector_error to master

Squashed commit of the following:

commit 15669449030f36a201602d455658d4c705264d0c
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Nov 16 07:31:28 2020 -0500

appid: print more descriptive error message when lua detector registers invalid pattern.

Merge pull request #2622 in SNORT/snort3 from ~BBANTWAL/snort3:help_module_itype to master

Squashed commit of the following:

commit 9316db8c7d65535e9c18bbe2df04914760e8423e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Nov 16 18:32:09 2020 -0500

managers: add inspector type in the help module output

Merge pull request #2616 in SNORT/snort3 from ~MASHASAN/snort3:exp_request to master

Squashed commit of the following:

commit 0f308941c37f049b2a4e2b0719d82697d6c0a5e0
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Nov 12 19:56:02 2020 -0500

request: Expose methods to be used in plugins

Merge pull request #2596 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala to master

Squashed commit of the following:

commit 51d44ef769bddb1616445b20425a069a090cdf01
Author: krishnakanth <vkambala@cisco.com>
Date: Wed Nov 4 02:19:18 2020 -0500

file_api: handling resume block when multiple file rules are configured with store option enabled

Merge pull request #2615 in SNORT/snort3 from ~SBAIGAL/snort3:host_attr_fix to master

Squashed commit of the following:

commit e4720b210f3c993e9bf55c1680bfe910c762b810
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Nov 10 19:09:45 2020 -0500

host_attributes: better error handling for reload to eliminate double free and memory leaks

Merge pull request #2605 in SNORT/snort3 from ~SATHIRKA/snort3:rna_dhcp_fp_framework to master

Squashed commit of the following:

commit 1b3cbac56c1965b568232d886c6bb5913c18e5c9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Sep 21 17:29:55 2020 -0400

rna: Support DHCP fingerprint matching and event generation

Merge pull request #2610 in SNORT/snort3 from ~SHASLAD/snort3:language_correction_1 to master

Squashed commit of the following:

commit 40baacb8e5f963d60e6abf34f3d12cb2174f023b
Author: Shashi Lad <shaslad@cisco.com>
Date:   Tue Nov 10 09:28:18 2020 -0500

    appid: change terms used in code, logs and peg counts

commit 10e1181a941eda0805666dc3da48cbba35806636
Author: Shashi Lad <shaslad@cisco.com>
Date:   Tue Nov 10 09:28:08 2020 -0500

    shell: change terms used in code, logs and peg counts

Merge pull request #2620 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_5 to master

Squashed commit of the following:

commit 8e5ce3384dd09812f970867573d0b7dae26327cf
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Nov 16 12:05:34 2020 -0500

    build: Generate and tag 3.0.3 build 5

commit 392ec3ea76e567eeb8805312a577d3d0e10a0bc4
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Nov 4 11:43:54 2020 -0500

    flow: Flesh out swap_roles() to swap more client/server fields

Merge pull request #2612 in SNORT/snort3 from ~BRASTULT/snort3:byte_math_cursor_fix to master

Squashed commit of the following:

commit a24ffdb10189a6022716a9e9e7f5521c1604461e
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Nov 10 13:18:23 2020 -0500

ips_options: don't move cursor in byte_math

Merge pull request #2607 in SNORT/snort3 from ~MASHASAN/snort3:user_logins to master

Squashed commit of the following:

commit 3010559b529e126340058c30dec48457493ddb4a
Author: Masud Hasan <mashasan@cisco.com>
Date: Sun Nov 8 21:13:23 2020 -0500

rna: Support user login failure discovery

Merge pull request #2602 in SNORT/snort3 from ~MMATIRKO/snort3:delete_pld to master

Squashed commit of the following:

commit 9ce30c2e4c67083106e3d5b3ccacc1c58cf6c3a6
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Nov 4 12:28:30 2020 -0500

rna: delete payloads when clients, services are deleted; add unit tests

Merge pull request #2606 in SNORT/snort3 from ~ARMANDAV/snort3:rna_service to master

Squashed commit of the following:

commit dd50d18bef501ad08df34b257bd7d84d3265921b
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Nov 5 21:53:49 2020 -0500

rna: support change service event with null version and vendor

Merge pull request #2598 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_meta-ack_tweaks to master

Squashed commit of the following:

commit 66fac93883643ab1106370c80dbe6c83920f431d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Nov 4 12:45:37 2020 -0500

stream_tcp: remove redundant/unneeded asserts that check if tcp event is for a meta-ack psuedo-packet

Merge pull request #2588 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_refactor to master

Squashed commit of the following:

commit 2f992d73028bc9d9f803856790ffb59a085c725a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Oct 27 14:35:20 2020 +0200

trace: add missing packet information to some of the messages

Merge pull request #2595 in SNORT/snort3 from ~KDEWANGA/snort3:ftp_test to master

Squashed commit of the following:

commit 2cd7609ecc9008ca733be3cabb7ff3aacdb01fc1
Author: kdewanga <kdewanga@cisco.com>
Date: Wed Nov 4 04:48:06 2020 -0500

ftp: Handling FTP detection when ftp data segment size changes

Merge pull request #2597 in SNORT/snort3 from ~MDAGON/snort3:injector_refactor to master

Squashed commit of the following:

commit 309221de1466bd5bcabf52c70960da18648f1291
Author: mdagon <mdagon@cisco.com>
Date: Wed Oct 28 14:45:49 2020 -0400

payload_injector: refactoring

Merge pull request #2603 in SNORT/snort3 from ~THOPETER/snort3:h2i16 to master

Squashed commit of the following:

commit 682542cf2fdb9d56f109e64a7df782f5100ad778
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Nov 5 15:52:09 2020 -0500

http2_inspect: refactor data cutter

Merge pull request #2586 in SNORT/snort3 from ~MMATIRKO/snort3:rna_segv to master

Squashed commit of the following:

commit a1012cf0fc48e199d65bf7537c0bd519dba0a221
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Nov 2 18:28:25 2020 -0500

rna: don't process packet in eval if eth bit not set

Merge pull request #2601 in SNORT/snort3 from ~THOPETER/snort3:h2i15 to master

Squashed commit of the following:

commit f35d413cb1bb34ade07ef07468708568e2b8d8e4
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Nov 2 17:49:48 2020 -0500

http2_inspect: refactoring scan()

Merge pull request #2579 in SNORT/snort3 from ~SATHIRKA/snort3:client_login_failure to master

Squashed commit of the following:

commit 2e0205b16c0c50de6348a5b7a5999eb0aa59d483
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Oct 23 16:35:57 2020 -0400

appid: Support client login failure event

Merge pull request #2600 in SNORT/snort3 from ~MDAGON/snort3:h2i_const to master

Squashed commit of the following:

commit 13312b5b7633695aae4db9b8e929d2ee1e2076fe
Author: mdagon <mdagon@cisco.com>
Date: Thu Nov 5 10:16:18 2020 -0500

http2_inspect: remove const cast

Merge pull request #2594 in SNORT/snort3 from ~KAMURTHI/snort3:http2_https to master

Squashed commit of the following:

commit 05c21e9ad5c54b6cd37ba55ad9e3324a3bb0e290
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Nov 2 12:11:14 2020 -0500

appid: prefix http/2 decrypted url with "https://

Merge pull request #2592 in SNORT/snort3 from ~SMINUT/snort3:host_cache_ipv6 to master

Squashed commit of the following:

commit c540602d306a1700efb69a7389cefcd25ee7e8e3
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Oct 30 14:06:18 2020 -0400

host_tracker: ignore IP family when comparing SfIp keys in the host cache

Merge pull request #2566 in SNORT/snort3 from ~SHRARANG/snort3:appid_cppcheck to master

Squashed commit of the following:

commit 2770cb1dfb5f4cecedb478b0118df2d42a898de1
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Oct 22 10:43:47 2020 -0400

appid: handle cppcheck warnings

Merge pull request #2565 in SNORT/snort3 from ~MMATIRKO/snort3:delete_mac to master

Squashed commit of the following:

commit 584d6d7e0b4c65d3bc3ae3decad2f943645e3a17
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Oct 21 13:34:48 2020 -0400

rna: add command to delete MAC hosts and protos

Merge pull request #2568 in SNORT/snort3 from ~SVLASIUK/snort3:global_log_quiet to master

Squashed commit of the following:

commit e3d825a4b74e8c8d806a88bf877204bbf29ebdec
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Wed Oct 28 14:22:20 2020 +0200

main: set up logging flags globally to avoid dependencies on a particular SnortConfig object

Merge pull request #2593 in SNORT/snort3 from ~KBHANDAN/snort3:crunch_crash to master

Squashed commit of the following:

commit e515bbe448f601c91e70a283a62b71277e855331
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Sun Nov 1 23:02:04 2020 -0500

flow: Return correct type from the release stub method

Merge pull request #2591 in SNORT/snort3 from ~RDEMPSTE/snort3:client_initiated to master

Squashed commit of the following:

commit b7963787f1eef302a1641d66054620152e73bf67
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Oct 30 11:20:16 2020 -0400

flow: Set client initiated flag based on DAQ reverse flow flag, track on syn config, and syn-ack packet

Merge pull request #2585 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp3_final to master

Squashed commit of the following:

commit 0c21bbf58fcc70d1e1cbb758589796a442b97ebb
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Oct 15 16:30:25 2020 -0400

http2_inspect: send push_promise frames through http_inspect

Merge pull request #2590 in SNORT/snort3 from ~MDAGON/snort3:rm_hdrs to master

Squashed commit of the following:

commit 5f02d52f6d51291501a4021a39535778344d9e0c
Author: mdagon <mdagon@cisco.com>
Date: Fri Oct 23 10:36:35 2020 -0400

payload_injector: remove content length and connection for HTTP/2

Merge pull request #2581 in SNORT/snort3 from ~SBAIGAL/snort3:late_starttls to master

Squashed commit of the following:

commit 0becc1e83d942d1bd85cb00b08a368a7264ac054
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Oct 26 16:37:52 2020 -0400

smtp: make sure the ssl search abandoned flag is preserved for reset

Merge pull request #2576 in SNORT/snort3 from ~KAMURTHI/snort3:ha_unit_null_ptr to master

Squashed commit of the following:

commit 5d9446101726b7d3fe40b17d5fa0318fc0e160e9
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun Oct 25 23:45:44 2020 -0400

appid: unit test to verify HA data for flow unmonitored by appid.

Merge pull request #2584 in SNORT/snort3 from ~ARMANDAV/snort3:rna_banner to master

Squashed commit of the following:

commit df9cb417f28ffe3d630936781d1698bd2ec27bef
Author: Arun Mandava <armandav@cisco.com>
Date: Tue Oct 27 23:13:54 2020 -0400

rna: Discover banner on service version or response events

Merge pull request #2589 in SNORT/snort3 from ~MASHASAN/snort3:log_tid to master

Squashed commit of the following:

commit 79590d9aa276ef75ad2d58ec0b5772fe852a43ef
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Oct 27 15:17:04 2020 -0400

thread_config: Show thread id when logging binding information

Merge pull request #2587 in SNORT/snort3 from ~THOPETER/snort3:h2i14 to master

Squashed commit of the following:

commit 813cf2836d88aaff8f3dd6735dc1a8c04000cadb
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Oct 28 18:07:52 2020 -0400

http2_inspect: multi-segment reassemble discard bug fix

Merge pull request #2555 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp2_rebase to master

Squashed commit of the following:

commit cc9826e066395ea0c703c29dd4572853561e24f8
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Oct 14 10:46:52 2020 -0400

http2_inspect: perform hpack decoding on push_promise frames

Merge pull request #2575 in SNORT/snort3 from ~THOPETER/snort3:h2i13 to master

Squashed commit of the following:

commit 0a30ffd77476eb92a410880dbb53769f37496fd1
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Oct 8 19:17:09 2020 -0400

http2_inspect: Data frame redesign

Merge pull request #2411 in SNORT/snort3 from ~KBHANDAN/snort3:cant_drop_keep_flow to master

Squashed commit of the following:

commit 6e55f9f908a913e223d29a5dc7c6722a15927437
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Wed Aug 19 15:09:58 2020 -0400

flow: do not remove the flow during pruning/reload during IPS event with block action

Merge pull request #2580 in SNORT/snort3 from ~ARMANDAV/snort3:rna_banner to master

Squashed commit of the following:

commit ce08354fcfaf79ee973c489c1ad439fa34657fe5
Author: Arun Mandava <armandav@cisco.com>
Date: Thu Oct 15 20:58:37 2020 -0400

rna: Support banner discovery

Merge pull request #2582 in SNORT/snort3 from ~DAVMCPHE/snort3:rna_host_type_log_mac to master

Squashed commit of the following:

commit 373c4aec7507a879b7564900c0f462a6badc667d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Oct 23 09:38:39 2020 -0400

rna: log src mac from packet containing CDP message when host type change event is generated

Merge pull request #2583 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_4 to master

Squashed commit of the following:

commit 8f13561e286e5c834a75c2ef71c24ff8bdd0058e
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 27 14:14:27 2020 -0400

build: Generate and tag 3.0.3 build 4

Merge pull request #2522 in SNORT/snort3 from ~OSERHIIE/snort3:custom_vars_wo_suffixes to master

Squashed commit of the following:

commit 368ff259fb2f0e37e297dd82b46ce71a2bbfc1e2
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date:   Thu Sep 24 19:48:37 2020 +0300

    ips: move IPS variables to sub-tables which designates type

        * main: snort supports ips.variables.nets/.paths/.ports tables to specify custom variables regardless suffixes (_PATH, _PORT, _NET and _SERVER)
        * lua: update default_variables with 'nets', 'paths' and 'ports' tables in snort_defaults.lua
        * managers, parser, ports: rid-off obsolete code for variables parsing relying on the suffixes
        * snort_module: remove support for -S option
        * tools: snort2lua converts custom variables into ips.variables.nets/.paths/.ports tables
        * doc: update upgrade/differences.txt

Merge pull request #2573 in SNORT/snort3 from ~MDAGON/snort3:h2_inject_big to master

Squashed commit of the following:

commit 6cbee883ef13974c2fa3daf7794fda64fc743edb
Author: mdagon <mdagon@cisco.com>
Date: Tue Sep 22 15:12:36 2020 -0400

payload_injector: support page > 16k

Merge pull request #2561 in SNORT/snort3 from ~OKHOMIAK/snort3:trace_add_timestamps to master

Squashed commit of the following:

commit 306574431a9c2ddc00edfa11f37ae29d3bd77222
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Mon Oct 12 13:18:36 2020 +0300

trace: add timestamps in trace log messages for stdout logger

Merge pull request #2564 in SNORT/snort3 from ~MASHASAN/snort3:fp_tcp_cov to master

Squashed commit of the following:

commit 0548a9359cc6bd7c8438ee33ca246c57e7e622e2
Author: Masud Hasan <mashasan@cisco.com>
Date: Sun Oct 18 12:33:23 2020 -0400

rna: Adding unit-tests for tcp fingerprint methods

Merge pull request #2570 in SNORT/snort3 from ~MDAGON/snort3:doc_react2 to master

Squashed commit of the following:

commit 5a8126c7228ba454e3e187e2f524e3b8bf6de5a7
Author: mdagon <mdagon@cisco.com>
Date: Wed Oct 21 10:43:04 2020 -0400

actions: react supports HTTP/2

Merge pull request #2571 in SNORT/snort3 from ~MDAGON/snort3:react2 to master

Squashed commit of the following:

commit 83f8deb2a7dd18a555f348ae36cf4ee81da612fe
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 28 14:15:25 2020 -0400

actions: react supports HTTP/2

Merge pull request #2574 in SNORT/snort3 from ~MIALTIZE/snort3:zero_init to master

Squashed commit of the following:

commit d544e08894a7286b156c886e13c1df1c88b62492
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 23 15:10:34 2020 -0400

src: Clean up zero-initialization of arrays

Merge pull request #2572 in SNORT/snort3 from ~MIALTIZE/snort3:osx to master

Squashed commit of the following:

commit 0e9e61caa01b08858aa35b4210d4f28bbe054c45
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Oct 23 13:49:02 2020 -0400

build: Various build fixes for OS X

Merge pull request #2560 in SNORT/snort3 from ~OSERHIIE/snort3:wunused_private_field_fix to master

Squashed commit of the following:

commit becffddb7df47b21e89766fee3c1d7b5eadd970c
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Oct 21 20:06:58 2020 +0300

appid: fix -Wunused-private-field Clang warning in service_state.h

Merge pull request #2563 in SNORT/snort3 from ~OSHUMEIK/snort3:module_of_list_type to master

Squashed commit of the following:

commit 11e56a92ba84f1a3dfb8c7a5a370a889207fe9fc
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Tue Oct 20 16:14:22 2020 +0300

    module: fix modules that accept their configuration as a list

    The following modules accept their configuration as a list:
    FileConnectorModule
    TcpConnectorModule
    SideChannelModule

commit 683ba5fc7849a3e92991634e4a3f5e34180fb069
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date:   Wed Oct 21 14:29:36 2020 +0300

    framework: fix ConnectorConfig dtor to be virtual

Merge pull request #2556 in SNORT/snort3 from ~NEHASH4/snort3:file_capture_crash to master

Squashed commit of the following:

commit 84f72acbf7af1616816bc32330db415f73706eef
Author: Neha Sharma <nehash4@cisco.com>
Date: Thu Oct 15 07:25:33 2020 -0400

file_api: file_mempool deletion removed

Merge pull request #2567 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_3_build_3 to master

Squashed commit of the following:

commit 7831cf47677e9dcc582b749506a3c8ac4511e907
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 22 13:12:40 2020 -0400

    build: Generate and tag 3.0.3 build 3

commit 3825914a2ec69fbafc36f821698e98a9f80b9996
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 22 12:58:02 2020 -0400

    doc: Tweak the template regex in get_differences.rb

commit eb26281082e259f883394785728215eff7217d38
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Oct 22 11:29:11 2020 -0400

    style: Clean up accumulated tabs and trailing whitespace

Merge pull request #2544 in SNORT/snort3 from ~SVLASIUK/snort3:snort_upgrade_doc to master

Squashed commit of the following:

commit 67d68cd61b13cf5c10f0e19a1df3923c064576a4
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon Oct 12 18:38:49 2020 +0300

snort2lua: update comments for deleted rule_state options

Merge pull request #2534 in SNORT/snort3 from ~SELYSENK/snort3:wizard_dump_config to master

Squashed commit of the following:

commit c9a30bcd84350ec29b7e05a10dadf0740605a25d
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Oct 8 16:35:43 2020 +0300

dump_config: don't print names for list elements

Merge pull request #2527 in SNORT/snort3 from ~STECHEW/snort3:ips_infinite_loop to master

Squashed commit of the following:

commit acc6832a9d351f2376404f3be7596c29e93993f8
Author: Steve Chew <stechew@cisco.com>
Date: Thu Oct 1 15:45:47 2020 -0400

ips_options: Fix retry calculation in IPS content when handling "within" field.

Merge pull request #2535 in SNORT/snort3 from ~SMINUT/snort3:host_cache_delete to master

Squashed commit of the following:

commit 32ab85e5f1d63379315b7af44570c31b397b5f08
Author: Silviu Minut <sminut@cisco.com>
Date:   Thu Oct 8 16:24:16 2020 -0400

    host_cache: delete host, network protocol, transport protocol, client, service, tcp fingerprint and user agent fingerprint commands

    host_tracker: implement client and server delete commands

Merge pull request #2558 in SNORT/snort3 from ~SBAIGAL/snort3:ftps_fix_datach to master

Squashed commit of the following:

commit 1afc79c97017e8d5b26ced00f6c4e868a4669066
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Oct 19 15:05:31 2020 -0400

ftp_data: add can_start_tls() support and generate ssl search abandoned event for unencrypted data channels

Merge pull request #2521 in SNORT/snort3 from ~SELYSENK/snort3:trace_segfault to master

Squashed commit of the following:

commit dcb8788f355a62d51885ee1d399a7cab90f4ed45
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Mon Oct 5 17:26:20 2020 +0300

trace: skip trace reload if no initial config present

Merge pull request #2545 in SNORT/snort3 from ~MMATIRKO/snort3:payload_disco_2 to master

Squashed commit of the following:

commit 926aadab5dd20e0373a92b425d31fae49a4385e8
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Oct 8 16:26:44 2020 -0400

rna: change logic for payload discovery, eventing

Merge pull request #2557 in SNORT/snort3 from ~MIALTIZE/snort3:default_variables to master

Squashed commit of the following:

commit 1a8c1d7df4088bf0db4531f71ebd8ed21b1396e4
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Oct 19 12:19:57 2020 -0400

lua: Use default IPS variables in the default config

Merge pull request #2542 in SNORT/snort3 from ~KAMURTHI/snort3:posix_tar_archive to master

Squashed commit of the following:

commit eceedb48a0ab5f7eeb8e6d5cde64b103dd299b74
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Oct 12 00:45:07 2020 -0400

file-magic: Update POSIX tar archive pattern

Merge pull request #2550 in SNORT/snort3 from ~SATHIRKA/snort3:continue_inspection_after_tp to master

Squashed commit of the following:

commit de757ccedcdc38e0b9f718bf62f64c5814abe5bc
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Oct 14 14:54:00 2020 -0400

appid: Continue appid inspection after third-party identifies an application

Merge pull request #2554 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master

Squashed commit of the following:

commit ac3e739769eacb12b31ca004b1ec2caea5ca5e8e
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date:   Fri Oct 16 01:29:39 2020 -0400

    Revert "Merge pull request #2541 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master"

    This reverts commit 09e1a0e14d0c4db64dbcd20f8899a9b9c45b7524.

Merge pull request #2540 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pp1 to master

Squashed commit of the following:

commit 27d03d91f9629cd4565cfb17ebaf3b85fac978d0
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Oct 9 10:00:19 2020 -0400

http2_inspect: handle stream creation for push promise frames

Merge pull request #2552 in SNORT/snort3 from ~NIHDESAI/snort3:pim to master

Squashed commit of the following:

commit d80d48ee5341b105dbef5069a44a9c2f57bb8cc9
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Oct 14 06:50:39 2020 -0400

codecs: remove PIM and Mobility from bad protocol lists

Merge pull request #2551 in SNORT/snort3 from ~SHRARANG/snort3:appid_tpconn_reset_on_reload to master

Squashed commit of the following:

commit f699f86be852c8896e9f3cc08a4e8c1fafa10575
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Oct 14 15:02:11 2020 -0400

appid: do not reset third-party session after third-party reload

Merge pull request #2483 in SNORT/snort3 from ~SUNIMUKH/snort3:vrf_ph2 to master

Squashed commit of the following:

commit a6066ad3964cd8f9e9287421bf3e74784e8606d5
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Fri Sep 18 05:34:39 2020 -0400

    packet: Added two new apis to parse ingress/egress group from packet's daq pkt_hdr

commit 4be4fe1d00366a6783c0983721e3664aa49d95ca
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Mon Sep 14 10:03:31 2020 -0400

    appid: Added service group and asid in AppIdServiceStateKey

commit be8a7e982bed5463972190d148280e69e2a27238
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Mon Sep 14 09:59:01 2020 -0400

    port_scan: Added group and asid in PS_HASH_KEY

commit 4de20e74a208b9a21db3cb53edfff35f85f4d340
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Mon Sep 14 09:57:54 2020 -0400

    dce_rpc: Added ingress/egress group and asid in SmbFlowKey, Smb2SidHashKey to identify a smb session uniquely

commit 857248ede6fe26bc02cd3fd8b5e1e5a0c4c6b4a2
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date:   Mon Sep 14 09:56:43 2020 -0400

    file_api: Added ingress/egress group and asid in FileHashKey

Merge pull request #2549 in SNORT/snort3 from ~MASHASAN/snort3:ua_event to master

Squashed commit of the following:

commit e26bdf00b147ed0568fce9c4ebf7861b228b5e78
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Oct 13 21:54:03 2020 -0400

rna: Logging user-agent device information

Merge pull request #2538 in SNORT/snort3 from ~DAVMCPHE/snort3:meta_morph to master

Squashed commit of the following:

commit 8e6a6017236ac10f430ff63943a55c49d0b03c9c
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Sep 22 19:38:00 2020 -0400

    meta: dump full rule field

commit f5b89821cac206abb95feea466be8fb39b5983a3
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Sep 22 17:43:44 2020 -0400

    meta: do not dump elided header fields or default message

commit 82e448aa2afe8dfe39acdc7177421b92c14a8066
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Sep 22 17:42:59 2020 -0400

    meta: dump missing port field

Merge pull request #2548 in SNORT/snort3 from ~PRBHALER/snort3:ssh to master

Squashed commit of the following:

commit 434768b6747f526cf6907936b3ff35c3427cbd88
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Wed Oct 14 12:14:35 2020 -0400

ssh: fixing code indentation and CI breakage.

Merge pull request #2541 in SNORT/snort3 from ~PUNEETKU/snort3:vrf_same_ip to master

Squashed commit of the following:

commit 7ced046818da05917d2df20779f3c493967aa2a4
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Sun Aug 9 23:58:02 2020 -0400

codec: support for overlapping ip in different groups

Merge pull request #2553 in SNORT/snort3 from ~SUNIMUKH/snort3:initialised_flag_bits to master

Squashed commit of the following:

commit d86c2711afd226a9969e97b2cd258a430e601bed
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Thu Oct 15 02:36:43 2020 -0400

stream: Initialised flow key's flags.ubits with 0

Merge pull request #2546 in SNORT/snort3 from ~MDAGON/snort3:doc_react to master

Squashed commit of the following:

commit 17ec2015da0064afcb2a166fb43ae8e4ef669934
Author: mdagon <mdagon@cisco.com>
Date: Mon Oct 12 12:30:12 2020 -0400

actions: update react section

Merge pull request #2547 in SNORT/snort3 from ~MDAGON/snort3:react to master

Squashed commit of the following:

commit 0fa4392bc933cb6a8c8c65d1dc4378ed87f881df
Author: mdagon <mdagon@cisco.com>
Date: Mon Sep 28 14:15:25 2020 -0400

actions: use payload_injector for react

Merge pull request #2543 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_bad_meta_ack to master

Squashed commit of the following:

commit e92e548a1d23179ecdd14ffc76ec9148580f4158
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Oct 12 16:11:00 2020 -0400

stream_tcp: don't attempt to drop 'meta_ack packets', there is no wire packet for these acks