]>
git.ipfire.org Git - thirdparty/snort3.git/log
Bhagya Tholpady (bbantwal) [Tue, 25 Aug 2020 16:02:59 +0000 (16:02 +0000)]
Merge pull request #2421 in SNORT/snort3 from ~OSHUMEIK/snort3:doc_dump_config to master
Squashed commit of the following:
commit
5c61850d9548f38433bad7adf1b1e2b8da730762
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Aug 21 16:12:24 2020 +0300
doc: update the config dump in JSON format (main policy)
commit
8584173190dc92a07e381dcf84083c1ca46e030c
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Aug 11 17:27:11 2020 +0300
doc: update the config dump in JSON format (all policies)
Bhagya Tholpady (bbantwal) [Tue, 25 Aug 2020 16:02:22 +0000 (16:02 +0000)]
Merge pull request #2412 in SNORT/snort3 from ~OSHUMEIK/snort3:dump_config_top to master
Squashed commit of the following:
commit
1830d71daba5ee91ee67f1d5570f9ef2872488fe
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Aug 18 14:58:19 2020 +0300
dump_config: add --dump-config="top" to dump the main policy config only
Mike Stepanek (mstepane) [Tue, 25 Aug 2020 12:12:37 +0000 (12:12 +0000)]
Merge pull request #2405 in SNORT/snort3 from ~THOPETER/snort3:nhttp140a to master
Squashed commit of the following:
commit
9576a7b759fa2a697ae18e56ec528460ec0f5a61
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 23 13:35:10 2020 -0400
http_inspect: script detection
Mike Stepanek (mstepane) [Mon, 24 Aug 2020 20:04:20 +0000 (20:04 +0000)]
Merge pull request #2414 in SNORT/snort3 from ~KATHARVE/snort3:file_upload_fix to master
Squashed commit of the following:
commit
6dd1edc686aabf6e1803eb1803b3e67856f3385b
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Aug 11 16:53:17 2020 -0400
http_inspect: don't use the URL to cache file verdicts for uploads
Masud Hasan (mashasan) [Mon, 24 Aug 2020 19:32:09 +0000 (19:32 +0000)]
Merge pull request #2413 in SNORT/snort3 from ~MMATIRKO/snort3:update_proto to master
Squashed commit of the following:
commit
319ee476aba2c0a07accbea66c720d66230e7bef
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Aug 19 16:21:28 2020 -0400
rna: add protocols on logging host trackers
Ron Dempster (rdempste) [Fri, 21 Aug 2020 21:20:28 +0000 (21:20 +0000)]
Merge pull request #2400 in SNORT/snort3 from ~RDEMPSTE/snort3:deferred_whitelist to master
Squashed commit of the following:
commit
dcd0bdfa212159b0cf8862084a8c55a7ff1c870d
Author: rdempste <rdempste@cisco.com>
Date: Mon Aug 3 20:15:57 2020 -0400
flow: add a deferred trust class to allow plugins to defer trusting sessions
commit
5c5a962ff08973d70c9f0a29bd0aca1c3476a974
Author: rdempste <rdempste@cisco.com>
Date: Thu Jul 23 13:26:31 2020 -0400
managers: immediately stop executing inspectors when inspection is disabled
commit
ac5e78590bdd8a8ef494077443423b1fa49c7f85
Author: rdempste <rdempste@cisco.com>
Date: Thu Jul 23 13:28:26 2020 -0400
packet_io: do not allow trust unless the action is allow or trust
commit
5e0c38db8d8ac762068be67677c409c9f183d2ca
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Aug 19 15:22:28 2020 -0400
active: remove per packet prevent trust action
Steve Chew (stechew) [Fri, 21 Aug 2020 20:50:44 +0000 (20:50 +0000)]
Merge pull request #2378 in SNORT/snort3 from ~DERAMADA/snort3:imap_start_tls to master
Squashed commit of the following:
commit
95d294d06fb2a600f354dd2bd979d38bdf4bc590
Author: deramada <deramada@cisco.com>
Date: Tue Aug 4 23:39:42 2020 -0400
imap: publish OPPORTUNISTIC_TLS_EVENT on successfull completion on START_TLS,
add a new state to avoid publishing start_tls events multiple times
Bhagya Tholpady (bbantwal) [Wed, 19 Aug 2020 20:27:13 +0000 (20:27 +0000)]
Merge pull request #2382 in SNORT/snort3 from ~SVLASIUK/snort3:dump_config_json to master
Squashed commit of the following:
commit
bcba018627626465fbb8f55dacab8a6856690da3
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Aug 6 14:34:18 2020 +0300
dump_config: dump config in JSON format to stdout
add new command-line option --dump-config=all to dump
the config in JSON format
commit
67b5defe6f7a132ff62d2bd278364476cefe372c
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Wed Aug 5 17:13:33 2020 +0300
helpers: add unit tests for special characters escaping
Bhargava Jandhyala (bjandhya) [Wed, 19 Aug 2020 07:15:12 +0000 (07:15 +0000)]
Merge pull request #2408 in SNORT/snort3 from ~KBHANDAN/snort3:whd_reload to master
Squashed commit of the following:
commit
ffbbe26f3beb7a46b5bd3b9f2b28d3a2b8092a7a
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Tue Aug 18 08:56:11 2020 -0400
flow: reset the flow before removing
Masud Hasan (mashasan) [Wed, 19 Aug 2020 03:14:40 +0000 (03:14 +0000)]
Merge pull request #2401 in SNORT/snort3 from ~MMATIRKO/snort3:mac_timeout to master
Squashed commit of the following:
commit
6cdb8b1ff4a15f420a065ec4bd8b5d5dc8d24eed
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Aug 12 15:58:20 2020 -0400
rna: implement update_timeout for MAC hosts
Bhagya Tholpady (bbantwal) [Tue, 18 Aug 2020 11:59:54 +0000 (11:59 +0000)]
Merge pull request #2393 in SNORT/snort3 from ~BBANTWAL/snort3:configure_errors to master
Squashed commit of the following:
commit
f33220aa45f185a56161d5f0520c266cc5f7015e
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Aug 10 23:05:17 2020 -0400
perf_monitor: convert the perf_monitor inspector configure warnings to errors
Bhargava Jandhyala (bjandhya) [Mon, 17 Aug 2020 14:34:16 +0000 (14:34 +0000)]
Merge pull request #2288 in SNORT/snort3 from ~KBHANDAN/snort3:whd to master
Squashed commit of the following:
commit
70794b1821aa7cad2fcdd391335d8fd1eaff0ec9
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Thu Jun 25 07:48:51 2020 -0400
packet_io: Added reason for ActiveStatus WOULD
Shravan Rangarajuvenkata (shrarang) [Fri, 14 Aug 2020 20:44:35 +0000 (20:44 +0000)]
Merge pull request #2392 in SNORT/snort3 from ~KAMURTHI/snort3:reload_socket_message to master
Squashed commit of the following:
commit
13b0cba150d950d2305490c592328f1fb1a443ff
Author: kamurthi <kamurthi@cisco.com>
Date: Mon Aug 10 22:02:53 2020 -0400
appid: send swap response for reload_odp and reload_third_party commands in control thread
Bhargava Jandhyala (bjandhya) [Fri, 14 Aug 2020 07:43:16 +0000 (07:43 +0000)]
Merge pull request #2390 in SNORT/snort3 from ~DIPANDIT/snort3:file_max_limit to master
Squashed commit of the following:
commit
b8b040ea98f52b3cae6d21e1e7da9be61d796d84
Author: dipto <dipandit@cisco.com>
Date: Mon Aug 10 03:15:29 2020 -0400
file_api: Increase default max_files_per_flow limit to 128
Mike Stepanek (mstepane) [Wed, 12 Aug 2020 15:35:18 +0000 (15:35 +0000)]
Merge pull request #2397 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_2_build_5 to master
Squashed commit of the following:
commit
b8a7c1a62f1b24a9bcbf17fd88231c797d5ba02d
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Aug 12 07:45:23 2020 -0400
build: Generate and tag 3.0.2 build 5
Shravan Rangarajuvenkata (shrarang) [Wed, 12 Aug 2020 03:36:25 +0000 (03:36 +0000)]
Merge pull request #2370 in SNORT/snort3 from ~EBURMAI/snort3:dce_whitelisting to master
Squashed commit of the following:
commit
0228761ba8943f344b49d26197926b9c6f28ea68
Author: Eduard Burmai <eburmai@cisco.com>
Date: Mon Aug 3 11:24:33 2020 -0400
dce_tcp: set dce_tcp as a control channel inspector
Steve Chew (stechew) [Wed, 12 Aug 2020 01:44:45 +0000 (01:44 +0000)]
Merge pull request #2386 in SNORT/snort3 from ~SBAIGAL/snort3:ftps to master
Squashed commit of the following:
commit
24e1fa41a6b82bc793fe90015a160ac6842876a7
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jul 23 15:38:58 2020 -0400
ftp: add opportunistic TLS support
Mike Stepanek (mstepane) [Tue, 11 Aug 2020 21:51:13 +0000 (21:51 +0000)]
Merge pull request #2387 in SNORT/snort3 from ~THOPETER/snort3:h2i_finish to master
Squashed commit of the following:
commit
ad37a366a1f2414c0cefee09292cd349dfce9ada
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Aug 5 16:56:38 2020 -0400
http_inspect: finish() after partial inspection
Mike Stepanek (mstepane) [Tue, 11 Aug 2020 18:10:27 +0000 (18:10 +0000)]
Merge pull request #2391 in SNORT/snort3 from ~MDAGON/snort3:h2i_flushfix to master
Squashed commit of the following:
commit
4bbaa007fda17fc80179f3713d71e505a1a7cd4e
Author: mdagon <mdagon@cisco.com>
Date: Mon Aug 10 08:52:06 2020 -0400
http2_inpsect: fix for flush on data frame boundray w/o end of stream
Masud Hasan (mashasan) [Tue, 11 Aug 2020 17:53:22 +0000 (17:53 +0000)]
Merge pull request #2389 in SNORT/snort3 from ~MASHASAN/snort3:rna_proto to master
Squashed commit of the following:
commit
e0f9fad3d3ba658ee4af9e1eae02cfc4f791f97a
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Aug 7 19:19:03 2020 -0400
rna: Discover network and transport protocols
Bhagya Tholpady (bbantwal) [Mon, 10 Aug 2020 15:33:37 +0000 (15:33 +0000)]
Merge pull request #2373 in SNORT/snort3 from ~OSERHIIE/snort3:help_modules_json to master
Squashed commit of the following:
commit
87484e324090b3d0baa60e5a51bb4f8bc0743890
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Mon Aug 3 23:00:45 2020 +0300
cip: fix the trailing parameter for the module
commit
31bdafe40d97c6b6a37b23fda5c140ebc3c170f8
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Jul 28 23:34:13 2020 +0300
main: add printing modules help in JSON format
* main: new CLI option '--help-modules-json' is presented
* main: add support for HelpType HT_HMO_JSON
* framework: add API to expand maxN literals for ranges in Parameter
* managers: add JSON dumpers into ModuleManager
* managers: rename 'What' -> 'Help' in the output of '--help-module' CLI option
commit
87139f76fa31f68a1b796206e6201afb752d9bb6
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Jul 28 17:18:54 2020 +0300
helpers: extend printed JSON syntax
* anonymous arrays (root arrays)
* JSON keywords (null, true, false)
* printing values of floating point type
Masud Hasan (mashasan) [Fri, 7 Aug 2020 22:23:25 +0000 (22:23 +0000)]
Merge pull request #2339 in SNORT/snort3 from ~MMATIRKO/snort3:rna_mac to master
Squashed commit of the following:
commit
10b80bae582fe4fc391b26f06cd57f8e90fc5a7d
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jun 24 16:13:31 2020 -0400
Add RNA MAC-based discovery logic
Russ Combs (rucombs) [Fri, 7 Aug 2020 16:53:12 +0000 (16:53 +0000)]
Merge pull request #2375 in SNORT/snort3 from ~DAVMCPHE/snort3:stream_tcp_cleanup_only_once to master
Squashed commit of the following:
commit
8cb61ff4d038c75c12b099cb85bb9b48a7ff782e
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Aug 4 07:38:45 2020 -0400
stream_tcp: add check to prevent reentry to TCP session cleanup when flushing a pdu
Bhagya Tholpady (bbantwal) [Thu, 6 Aug 2020 22:57:44 +0000 (22:57 +0000)]
Merge pull request #2374 in SNORT/snort3 from ~BBANTWAL/snort3:set_binding_updates to master
Squashed commit of the following:
commit
00890069e6d8e1a12b4279f8baabf27cf6e0b346
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Jul 30 16:04:11 2020 -0400
managers: print the instance type of the inspector module with --help-module
commit
25e31ddc1f33ba26a9ee12f8b1cd7e9dd67b1036
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Jul 30 16:03:38 2020 -0400
framework: add an api to check if the module can be bound in the binder
Russ Combs (rucombs) [Thu, 6 Aug 2020 14:48:08 +0000 (14:48 +0000)]
Merge pull request #2379 in SNORT/snort3 from ~RUCOMBS/snort3:tcp80 to master
Squashed commit of the following:
commit
eb76760da445e01a1037f4cb6d45aaec3ba6568d
Author: russ <rucombs@cisco.com>
Date: Wed Aug 5 09:03:12 2020 -0400
lua: add tcp port 80 binding to the connectivity and balanced tweaks
Mike Stepanek (mstepane) [Thu, 6 Aug 2020 12:42:16 +0000 (12:42 +0000)]
Merge pull request #2357 in SNORT/snort3 from ~KATHARVE/snort3:ftp to master
Squashed commit of the following:
commit
0eb90fd685dadea3a9857e130e5b73fdc4e425f4
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 14 15:03:59 2020 -0400
ftp: fix direction for active data transfers;
flow: check expected flows in flow control and add direction swap flag to expected flows
Mike Stepanek (mstepane) [Thu, 6 Aug 2020 12:15:50 +0000 (12:15 +0000)]
Merge pull request #2367 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_2_build_4 to master
Squashed commit of the following:
commit
70e0c1d9a7e51c6f5edbd3b734bb9b68e36e8523
Author: Mike Stepanek <mstepane@cisco.com>
Date: Fri Jul 31 08:12:24 2020 -0400
build: generate and tag 3.0.2 build 4
Shravan Rangarajuvenkata (shrarang) [Wed, 5 Aug 2020 19:24:58 +0000 (19:24 +0000)]
Merge pull request #2371 in SNORT/snort3 from ~SATHIRKA/snort3:odp_reload_dynamic_cache to master
Squashed commit of the following:
commit
c8fd1962f309aaa6fae49b0b437404e04adb0e8a
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Aug 3 15:25:33 2020 -0400
appid: Clear service appid entries in dynamic host cache on ODP reload
Bhargava Jandhyala (bjandhya) [Wed, 5 Aug 2020 17:29:00 +0000 (17:29 +0000)]
Merge pull request #2377 in SNORT/snort3 from ~DIPANDIT/snort3:smb_cleanup_issue to master
Squashed commit of the following:
commit
a95dd780fea35355517468baedc519ae5e6c0c2f
Author: dipto <dipandit@cisco.com>
Date: Wed Aug 5 10:49:23 2020 -0400
dce_rpc: fix for smb crash while tcp session pruning
Mike Stepanek (mstepane) [Wed, 5 Aug 2020 13:59:07 +0000 (13:59 +0000)]
Merge pull request #2376 in SNORT/snort3 from ~THOPETER/snort3:nhttp147 to master
Squashed commit of the following:
commit
065b7738aaf7712fba8275f0cd83519bd79a232d
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Aug 3 15:05:23 2020 -0400
http_inspect: test tool enhancement
Bhargava Jandhyala (bjandhya) [Wed, 5 Aug 2020 13:17:32 +0000 (13:17 +0000)]
Merge pull request #2372 in SNORT/snort3 from ~NEHASH4/snort3:final_smb_changes to master
Squashed commit of the following:
commit
8d9dafa0addf0eab367debd9007efcd5bb5cea67
Author: Neha Sharma <nehash4@cisco.com>
Date: Fri Jul 31 13:02:58 2020 -0400
dce_rpc: fix for smb session cleanup issue
Bhagya Tholpady (bbantwal) [Tue, 4 Aug 2020 23:55:54 +0000 (23:55 +0000)]
Merge pull request #2366 in SNORT/snort3 from ~SVLASIUK/snort3:doc_dump_config to master
Squashed commit of the following:
commit
31cb87855ea7b8e86d56f49b44a0b9125f15743a
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Jul 28 13:45:46 2020 +0300
doc: add documentation for dumping consolidated config in text format
Bhargava Jandhyala (bjandhya) [Tue, 4 Aug 2020 07:00:53 +0000 (07:00 +0000)]
Merge pull request #2360 in SNORT/snort3 from ~NEHASH4/snort3:smb_change_file_id to master
Squashed commit of the following:
commit
9a408d06891c409da736cb3577c4496173f37120
Author: Neha Sharma <nehash4@cisco.com>
Date: Wed Jul 29 13:51:12 2020 -0400
dce_rpc: use file name hash as file id
Bhargava Jandhyala (bjandhya) [Tue, 4 Aug 2020 06:49:16 +0000 (06:49 +0000)]
Merge pull request #2356 in SNORT/snort3 from ~NEHASH4/snort3:flow_fix to master
Squashed commit of the following:
commit
6b6d8d037c4ab324336eaad20011f4c4de9a337b
Author: Neha Sharma <nehash4@cisco.com>
Date: Wed Jul 29 07:26:25 2020 -0400
flow: fixing free_flow_data logic
Bhagya Tholpady (bbantwal) [Fri, 31 Jul 2020 17:40:54 +0000 (17:40 +0000)]
Merge pull request #2334 in SNORT/snort3 from ~SVLASIUK/snort3:dump_config_text to master
Squashed commit of the following:
commit
252af2d5de8f3b68bd43e649e49d11a7c7bb742b
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 3 15:25:57 2020 +0300
main: dump consolidated config in the text format
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jul 2020 17:35:48 +0000 (17:35 +0000)]
Merge pull request #2364 in SNORT/snort3 from ~SHRARANG/snort3:appid_dns_event to master
Squashed commit of the following:
commit
70f3556fd38a9414e77ae2c752284ab25b174eec
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Jul 30 15:06:55 2020 -0400
appid: generate event notification when dns host is set
Mike Stepanek (mstepane) [Fri, 31 Jul 2020 11:45:44 +0000 (11:45 +0000)]
Merge pull request #2365 in SNORT/snort3 from ~THOPETER/snort3:nhttp145 to master
Squashed commit of the following:
commit
c26ca80f1680939468e9b55518c2a37eb7440da0
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jul 30 17:39:46 2020 -0400
http2_inspect: cleanup
Davis McPherson (davmcphe) [Wed, 29 Jul 2020 23:30:38 +0000 (23:30 +0000)]
Merge pull request #2361 in SNORT/snort3 from ~DAVMCPHE/snort3:host_attribute_peg_counts to master
Squashed commit of the following:
commit
3c8c6ce0fbce7fc2810698bfae92053444f27c7f
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Jul 29 15:18:36 2020 -0400
utils: keep deprecated attribute table pegcounts
Masud Hasan (mashasan) [Wed, 29 Jul 2020 17:13:28 +0000 (17:13 +0000)]
Merge pull request #2354 in SNORT/snort3 from ~MASHASAN/snort3:fix_ut_warning to master
Squashed commit of the following:
commit
582e004954e2ac17d048e8f2d586d76987bc2161
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Jul 28 18:12:01 2020 -0400
rna: Fix redefined macro warnings in between unit-test tools
Masud Hasan (mashasan) [Wed, 29 Jul 2020 02:31:35 +0000 (02:31 +0000)]
Merge pull request #2355 in SNORT/snort3 from ~SMINUT/snort3:tcp_fp_io_utests to master
Squashed commit of the following:
commit
5828d286745205da9201466f9f09fd2ba609f8b2
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jul 28 14:03:44 2020 -0400
rna: tcp fingerprint input and retrieval
Mike Stepanek (mstepane) [Tue, 28 Jul 2020 17:41:51 +0000 (17:41 +0000)]
Merge pull request #2352 in SNORT/snort3 from ~NENEHA/snort3:3_0_2_build_3 to master
Squashed commit of the following:
commit
0ee42eafd1626a78289220433bcf9dbd9768e208
Author: Neha Neha <neneha@cisco.com>
Date: Tue Jul 28 13:31:21 2020 -0400
build: generate 3.0.2 build 3
Mike Stepanek (mstepane) [Tue, 28 Jul 2020 17:15:33 +0000 (17:15 +0000)]
Merge pull request #2343 in SNORT/snort3 from ~MDAGON/snort3:translate to master
Squashed commit of the following:
commit
0c98ff023f2575ab3a36c8b09c6fa62de234913f
Author: mdagon <mdagon@cisco.com>
Date: Fri Jul 10 11:25:18 2020 -0400
payload_injector: add HTTP page translation
Bhagya Tholpady (bbantwal) [Tue, 28 Jul 2020 15:43:37 +0000 (15:43 +0000)]
Merge pull request #2329 in SNORT/snort3 from ~OSHUMEIK/snort3:policy_custom_variables to master
Squashed commit of the following:
commit
a0f0b195faee442a2ee63fec1e8bdf20e1b29966
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Mon Jul 6 17:23:23 2020 +0300
ips: add support for variables with each ips policy
Custom variables are for rules only.
Snort2lua creates custom variables for each ips entry.
Mike Stepanek (mstepane) [Tue, 28 Jul 2020 14:33:32 +0000 (14:33 +0000)]
Merge pull request #2332 in SNORT/snort3 from ~MDAGON/snort3:inj_h2i to master
Squashed commit of the following:
commit
01d5bf727cb31e8c6ed1e6670a097909ec90d903
Author: mdagon <mdagon@cisco.com>
Date: Mon Jul 6 13:56:57 2020 -0400
payload_injector: extend utility to support http2 (no injection)
Shravan Rangarajuvenkata (shrarang) [Tue, 28 Jul 2020 03:08:51 +0000 (03:08 +0000)]
Merge pull request #2344 in SNORT/snort3 from ~SATHIRKA/snort3:odp_reload to master
Squashed commit of the following:
commit
69b00850064d2f9c30fd53045690ac6c925edeb9
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jul 17 16:45:32 2020 -0400
appid: Support ODP reload for multiple packet threads and new session
Masud Hasan (mashasan) [Mon, 27 Jul 2020 20:34:43 +0000 (20:34 +0000)]
Merge pull request #2318 in SNORT/snort3 from ~SMINUT/snort3:fingerprint_load to master
Squashed commit of the following:
commit
b2822997b40623fc7fda065edabca1e3752d2629
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jul 7 13:07:20 2020 -0400
rna: fingerprint reader class and lookup table for tcp fingerprints
Bhagya Tholpady (bbantwal) [Mon, 27 Jul 2020 19:04:23 +0000 (19:04 +0000)]
Merge pull request #2349 in SNORT/snort3 from ~BBANTWAL/snort3:no_warn to master
Squashed commit of the following:
commit
ae9359ed4b14970d1015aee7d7bb181d312ed9da
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Sun Jul 26 14:10:29 2020 -0400
main: rename the config options to ignore flowbits and rules warnings
Mike Stepanek (mstepane) [Mon, 27 Jul 2020 13:54:00 +0000 (13:54 +0000)]
Merge pull request #2346 in SNORT/snort3 from ~THOPETER/snort3:nhttp143 to master
Squashed commit of the following:
commit
9fce119f40acb34d7bc5cfcf4ed69f62d5af0811
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jul 22 13:39:36 2020 -0400
http_inspect: do partial inspections incrementally
Mike Stepanek (mstepane) [Mon, 27 Jul 2020 13:28:39 +0000 (13:28 +0000)]
Merge pull request #2348 in SNORT/snort3 from ~THOPETER/snort3:nhttp144 to master
Squashed commit of the following:
commit
589b55a368214f4286f435e8d9d92ce2889624f4
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jul 24 17:59:43 2020 -0400
http_inspect: reduce memory used by partial inspections
Davis McPherson (davmcphe) [Sun, 26 Jul 2020 19:05:41 +0000 (19:05 +0000)]
Merge pull request #2298 in SNORT/snort3 from ~DAVMCPHE/snort3:host_attribute_thread_safe to master
Squashed commit of the following:
commit
2806b18847f7ee0bf13cad7f4f4edbfc83b8b464
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jul 24 15:42:46 2020 -0400
stream_tcp: only perform paws validation on real packets, skip this on meta-ack packets
commit
743e235cec999c7fe1fd2017f114bcc1f0ebafa2
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jul 24 12:44:35 2020 -0400
target_based: streamline host attribute table activate and swap logic on startup and reload
commit
9fdfb1f8849320ec875a6e17976f0e4578784b0c
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jun 26 14:39:01 2020 -0400
target_based: refactor host attribute to use the LruCacheShared data store class to support thread safe access
target_based: add mutex lock to ensure host service accesses are thread safe
target_based: move host attribute peg counts from the process pegs to stats specific to host attribute operations"
Steve Chew (stechew) [Fri, 24 Jul 2020 19:09:08 +0000 (19:09 +0000)]
Merge pull request #2333 in SNORT/snort3 from ~DERAMADA/snort3:init_unpriv_during_startup to master
Squashed commit of the following:
commit
9dff164defbc45e84ddd61715252d0a8562e0442
Author: deramada <deramada@cisco.com>
Date: Wed Jul 15 14:49:21 2020 -0400
active: Move Active enabled flag into SnortConfig
This fixes potential race conditions between reloads in the main thread
changing the Active state while packet threads are directly accessing
it.
Russ Combs (rucombs) [Fri, 24 Jul 2020 14:04:57 +0000 (14:04 +0000)]
Merge pull request #2338 in SNORT/snort3 from ~RUCOMBS/snort3:doc_ock to master
Squashed commit of the following:
commit
69605eb5c65c077d388eb23ed7367e7fc0932b32
Author: russ <rucombs@cisco.com>
Date: Thu Jul 23 11:29:16 2020 -0400
doc: update default text manuals
commit
e557a646ff67c6622ffe5bd92ba125eaeb3eb898
Author: russ <rucombs@cisco.com>
Date: Tue Jul 14 11:53:58 2020 -0400
doc: split Snort manual into separate user, reference, and upgrade docs.
commit
061e8c053cf9bb9a7255a0b6fe826bfe986b93eb
Author: russ <rucombs@cisco.com>
Date: Tue Jul 14 09:45:41 2020 -0400
style: fix cmake indentation
Shanmugam S (shanms) [Wed, 22 Jul 2020 18:05:58 +0000 (18:05 +0000)]
Merge pull request #2327 in SNORT/snort3 from ~SHIKV/snort3:ftp_tsan to master
Squashed commit of the following:
commit
6c71d9e82e24a98daeae47a7b66767b0e83176f0
Author: shibin kv <shikv@cisco.com>
Date: Mon Jul 13 04:01:32 2020 -0400
ftp: remove global config variable shared between multiple threads to prevent data race
Mike Stepanek (mstepane) [Wed, 22 Jul 2020 11:56:28 +0000 (11:56 +0000)]
Merge pull request #2341 in SNORT/snort3 from ~KATHARVE/snort3:h2_hi_stream_direction to master
Squashed commit of the following:
commit
3a8b5d6029da8da7a25c3f2c63d7546f52e0b3d3
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jul 21 10:59:04 2020 -0400
http2_inspect: fix stream_in_hi
Mike Stepanek (mstepane) [Tue, 21 Jul 2020 20:11:47 +0000 (20:11 +0000)]
Merge pull request #2342 in SNORT/snort3 from ~THOPETER/snort3:nhttp142 to master
Squashed commit of the following:
commit
de715737345a12998a108bfcbb6f409abe44fb41
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jul 17 13:08:04 2020 -0400
http_inspect & decompress: clean up
Michael Altizer (mialtize) [Tue, 21 Jul 2020 17:58:16 +0000 (17:58 +0000)]
Merge pull request #2325 in SNORT/snort3 from ~MIALTIZE/snort3:wizardry2 to master
Squashed commit of the following:
commit
5b1527473e3a55457a3a091e1a5e718abd9a584b
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 16 17:07:22 2020 -0400
wizard: Improve wizard tracing to indicate direction and abandonment
commit
c2cba2ec1205251803b3e501e59113e6a92737eb
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 9 18:12:48 2020 -0400
wizard: Add peg counts for abandoned searches per protocol
commit
558df5a45cfbfee4b783d84973f77a9d95dfb710
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 9 18:05:20 2020 -0400
wizard: Abort the splitter once we've hit the max PDU size
commit
04dbc4e5c9949316c70f4faf26b1c37e10da312b
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 7 18:19:18 2020 -0400
dce_rpc: Improve PAF autodetection for heavily segmented TCP traffic
commit
76b0e4f6c5faf77fa28ed45472d1ca9476e37a99
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 7 12:25:51 2020 -0400
snort_defaults: Remove the NOTIFY, SUBSCRIBE, and UPDATE HTTP methods
These methods overlap with SIP methods, where they are much more
commonly found. Until there is a priority/fallback mechanism for the
Wizard, these patterns will be retired from the HTTP spell.
commit
f5561a1697ec6ac38981e0af094bb225b70910ca
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 6 18:33:27 2020 -0400
wizard: Abandon the wizard on UDP flows after the first packet
commit
7f65256f9b6a7470ebf5737273e360fe6a1491c6
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Nov 5 17:27:10 2019 -0500
wizard: Report spell and hex configuration errors and warnings
commit
1b08923942d23744a6291cce0d39b4f24c12edbb
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Nov 5 12:58:07 2019 -0500
wizard: Properly terminate hex matching
Shravan Rangarajuvenkata (shrarang) [Mon, 20 Jul 2020 21:37:55 +0000 (21:37 +0000)]
Merge pull request #2296 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash3 to master
Squashed commit of the following:
commit
cea2b438cc8c294199adb26c56d14e005ff16c80
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jun 23 23:54:14 2020 -0400
appid: move appid data needed by external components to stash
Mike Stepanek (mstepane) [Mon, 20 Jul 2020 12:14:42 +0000 (12:14 +0000)]
Merge pull request #2335 in SNORT/snort3 from ~THOPETER/snort3:nhttp141 to master
Squashed commit of the following:
commit
c5c50405c5bab73b15c5fe10c20185cf7d34e71c
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jul 14 17:14:59 2020 -0400
http2_inpsect: fix interaction with tool tcpclose
Bhargava Jandhyala (bjandhya) [Mon, 20 Jul 2020 09:58:05 +0000 (09:58 +0000)]
Merge pull request #2336 in SNORT/snort3 from ~VKAMBALA/snort3:vkambala to master
Squashed commit of the following:
commit
edbad44b43c4aadc44075ec8327357a5e97fd511
Author: krishnakanth <vkambala@cisco.com>
Date: Fri Jul 17 01:17:13 2020 -0400
file_api : Log event generated when lookup timedout
Davis McPherson (davmcphe) [Sat, 18 Jul 2020 12:07:01 +0000 (12:07 +0000)]
Merge pull request #2337 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-bugfix to master
Squashed commit of the following:
commit
facdc89e9bc8937a7cd33d4063dc0a9a50fbdf58
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Jul 15 16:20:24 2020 -0400
stream_tcp: when clearing a session during meta-ack processing pass a nullptr as the Packet* parameter
Shravan Rangarajuvenkata (shrarang) [Fri, 17 Jul 2020 22:28:05 +0000 (22:28 +0000)]
Merge pull request #2328 in SNORT/snort3 from ~KAMURTHI/snort3:http_url_matching to master
Squashed commit of the following:
commit
891166234fa3e831efbad4cdfc3cff4ea7210cf7
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu Jul 9 16:12:37 2020 -0400
appid: For http traffic, if payload cannot be detected, set it to unknown.
Pranav Bhalerao (prbhaler) [Fri, 17 Jul 2020 12:42:47 +0000 (12:42 +0000)]
Merge pull request #2274 in SNORT/snort3 from ~PRBHALER/snort3:xff to master
Squashed commit of the following:
commit
9c8ca841e2f622eb74e04eef40fbf0d80d864cdd
Author: Pranav Bhalerao <prbhaler@cisco.com>
Date: Fri Jul 10 13:10:58 2020 -0400
pub_sub: Added a method in HttpEvent to retrieve true client-ip address from HTTP header based on priority.
Bhagya Tholpady (bbantwal) [Thu, 16 Jul 2020 01:19:40 +0000 (01:19 +0000)]
Merge pull request #2311 in SNORT/snort3 from ~OSERHIIE/snort3:trace_logger_inspector_plugin to master
Squashed commit of the following:
commit
1e5c3cb1704f6119c84b4eb38a7a9b903c99d13f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Jul 8 23:17:54 2020 +0300
doc: update extending.txt about TraceLogger plugin
commit
6d22ce349ddb432eef50c32b7d5d0844346a3ac9
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Jul 3 11:07:16 2020 +0300
trace: add support for extending TraceLogger as a passive inspector plugin
Changelist:
* extend installed headers list for 'trace'
* rename trace log files
* extend TraceApi to handle external plugins
* update dev_notes.txt and docs (Snort 3 Manual)
Michael Altizer (mialtize) [Wed, 15 Jul 2020 17:18:55 +0000 (17:18 +0000)]
Merge pull request #2331 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_2_build_2 to master
Squashed commit of the following:
commit
a5a8831003f9a69391a06e4488e9314adc96e140
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jul 15 08:27:56 2020 -0400
build: generate and tag 3.0.2 build 2
Bhagya Tholpady (bbantwal) [Wed, 15 Jul 2020 11:55:33 +0000 (11:55 +0000)]
Merge pull request #2321 in SNORT/snort3 from ~BBANTWAL/snort3:warn_all_without_rules_n_flowbits to master
Squashed commit of the following:
commit
1666ad7ae813a3891e8e61d002a6cb115156f8f7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Jul 9 00:06:51 2020 -0400
main: add config options --ignore-warn-rules and --ignore-warn-flowbits to snort module
--ignore-warn-rules ignores the warnings generated by rule parsing.
--ignore-warn-flowbits ignores the warnings generted by flowbits parsing.
Steve Chew (stechew) [Tue, 14 Jul 2020 20:06:33 +0000 (20:06 +0000)]
Merge pull request #2324 in SNORT/snort3 from ~SBAIGAL/snort3:smtp_abandon to master
Squashed commit of the following:
commit
9a6d342757678b9b98ebd106d13efdbe26fc1d90
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Jul 9 16:02:57 2020 -0400
smtp: generate SSL_SEARCH_ABANDONED event when no STARTTLS is detected
Michael Altizer (mialtize) [Tue, 14 Jul 2020 18:42:24 +0000 (18:42 +0000)]
Merge pull request #2330 in SNORT/snort3 from ~MIALTIZE/snort3:daq_stats to master
Squashed commit of the following:
commit
223dac7b6444af6d362da37fe55b5de73f256677
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jul 14 11:04:41 2020 -0400
daq: Fix calculation of outstanding packets stat to properly use the delta
Shravan Rangarajuvenkata (shrarang) [Tue, 14 Jul 2020 12:45:04 +0000 (12:45 +0000)]
Merge pull request #2320 in SNORT/snort3 from ~SATHIRKA/snort3:odp_thread_ctxt to master
Squashed commit of the following:
commit
17540080173becf49b1eb09b603c35f3eff6b2b3
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jul 7 15:19:09 2020 -0400
appid: Moving thread local ODP stuff to a new class
Shravan Rangarajuvenkata (shrarang) [Mon, 13 Jul 2020 18:43:51 +0000 (18:43 +0000)]
Merge pull request #2322 in SNORT/snort3 from ~EBURMAI/snort3:dce_smb_paf_crash to master
Squashed commit of the following:
commit
134e069a70a3fbf6d35bb5ea669296df1f9cfeaf
Author: Eduard Burmai <eburmai@cisco.com>
Date: Wed Jul 8 16:38:02 2020 -0400
dce_smb_paf: SMB ID invalid memory access
Michael Altizer (mialtize) [Sun, 12 Jul 2020 06:06:52 +0000 (06:06 +0000)]
Merge pull request #2326 in SNORT/snort3 from ~MIALTIZE/snort3:clang10 to master
Squashed commit of the following:
commit
fe095538b0db54f13f12c7f1e75b84e950aa0972
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Jul 11 15:57:21 2020 -0400
build: Fix static analyzer complaints about unused stored values
George Koikara (gkoikara) [Sat, 11 Jul 2020 16:53:59 +0000 (16:53 +0000)]
Merge pull request #2202 in SNORT/snort3 from ~BJANDHYA/snort3:feature/smb2 to master
Squashed commit of the following:
commit
cbba5e98aa31048ffbfac913d9cde0a0e7bb7238
Author: Bhargava Jandhyala <bjandhya@cisco.com>
Date: Tue Jan 21 04:07:25 2020 -0500
smb: adding support for multiple smbv2 session for same tcp connection
1. introduced new structures to process multiple smbv2 sessions parallely.
2. SMB Session Data (SSD): The session data corresponds to a single TCP session and it holds all the flow related information. This differenciats the SMB version and segegates the processing. There can be multiple SMB sessions in a single TCP connection, hence this holds a list of session trackers.
3. Session Tracker : Session tracker uniqly tracks a single SMB session. This is identified by the uniq session_id and this holds the mount points named as Tree Trackers
4. smbv2 session will be stored in global LRU cache as well as in locally in SSD with session id.
5. Tree Tracker : Tree tracker accounts the mount points in a share and this holds the file trackers for individual file transfers
6. File Tracker : file tracker is responsible for identifying a file transfer and track it from start to end. This manages all the information related to file in transit.
6. Request trackers: Request trackers are needed to track the activity of various requests. There are 2 types of request being tracked by trackers named the create request trackers and read request trackers
7. Storage abstraction: A storage abstraction is used to store all of the trackers. Currently the underlying storage is unordered map, but can be modified as needed.
Michael Altizer (mialtize) [Thu, 9 Jul 2020 22:54:07 +0000 (22:54 +0000)]
Merge pull request #2323 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-updates to master
Squashed commit of the following:
commit
8ad3cebdc0baf46bb81eecbdf6eddbc71f08fa1b
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Jul 8 11:49:29 2020 -0400
stream_tcp: meta-ack from daq is in network order not host, remove conversion from host to network
stream_tcp: process meta-ack info in any flush policy mode
Shravan Rangarajuvenkata (shrarang) [Thu, 9 Jul 2020 13:03:39 +0000 (13:03 +0000)]
Merge pull request #2309 in SNORT/snort3 from ~EBURMAI/snort3:invalid_epm_message to master
Squashed commit of the following:
commit
0ed6890e24b83651193587314b017c73fb468fec
Author: Eduard Burmai <eburmai@cisco.com>
Date: Tue Jun 30 08:32:55 2020 -0400
dce_tcp: Invalid endpoint mapper message
Mike Stepanek (mstepane) [Thu, 9 Jul 2020 12:45:07 +0000 (12:45 +0000)]
Merge pull request #2307 in SNORT/snort3 from ~KATHARVE/snort3:http_type_depth_fix to master
Squashed commit of the following:
commit
4cb98445cca7c049e14717c36b3929474c1548f3
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jun 24 10:23:26 2020 -0400
http_inspect: send MIME full message body for file processing
Bhagya Tholpady (bbantwal) [Wed, 8 Jul 2020 18:27:07 +0000 (18:27 +0000)]
Merge pull request #2319 in SNORT/snort3 from ~OSHUMEIK/snort3:clean_up to master
Squashed commit of the following:
commit
2eb1f7e3a2c2ea700c335eddd1f007df9a1e60c3
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jul 2 15:32:21 2020 +0300
binder: delete obsolete network_policy parsing code
Steve Chew (stechew) [Wed, 8 Jul 2020 16:32:26 +0000 (16:32 +0000)]
Merge pull request #2289 in SNORT/snort3 from ~SBAIGAL/snort3:smtps to master
Squashed commit of the following:
commit
31d2d5ff7283c3ca3b64796746bee57cfba75876
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Jun 10 14:14:56 2020 -0400
smtp: support opportunistic SSL/TLS switch over
Michael Altizer (mialtize) [Tue, 7 Jul 2020 23:46:26 +0000 (23:46 +0000)]
Merge pull request #2275 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack to master
Squashed commit of the following:
commit
96d510b820a6d46d0a6dd43de25677bc1c961d78
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jun 19 10:28:38 2020 -0400
stream_tcp: eliminate direct references to the Packet* wherevever possible within the TCP state machine context
stream_tcp: implement meta-ack pseudo packet as thread local that is resued on each meta-ack TSD
commit
59e6da4498451438544c50482c3a417520658841
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Jun 18 07:58:58 2020 -0400
stream_tcp: eliminate use of STREAM_INSERT_OK as return code, it conveyed no useful information and was ultimately unused
stream_tcp: coding style improvements
commit
530dde13e8ea95613dc3f1bef471a7b58c9860f0
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jun 12 18:49:37 2020 -0400
stream_tcp: implement support for processing meta-ack information when present
Mike Stepanek (mstepane) [Tue, 7 Jul 2020 14:22:36 +0000 (14:22 +0000)]
Merge pull request #2314 in SNORT/snort3 from ~KATHARVE/snort3:http_mime to master
Squashed commit of the following:
commit
0db5c997317984094889e7202890c4d9ab26f89f
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 30 15:53:48 2020 -0400
mime: mime no longer overwrites file_data buffer for http packets
Bhagya Tholpady (bbantwal) [Tue, 7 Jul 2020 11:53:55 +0000 (11:53 +0000)]
Merge pull request #2278 in SNORT/snort3 from ~SELYSENK/snort3:daq_trace_filtering to master
Squashed commit of the following:
commit
4d5212770eeb623de52709d2e915e7a17d0d4aff
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Wed Jun 17 07:35:46 2020 -0400
trace: add support for DAQ trace filtering
Skip constraints check and print trace messages when DAQ sets
DAQ_PKT_FLAG_DEBUG_ENABLED flag on a packet.
trace.constraints.match can be set to false to ignore traces for packets
without DAQ_PKT_FLAG_DEBUG_ENABLED flag.
Michael Altizer (mialtize) [Mon, 6 Jul 2020 14:45:41 +0000 (14:45 +0000)]
Merge pull request #2312 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_2_build_1 to master
Squashed commit of the following:
commit
b27307246e7cc6bdca8efef0f8112116c836bc3a
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jul 6 10:01:15 2020 -0400
build: generate and tag 3.0.2 build 1
Bhagya Tholpady (bbantwal) [Thu, 2 Jul 2020 14:40:08 +0000 (14:40 +0000)]
Merge pull request #2297 in SNORT/snort3 from ~OKHOMIAK/snort3:trace_print_instance_id to master
Squashed commit of the following:
commit
83da91a0bf7dcc47eb2bcdde87860a240229f78b
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Tue Jun 30 18:43:12 2020 +0300
main: set thread type for main thread
commit
00065f327ea2f5555fedc514f7ab2434e7e3086c
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Thu Jun 18 14:00:25 2020 +0300
trace: add thread type and thread instance id to each log message for stdout logger
Michael Altizer (mialtize) [Thu, 2 Jul 2020 14:35:53 +0000 (14:35 +0000)]
Merge pull request #2310 in SNORT/snort3 from ~MIALTIZE/snort3:service_state_ut to master
Squashed commit of the following:
commit
476c846954b981c4d700f658f358e67f2e662c70
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Jul 2 10:33:42 2020 -0400
appid: Fix the format of the IPv6 strings in the Service State unit tests
Cynthia Leonard (cyleonar) [Thu, 2 Jul 2020 10:31:14 +0000 (10:31 +0000)]
Merge pull request #2304 in SNORT/snort3 from ~ABHPAL/snort3:bugfix/CSCvu12864 to master
Squashed commit of the following:
commit
43bb164724cbf6d8b9774e14a5455a7126ce90ed
Author: Abhijit Pal <abhpal@cisco.com>
Date: Tue Jun 30 07:47:16 2020 -0400
Wizard: Adding FTP pattern to recognize FileZilla FTP Server so that FTP server inspector is attached to the flow (CSCvu12864)
Michael Altizer (mialtize) [Tue, 30 Jun 2020 23:39:57 +0000 (23:39 +0000)]
Merge pull request #2308 in SNORT/snort3 from ~MIALTIZE/snort3:32bit_ut to master
Squashed commit of the following:
commit
6a0563a5523807e0f4cf3d7717aa0fc548f5fb14
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Jun 30 18:27:57 2020 -0400
build: Fix unit tests to build and work properly on a 32-bit system
Bhagya Tholpady (bbantwal) [Tue, 30 Jun 2020 21:29:29 +0000 (21:29 +0000)]
Merge pull request #2284 in SNORT/snort3 from ~BBANTWAL/snort3:print_whitelist to master
Squashed commit of the following:
commit
f573e9cb7de962831d8269ce665303027c3bc78b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 23 23:56:48 2020 -0400
managers: format lua whitelist output and ignore internal whitelist keywords
Masud Hasan (mashasan) [Tue, 30 Jun 2020 18:26:10 +0000 (18:26 +0000)]
Merge pull request #2293 in SNORT/snort3 from ~SMINUT/snort3:rna_build to master
Squashed commit of the following:
commit
97cdecaa0c4008dbebc381810f494d627b617a9e
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jun 26 18:01:48 2020 -0400
rna: remove custom_fingerprint_dir from configuration
Russ Combs (rucombs) [Tue, 30 Jun 2020 18:18:41 +0000 (18:18 +0000)]
Merge pull request #2302 in SNORT/snort3 from ~RUCOMBS/snort3:disable to master
Squashed commit of the following:
commit
7727770ef9e075cb537853274ee559995b2213ad
Author: russ <rucombs@cisco.com>
Date: Mon Jun 29 18:09:55 2020 -0400
inspectors: add a virtual disable method for controls
In some cases, a complex configuration may include unnecessary control
inspectors. The disable method allows them to tell the framework to not
call them at runtime. This does not apply to non-control inspectors.
The best approach is not configure unnecessary inspection in the first
place.
Shravan Rangarajuvenkata (shrarang) [Tue, 30 Jun 2020 18:14:00 +0000 (18:14 +0000)]
Merge pull request #2299 in SNORT/snort3 from ~SATHIRKA/snort3:odp_reload_lua_state to master
Squashed commit of the following:
commit
76b2a723f149befdceb0897d84a353d4db3491b4
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Jun 26 12:21:04 2020 -0400
appid: Create lua states and lua detectors in control thread
Masud Hasan (mashasan) [Tue, 30 Jun 2020 15:22:24 +0000 (15:22 +0000)]
Merge pull request #2294 in SNORT/snort3 from ~MASHASAN/snort3:ft_icmp_test to master
Squashed commit of the following:
commit
6c3206696220bec935f7e1beb6699dcc5b14bd3d
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Jun 25 22:53:59 2020 -0400
stream_ip: Avoid modifying the original fragmented packet during rebuild
Michael Altizer (mialtize) [Tue, 30 Jun 2020 02:00:48 +0000 (02:00 +0000)]
Merge pull request #2300 in SNORT/snort3 from ~MIALTIZE/snort3:32bit to master
Squashed commit of the following:
commit
892e1b978f4e4f73e8fa30d1279ea09b7db2fe32
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 29 18:17:40 2020 -0400
http2_inspect: Make print_flow_issues() regtest-only
commit
63fce83f2b8689c0eb81053c643a5af9123f94a0
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 29 18:09:40 2020 -0400
build: Eradicate u_int usage
As a bonus, this fixes the Alpine Linux build.
commit
7a1733662671c9e178d7f00e9ce1252df5e8a56a
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 29 11:35:41 2020 -0400
build: Miscellaneous 32-bit build fixes
Mike Stepanek (mstepane) [Mon, 29 Jun 2020 20:32:01 +0000 (20:32 +0000)]
Merge pull request #2290 in SNORT/snort3 from ~MDAGON/snort3:packet_inj to master
Squashed commit of the following:
commit
b400fbede446c8e1e817f83763128e38fcd3ddad
Author: mdagon <mdagon@cisco.com>
Date: Wed May 27 14:48:03 2020 -0400
payload_injector: add payload injection utility
Shravan Rangarajuvenkata (shrarang) [Mon, 29 Jun 2020 15:52:36 +0000 (15:52 +0000)]
Merge pull request #2276 in SNORT/snort3 from ~EBURMAI/snort3:appid_coverity_issues to master
Squashed commit of the following:
commit
6de1af255f905a5d9ebd9789d6b161368593c16e
Author: Eduard Burmai <eburmai@cisco.com>
Date: Thu Jun 18 06:28:35 2020 -0400
appid: Appid coverity issues
Shravan Rangarajuvenkata (shrarang) [Mon, 29 Jun 2020 15:18:50 +0000 (15:18 +0000)]
Merge pull request #2292 in SNORT/snort3 from ~AGIURGIU/snort3:dce_segfault to master
Squashed commit of the following:
commit
6e188b18c9f4f5fc53a768437737321478b9277a
Author: agiurgiu <agiurgiu@cisco.com>
Date: Fri Jun 26 17:50:07 2020 +0300
dce_tcp: parse only endpoint mapper messages
Bhagya Tholpady (bbantwal) [Mon, 29 Jun 2020 13:24:00 +0000 (13:24 +0000)]
Merge pull request #2286 in SNORT/snort3 from ~SELYSENK/snort3:lightspd_conf to master
Squashed commit of the following:
commit
ead1d556cd197942ebb231975522bdd657bcc4c3
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Wed Jun 24 09:53:13 2020 -0400
stream_ip: use lowercase fragmentation policy names for verbose output
Ron Dempster (rdempste) [Mon, 29 Jun 2020 12:52:45 +0000 (12:52 +0000)]
Merge pull request #2287 in SNORT/snort3 from ~RDEMPSTE/snort3:global_dbus to master
Squashed commit of the following:
commit
d593b95de75610cdabac982bd92891394e4fbfbf
Author: rdempste <rdempste@cisco.com>
Date: Wed Jun 24 16:12:21 2020 -0400
framework: fix global data bus cloning during reload module and policy
Michael Altizer (mialtize) [Sat, 27 Jun 2020 18:24:01 +0000 (18:24 +0000)]
Merge pull request #2295 in SNORT/snort3 from ~MIALTIZE/snort3:cppcheck to master
Squashed commit of the following:
commit
b0a6542cf89eb02f16c71c8447332c0437249896
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Jun 27 12:15:19 2020 -0400
build: Fix various cppcheck warnings about constness
Shravan Rangarajuvenkata (shrarang) [Thu, 25 Jun 2020 15:00:14 +0000 (15:00 +0000)]
Merge pull request #2282 in SNORT/snort3 from ~SATHIRKA/snort3:navl_reload_memleak to master
Squashed commit of the following:
commit
18178095f98e17af698d84080a37915241b6a71f
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Mon Jun 15 13:48:15 2020 -0400
appid: Delete stale third-party connections when reloading third-party on midstream
Russ Combs (rucombs) [Wed, 24 Jun 2020 19:01:30 +0000 (19:01 +0000)]
Merge pull request #2285 in SNORT/snort3 from ~RUCOMBS/snort3:file_sigz to master
Squashed commit of the following:
commit
781017247a58252a56bb4a89846fa996d1448f50
Author: russ <rucombs@cisco.com>
Date: Wed Jun 24 08:15:17 2020 -0400
tweaks: enable file signature for sec and max until depth issue resolved
Michael Altizer (mialtize) [Wed, 24 Jun 2020 18:37:00 +0000 (18:37 +0000)]
Merge pull request #2254 in SNORT/snort3 from ~SMINUT/snort3:thread_pinning to master
Squashed commit of the following:
commit
19737811dc07397ac6d61328ac5d1b60b7df7ff6
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jun 9 23:30:57 2020 -0400
main: configure and set main thread affinity
Michael Altizer (mialtize) [Tue, 23 Jun 2020 23:25:24 +0000 (23:25 +0000)]
Merge pull request #2162 in SNORT/snort3 from ~MIALTIZE/snort3:signals to master
Squashed commit of the following:
commit
6a67fa549c3f42cd084d0e99a3d4326b3e89b7eb
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jun 17 17:57:21 2020 -0400
cmake: Properly handle SIGNAL_SNORT_* options in configure_cmake.sh
commit
829d1dff292f417db11aee43615be745f7949eb6
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue May 26 17:43:27 2020 -0400
helpers: Add support for dumping a backtrace via libunwind on fatal signals
Support for this requires the libunwind development headers and library
available at build time. The dependency is optional.
commit
26b3d8171a7566141b32b411695e55e6a6ab4307
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue May 26 17:46:27 2020 -0400
helpers: Dump additional information to stderr when a fatal signal is received
This information includes which signal was received, the Snort version,
and the current DAQ message information (if the signal was received
while processing a message in a packet thread).
commit
8acc840fb0185b17957dcaea35ef43346a9502fd
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue May 26 17:46:13 2020 -0400
helpers: Add a signal-safe formatted printing utility class
commit
f2fee6377a6325a640e4ea0a858a78edb8e7a6c5
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 13 10:23:26 2020 -0400
oops_handler: Operate on DAQ message instead of Snort Packets
commit
ff7961a1b5e2315401dbe0be7741346aa1ceb37b
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 3 10:21:04 2020 -0500
helpers: Revamp signal handler installation and removal
Importantly, back up the previous signal handlers for fatal signals so
that we can attempt to reinstall and call them on the way out. This
cleans up the interaction with libasan's SIGSEGV handler, for example.
commit
ed6bccf52f0bb7da4b9676af5fec4a0452e6734e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 16 11:41:34 2020 -0400
build: Use sanity check results (HAVE_*) for optional packages in CMake
projects / thirdparty / snort3.git / log
