]>
git.ipfire.org Git - thirdparty/snort3.git/log
Mike Stepanek (mstepane) [Tue, 23 Jun 2020 19:16:01 +0000 (19:16 +0000)]
Merge pull request #2279 in SNORT/snort3 from ~KATHARVE/snort3:checksum_tests to master
Squashed commit of the following:
commit
aa5f26c07561becdaf490d0a645ed664508b72b3
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jun 22 23:52:43 2020 -0400
detection: remove checksum drop fixit
Shravan Rangarajuvenkata (shrarang) [Tue, 23 Jun 2020 14:01:26 +0000 (14:01 +0000)]
Merge pull request #2273 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash2 to master
Squashed commit of the following:
commit
064cd95e5122e00b0215f3f9b9c2e39d04d416cf
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jun 17 23:39:11 2020 -0400
appid: include appid session api in appid event
Masud Hasan (mashasan) [Tue, 23 Jun 2020 00:22:22 +0000 (00:22 +0000)]
Merge pull request #2271 in SNORT/snort3 from ~MASHASAN/snort3:reload_fp to master
Squashed commit of the following:
commit
7d07a6fe3f117abe2a208e3b700a55c8bb46e74e
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed Jun 17 12:31:53 2020 -0400
rna: Adding initial support for reload_fingerprint command
Russ Combs (rucombs) [Tue, 23 Jun 2020 00:20:19 +0000 (00:20 +0000)]
Merge pull request #2250 in SNORT/snort3 from ~RUCOMBS/snort3:aimless to master
Squashed commit of the following:
commit
a88d8e5e36e9c9bdb18261b3fb9994f018d8b76e
Author: russ <rucombs@cisco.com>
Date: Thu Jun 18 12:50:04 2020 -0400
max_detect: detained inspection disabled pending further work
commit
e0a6c905a965853d6739177c528d2c3cfd317ff2
Author: russ <rucombs@cisco.com>
Date: Wed Jun 17 01:32:16 2020 -0400
snort: fix --dump-rule-meta with ips.states
commit
df44b9f9fdcc708d23b99e4dd6d4bd250ee73bc5
Author: russ <rucombs@cisco.com>
Date: Mon Jun 8 10:45:04 2020 -0400
detection: remove unused code
commit
947fb40131cf9b671bd63c9202dca0eac013bd1d
Author: russ <rucombs@cisco.com>
Date: Sun Jun 7 11:53:19 2020 -0400
regex: convert to same syntax as pcre plus fast_pattern option
commit
74fb07f83cb7eca507a9b0708078f1ab0e8f8c21
Author: russ <rucombs@cisco.com>
Date: Sat Jun 6 21:10:41 2020 -0400
mpse: remove unused pattern trimming support
commit
b3c00fbe13508a83763d06dfe583c76ab6af0763
Author: russ <rucombs@cisco.com>
Date: Sat Jun 6 00:40:59 2020 -0400
ips: update detection trees for earliest header checks
commit
07816e253eeba09240df1abc80386303ddbcc691
Author: russ <rucombs@cisco.com>
Date: Fri Jun 5 03:09:28 2020 -0400
ips: refactor fast pattern selection.
Enable content, regex, and sd_pattern options to be deduplicated.
commit
4e671b312dc3d168b48a48a7c8709eaf5cb125c5
Author: russ <rucombs@cisco.com>
Date: Mon Jun 1 08:53:01 2020 -0400
tweaks: updates for efficacy and performance
commit
5fc59bd0061a52750b57ff6cdf9e9d23b1da10f4
Author: russ <rucombs@cisco.com>
Date: Sat May 30 10:43:41 2020 -0400
appid: use configured search method for multi-pattern matching
commit
838255f2b79c8504a96f0f2d2000c83088b024ab
Author: russ <rucombs@cisco.com>
Date: Wed Jun 3 01:04:03 2020 -0400
ips: add http fast pattern buffers
These additional fast pattern buffers are supported:
http_raw_uri http_raw_header http_stat_code http_stat_msg http_cookie http_method
The current implementation handles them somewhat generically, so other
inspectors can provide a method or a stat_code buffer too. A future
iteration will make these buffers extensible.
commit
e8b52034c1735e2fa95911967753eec47f6ded26
Author: russ <rucombs@cisco.com>
Date: Sat May 30 19:34:58 2020 -0400
ips: add ips service vs buffer checks; add missing services
commit
822d67423914d137399d20a6fc7a462eb138c491
Author: russ <rucombs@cisco.com>
Date: Fri May 29 12:20:06 2020 -0400
ips: minimize port group construction for any-any and bidirectional rules
commit
e719dad994e1e1f65601bf439ef61dae5f904d66
Author: russ <rucombs@cisco.com>
Date: Tue May 26 13:07:58 2020 -0400
ips: enable non-service rules when service is detected
Do fast pattern searches for port groups after service groups.
Also, search_engine.detect_raw_tcp is applied to rules w/ or w/o a fast
pattern (previously, erroneously, only fast-pattern rules). In addition,
this no longer applies to flows w/o a service inspector. Such flows act
as if detect_raw_tcp is true regardless of setting.
commit
f11be51de012d6b6f290484329675c5bc5a7d077
Author: russ <rucombs@cisco.com>
Date: Tue May 19 22:09:48 2020 -0400
snort_defaults.lua: remove unused AIM_SERVERS var
Michael Altizer (mialtize) [Mon, 22 Jun 2020 22:55:12 +0000 (22:55 +0000)]
Merge pull request #2246 in SNORT/snort3 from ~ZHIJLIU/snort3:nested_tunnel to master
Squashed commit of the following:
commit
497806c24b5e398140cf61dcff13901fd3443ffb
Author: Louis Zhijun Liu <zhijliu@cisco.com>
Date: Sun Jun 7 21:12:17 2020 -0700
codecs: add tunnel bypass logic based on DAQ payload_offset
Michael Altizer (mialtize) [Mon, 22 Jun 2020 15:14:47 +0000 (15:14 +0000)]
Merge pull request #2277 in SNORT/snort3 from ~MIALTIZE/snort3:version_3_0_2 to master
Squashed commit of the following:
commit
e8f9bc0ab3b216463374ec6d0a30e158fefb05ca
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 22 10:53:12 2020 -0400
build: Increment version to 3.0.2
Masud Hasan (mashasan) [Thu, 18 Jun 2020 18:51:45 +0000 (18:51 +0000)]
Merge pull request #2272 in SNORT/snort3 from ~MMATIRKO/snort3:reg_xtra_fix to master
Squashed commit of the following:
commit
e914576493bee03e7170506519b0f8662f760b90
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed Jun 17 12:02:31 2020 -0400
stream: lock xtradata stream_impl to avoid data race on logging
Mike Stepanek (mstepane) [Thu, 18 Jun 2020 13:59:31 +0000 (13:59 +0000)]
Merge pull request #2270 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_1_build_5 to master
Squashed commit of the following:
commit
0e8227fbe2c3b6989e0f1834a785c48413f1f20d
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 17 08:24:31 2020 -0400
build: generate and tag 3.0.1 build 5
Bhargava Jandhyala (bjandhya) [Thu, 18 Jun 2020 07:42:55 +0000 (07:42 +0000)]
Merge pull request #2087 in SNORT/snort3 from ~NEHASH4/snort3:CSCvs29881 to master
Squashed commit of the following:
commit
d778ed0b01db01711626f4e4d447dc2632d1ba5b
Author: neha sharma <nehash4@cisco.com>
Date: Sat Apr 11 13:40:32 2020 -0400
file: Making sure that file malware inspection is turned off and only file-type detection is enabled
when file_id config is defined without any parameter.
forcing file-policy lookup/evaluation for cached verdict and file inspection is done only in case of unknown verdict
HTTP inspector changed to use the decode depth from file_id config
Shravan Rangarajuvenkata (shrarang) [Wed, 17 Jun 2020 15:20:02 +0000 (15:20 +0000)]
Merge pull request #2267 in SNORT/snort3 from ~EBURMAI/snort3:cache_tunneled_ip_port to master
Squashed commit of the following:
commit
c26aea52088b3401f70ee02b391e99d0b2f64d77
Author: Eduard Burmai <eburmai@cisco.com>
Date: Fri Jun 12 10:33:27 2020 -0400
appid: Lua APIs to get IP and port tunneled through a proxy
Bhagya Tholpady (bbantwal) [Wed, 17 Jun 2020 14:57:10 +0000 (14:57 +0000)]
Merge pull request #2248 in SNORT/snort3 from ~SELYSENK/snort3:coverity to master
Squashed commit of the following:
commit
35d120f022eb0a2596a02255a5fc0f6b4996444c
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Fri Jun 5 07:13:53 2020 -0400
snort2lua: fix issues found by Coverity scans
Add missing member initializations. Fix typos. Add missing checks for
return values. Restore ostream flags.
Fix OOB memory access in DataApi::expand_vars() and in
Converter::parse_file().
Shravan Rangarajuvenkata (shrarang) [Tue, 16 Jun 2020 23:12:41 +0000 (23:12 +0000)]
Merge pull request #2263 in SNORT/snort3 from ~SHRARANG/snort3:appid_stash to master
Squashed commit of the following:
commit
951f13ad2273fa270d71fd92d2c155b6cd8a3979
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jun 9 16:22:53 2020 -0400
appid: remove unnecessary stuff from appid apis
Steve Chew (stechew) [Tue, 16 Jun 2020 22:32:03 +0000 (22:32 +0000)]
Merge pull request #2269 in SNORT/snort3 from ~SHASLAD/snort3:fix_cov_series_part_9 to master
Squashed commit of the following:
commit
d4809e1ea4e61828bd5a7b6267d743f63ceb2ebc
Author: Shashi Lad <shaslad@cisco.com>
Date: Fri Jun 12 11:53:41 2020 -0400
coverity: fixing issues found during coverity scan
Masud Hasan (mashasan) [Tue, 16 Jun 2020 20:06:05 +0000 (20:06 +0000)]
Merge pull request #2265 in SNORT/snort3 from ~MMATIRKO/snort3:tcp-fin-fix to master
Squashed commit of the following:
commit
4f61bbec05db3a5eb40054894015d23dc12803b0
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Jun 12 13:00:51 2020 -0400
stream_tcp: fix issues for tcp simultaneous close
Bhagya Tholpady (bbantwal) [Tue, 16 Jun 2020 19:52:01 +0000 (19:52 +0000)]
Merge pull request #2251 in SNORT/snort3 from ~OSERHIIE/snort3:trace_doc_phase_1 to master
Squashed commit of the following:
commit
50c6593279490fd17978c6d140efac0bfe1a9625
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Jun 9 19:22:07 2020 +0300
doc: update user manual for trace feature
Shravan Rangarajuvenkata (shrarang) [Tue, 16 Jun 2020 18:21:34 +0000 (18:21 +0000)]
Merge pull request #2255 in SNORT/snort3 from ~KAMURTHI/snort3:reload_3rd_resp to master
Squashed commit of the following:
commit
56e9ed1693d8cff155e18118be8f056f9145e0df
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Tue Jun 9 12:54:56 2020 -0400
appid:Add response message to reload_third_party
Shravan Rangarajuvenkata (shrarang) [Tue, 16 Jun 2020 17:58:28 +0000 (17:58 +0000)]
Merge pull request #2264 in SNORT/snort3 from ~SATHIRKA/snort3:appid_cert_viz_api to master
Squashed commit of the following:
commit
c0da3e4f26a12b4e8e7a07da6a5d9df6eac73b11
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu May 21 16:25:10 2020 -0400
appid: Update cert viz API to handle subject alt name and SNI mismatch
Masud Hasan (mashasan) [Tue, 16 Jun 2020 13:58:39 +0000 (13:58 +0000)]
Merge pull request #2268 in SNORT/snort3 from ~MMATIRKO/snort3:rrt_check_fqn to master
Squashed commit of the following:
commit
73b94247a8aac83de7a1acc955c64b6eee022f12
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Jun 15 13:45:14 2020 -0400
reload: check fqn before registering rrt
Steve Chew (stechew) [Mon, 15 Jun 2020 14:44:56 +0000 (14:44 +0000)]
Merge pull request #2247 in SNORT/snort3 from ~OKHOMIAK/snort3:ips_policy_rule_stats to master
Squashed commit of the following:
commit
198b1151d099bb06de1b7f6db04f81d7f73516cc
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Wed Jun 10 01:11:07 2020 +0300
detection: do not apply global rule state to the empty policy
commit
0eba4fd76439efa586eb84e3d12a015501fe3cc8
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Fri Jun 5 01:09:01 2020 +0300
parser: print loaded and shared rules for each ips policy
Cynthia Leonard (cyleonar) [Mon, 15 Jun 2020 06:08:49 +0000 (06:08 +0000)]
Merge pull request #2266 in SNORT/snort3 from ~PUNEETKU/snort3:perf_fix to master
Squashed commit of the following:
commit
7cc62215d8d2a46b68e20ccf96350f659089ecf0
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Sun Jun 14 21:01:45 2020 -0400
perf_monitor: fix count and interval during disable cli execution
Mike Stepanek (mstepane) [Fri, 12 Jun 2020 17:16:16 +0000 (17:16 +0000)]
Merge pull request #2253 in SNORT/snort3 from ~KATHARVE/snort3:h2i_infraction_fix to master
Squashed commit of the following:
commit
5a681a75529c10aef7f6efd802f91e7673ec4ff5
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 9 12:32:36 2020 -0400
http2_inspect: fix hpack infractions
Michael Altizer (mialtize) [Fri, 12 Jun 2020 15:15:54 +0000 (15:15 +0000)]
Merge pull request #2262 in SNORT/snort3 from ~ANTOROZC/snort3:host_cache_test to master
Squashed commit of the following:
commit
0a9d6e442c842dd4c3e16dfbee2c102bd2d90d35
Author: Brian Morris <bmorris2@cisco.com>
Date: Fri Jun 12 09:56:21 2020 -0400
host_cache: add new peg to module test
Shravan Rangarajuvenkata (shrarang) [Fri, 12 Jun 2020 14:29:51 +0000 (14:29 +0000)]
Merge pull request #2261 in SNORT/snort3 from ~ANTOROZC/snort3:vkovalen_fix_static_analysis_complaint to master
Squashed commit of the following:
commit
f22bf1dfce1fbe5eb104971bc43d24942341fdea
Author: Viktoriia Kovalenko <vkovalen@cisco.com>
Date: Fri Jun 12 16:45:05 2020 +0300
appid: add braces to fix static analysis complaint
Steve Chew (stechew) [Fri, 12 Jun 2020 03:17:27 +0000 (03:17 +0000)]
Merge pull request #2257 in SNORT/snort3 from ~ANTOROZC/snort3:duapalme_replace_cache to master
Squashed commit of the following:
commit
90cf5e3a304b16b6494ed496c2f6d326dad0a381
Author: Duane Palmer <duapalme@cisco.com>
Date: Thu Jun 11 15:34:47 2020 -0500
lru_cache_shared: replace the cache entry if found
Michael Altizer (mialtize) [Thu, 11 Jun 2020 18:24:20 +0000 (18:24 +0000)]
Merge pull request #2259 in SNORT/snort3 from ~OSERHIIE/snort3:trace_log_pkt_ptr to master
Squashed commit of the following:
commit
a403e8b5ae47db509d6ede99f8808293ba5bbc26
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jun 11 20:55:55 2020 +0300
trace: remove redundant include
commit
53d3063ce49228a25e267d2992b1d22f7edf7f08
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jun 11 19:56:47 2020 +0300
trace: add support for passing in the packet pointer to loggers
Mike Stepanek (mstepane) [Tue, 9 Jun 2020 18:00:29 +0000 (18:00 +0000)]
Merge pull request #2249 in SNORT/snort3 from ~KATHARVE/snort3:rpc_fix to master
Squashed commit of the following:
commit
647ba9655b34471d813a75fc62e769cc9c67d848
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jun 9 09:23:00 2020 -0400
rpc_decode: remove unused config object
Mike Stepanek (mstepane) [Tue, 9 Jun 2020 12:08:28 +0000 (12:08 +0000)]
Merge pull request #2245 in SNORT/snort3 from ~MDAGON/snort3:h2i_bugfix to master
Squashed commit of the following:
commit
ef7c26b0cbf07e69b4d0073d565a5433c6dd617c
Author: mdagon <mdagon@cisco.com>
Date: Thu Jun 4 16:27:52 2020 -0400
http2_inspect: partial inspect with less than 8 bytes of frame header in the same packet
Michael Altizer (mialtize) [Mon, 8 Jun 2020 16:33:58 +0000 (16:33 +0000)]
Merge pull request #2168 in SNORT/snort3 from ~DAVMCPHE/snort3:reload_memory_leaks to master
Squashed commit of the following:
commit
8b865427b64ced3d8fa7b49db9206e13201ece4c
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Apr 16 13:14:56 2020 -0400
port_scan: cleanup port scan memory allocations in module tterm
parser: free memory allocated for RTN when SO rule load fails
stream: add final check to free allocated memory when module tterm is called
actions: on a reload_config() free the memory allocated for react page on previous configuration loading
shell: if initial load of snort configuration fails release memory allocated for modules and plugins
appid: free memory allocated when appid is configured initially and then not configured on a subsequent reload
snort_config: only perform FatalError cleanup from main thread
actions: refactor to store react page response in std::string
snort2lua: deprecate react::msg option, display of rule message in react page not currently supported
Mike Stepanek (mstepane) [Fri, 5 Jun 2020 18:44:07 +0000 (18:44 +0000)]
Merge pull request #2242 in SNORT/snort3 from ~KATHARVE/snort3:coverity_fixes_search_engines to master
Squashed commit of the following:
commit
9295d4275cd1f25662f546a86b5e4f438d1262e4
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 4 17:11:14 2020 -0400
search_engines: fix potential memory leaks and an error in a printed value
Mike Stepanek (mstepane) [Fri, 5 Jun 2020 18:43:30 +0000 (18:43 +0000)]
Merge pull request #2241 in SNORT/snort3 from ~KATHARVE/snort3:coverity_fixes to master
Squashed commit of the following:
commit
689610e78e3964183dd9743cc2b284cc78520e28
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jun 4 17:08:10 2020 -0400
service_inspectors: remove some redundant initializations and lookups, move some field initializations into the constructor
Michael Altizer [Fri, 5 Jun 2020 17:39:32 +0000 (13:39 -0400)]
Revert "Merge pull request #2243 in SNORT/snort3 from ~CYLEONAR/snort3:master to master"
This reverts commit
59cfcb6ac6564174bdb9673a3f32e65607fcebc3 .
Cynthia Leonard (cyleonar) [Fri, 5 Jun 2020 16:54:16 +0000 (16:54 +0000)]
Merge pull request #2243 in SNORT/snort3 from ~CYLEONAR/snort3:master to master
Squashed commit of the following:
commit
b2403b08ffe3bba0d23569f5b7a973943481e689
Author: Cynthia Leonard <cyleonar@cisco.com>
Date: Fri Jun 5 12:45:15 2020 -0400
Revert "Merge pull request #2017 in SNORT/snort3 from ~SUNIMUKH/snort3:drop_servicability to master"
This reverts commit
0ab74bbcee6d23bbb9e136bfaf796230f1252cdb .
Cynthia Leonard (cyleonar) [Fri, 5 Jun 2020 14:05:18 +0000 (14:05 +0000)]
Merge pull request #2017 in SNORT/snort3 from ~SUNIMUKH/snort3:drop_servicability to master
Squashed commit of the following:
commit
38e5c894583a168c71633f6fd427a9b349775b01
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Fri May 29 05:06:55 2020 -0400
active: add drop reason and ability to publish mapped drop reason ID to
the DAQ layer
Drop/verdict reason handling has been moved from PacketTracer to Active.
Many modules have been changed to update the drop reason when deciding
to drop. The Active API has been extended to allow external modules to
map reason strings to verdict reason IDs to be sent to the DAQ layer.
Michael Altizer (mialtize) [Thu, 4 Jun 2020 23:34:37 +0000 (23:34 +0000)]
Merge pull request #2240 in SNORT/snort3 from ~SATHIRKA/snort3:snort_proto_id to master
Squashed commit of the following:
commit
1a435d674e1d7fe0ee48a6dc2c46cae287069eb2
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Jun 4 16:22:55 2020 -0400
appid: Revert snort protocol id changes and fixed warnings
Shravan Rangarajuvenkata (shrarang) [Thu, 4 Jun 2020 19:20:30 +0000 (19:20 +0000)]
Merge pull request #2239 in SNORT/snort3 from ~ANTOROZC/snort3:vkovalen_no_sni to master
Squashed commit of the following:
commit
034c71cccbba39b7d746acc2858241d9cc7ed51a
Author: Viktoriia Kovalenko <vkovalen@cisco.com>
Date: Fri May 29 15:20:08 2020 +0300
appid: set appid_tlshost_bit when we set tls_cname
Bhagya Tholpady (bbantwal) [Thu, 4 Jun 2020 17:13:03 +0000 (17:13 +0000)]
Merge pull request #2230 in SNORT/snort3 from ~OSERHIIE/snort3:trace_control_command to master
Squashed commit of the following:
commit
ad8de0f3f4f5499eac67d3e0d9e8ab0391434308
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri May 29 13:07:54 2020 +0300
trace: fix for trace messages in the test-mode ('-T' option)
commit
e9e654d6301f4c81c8086d84581380432272299f
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri May 15 11:45:34 2020 +0300
trace: add control channel command
Lokesh Bevinamarad (lbevinam) [Thu, 4 Jun 2020 09:56:18 +0000 (09:56 +0000)]
Merge pull request #2221 in SNORT/snort3 from ~SUNIMUKH/snort3:CSCvu03459_ha_md_strm to master
Squashed commit of the following:
commit
2c4191695061c9deb932ccb21f1aae3c961f82bb
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Wed May 20 03:26:22 2020 -0400
stream_ha: fixed ip family in the flow->key during StreamHAClient::consume
Shravan Rangarajuvenkata (shrarang) [Wed, 3 Jun 2020 19:43:12 +0000 (19:43 +0000)]
Merge pull request #2226 in SNORT/snort3 from ~EBURMAI/snort3:dce_tcp_pinhole to master
Squashed commit of the following:
commit
fe674926599fc7ff9b42dd8cbe624e23eb747e63
Author: Eduard Burmai <eburmai@cisco.com>
Date: Wed May 13 16:00:18 2020 -0400
dce_rpc: suppport for DCE/RPC future session
Masud Hasan (mashasan) [Tue, 2 Jun 2020 23:01:13 +0000 (23:01 +0000)]
Merge pull request #2227 in SNORT/snort3 from ~MASHASAN/snort3:host_cache_memcap_limit to master
Squashed commit of the following:
commit
fffeb145a3d8d5634cb4e26ed0f07b319ffcbf42
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed May 27 13:00:05 2020 -0400
host_cache: Allowing module to accept 64 bit memcap value
Shravan Rangarajuvenkata (shrarang) [Tue, 2 Jun 2020 21:58:29 +0000 (21:58 +0000)]
Merge pull request #2237 in SNORT/snort3 from ~KAMURTHI/snort3:http2-response-match to master
Squashed commit of the following:
commit
d3cdafa9cdead598b4719b49d7c0cb5c7c122143
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun May 31 22:15:50 2020 -0400
appid: Match http2 response to request
Shravan Rangarajuvenkata (shrarang) [Tue, 2 Jun 2020 20:21:02 +0000 (20:21 +0000)]
Merge pull request #2238 in SNORT/snort3 from ~KAMURTHI/snort3:http2-payload-UN to master
Squashed commit of the following:
commit
2db0b9abcb33e8ae8c9da933b789db361734f222
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Jun 1 02:33:41 2020 -0400
appid: For http2, if metadata doesn't give a match on payload, set payload id to unknown
Ron Dempster (rdempste) [Tue, 2 Jun 2020 17:57:50 +0000 (17:57 +0000)]
Merge pull request #2223 in SNORT/snort3 from ~RDEMPSTE/snort3:direction_prevent_whitelist to master
Squashed commit of the following:
commit
8b95f26e28f56d5815c75c6cd42f163e3f3f85ef
Author: rdempste <rdempste@cisco.com>
Date: Mon Jun 1 16:32:28 2020 -0400
active: add a facility to prevent a DAQ whitelist verdict
commit
63fb0a693a3cea1ff45f1931d01e3b120dc4ab7a
Author: rdempste <rdempste@cisco.com>
Date: Wed May 6 15:46:48 2020 -0400
packet: add client and server direction methods that use the client initiator flow flag
commit
86bfdc7f46edd0f359e0196b951eb404fafd22b8
Author: rdempste <rdempste@cisco.com>
Date: Thu May 7 17:36:36 2020 -0400
flow: make client_initiated flag depend on the DAQ reverse flow flag
Michael Altizer (mialtize) [Tue, 2 Jun 2020 16:48:48 +0000 (16:48 +0000)]
Merge pull request #2233 in SNORT/snort3 from ~SMINUT/snort3:force_finalize_hp to master
Squashed commit of the following:
commit
e10265faf6232b58a32581033ca380a3e6d6b171
Author: Silviu Minut <sminut@cisco.com>
Date: Fri May 29 20:16:09 2020 -0400
stream_tcp: unconditionally release held packets that have timed out, regardless of flushing
Bhagya Tholpady (bbantwal) [Tue, 2 Jun 2020 16:06:08 +0000 (16:06 +0000)]
Merge pull request #2217 in SNORT/snort3 from ~SVLASIUK/snort3:module_track_time to master
Squashed commit of the following:
commit
acdd4a874962cfff0bb547009edcdb4163b2cd94
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Wed May 13 10:51:22 2020 +0300
managers: add inspector execution and timing traces to InspectorManager
Add snort module main and inspector_manager trace options.
Remove --trace command line option.
Mike Stepanek (mstepane) [Tue, 2 Jun 2020 14:31:05 +0000 (14:31 +0000)]
Merge pull request #2236 in SNORT/snort3 from ~KATHARVE/snort3:h2i_hi_memory to master
Squashed commit of the following:
commit
a3742b47d9b0437fde14014241e933e3bc1908af
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Jun 1 13:27:50 2020 -0400
http2_inspect: track memory usage for http_inspect flows in http2_inspect
Shravan Rangarajuvenkata (shrarang) [Tue, 2 Jun 2020 00:27:44 +0000 (00:27 +0000)]
Merge pull request #2235 in SNORT/snort3 from ~SATHIRKA/snort3:snort_protocol_id to master
Squashed commit of the following:
commit
1ca8cfa087c34307a1fb84a8a1e16000026a0fab
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu May 28 17:52:58 2020 -0400
appid: Set snort protocol id on the flow and remove ssl squelch code
Steve Chew (stechew) [Mon, 1 Jun 2020 18:33:07 +0000 (18:33 +0000)]
Merge pull request #2225 in SNORT/snort3 from ~SBAIGAL/snort3:coverity_fix2 to master
Squashed commit of the following:
commit
0d0ea620abf03e13f68e3ce714eefa26b2cb310b
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu May 14 10:09:44 2020 -0400
coverity: fix issued found by Coverity scans
Bhagya Tholpady (bbantwal) [Thu, 28 May 2020 22:00:02 +0000 (22:00 +0000)]
Merge pull request #2210 in SNORT/snort3 from ~SELYSENK/snort3:trace_filtering to master
Squashed commit of the following:
commit
543e3edb95a0aaa87afa695efeec80bd41e92c7a
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Apr 23 07:09:54 2020 -0400
trace: filter traces by packet constraints
trace_print/trace_printf now take a pointer to the Packet.
Packet's state is lazily evaluated against packet constraints.
packet_tracer uses packet constraints from framework instead of
implementing its own.
Shravan Rangarajuvenkata (shrarang) [Wed, 20 May 2020 18:29:25 +0000 (18:29 +0000)]
Merge pull request #2207 in SNORT/snort3 from ~SHRARANG/snort3:avc_http2 to master
Squashed commit of the following:
commit
48e8c835b254ee3a0b3bb8bd986e204d4b6a1534
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue May 12 00:51:08 2020 -0400
appid: add api to check if appid needs inspection
Mike Stepanek (mstepane) [Wed, 20 May 2020 14:29:30 +0000 (14:29 +0000)]
Merge pull request #2222 in SNORT/snort3 from ~MSTEPANE/snort3:3_0_1_build_4 to master
Squashed commit of the following:
commit
238dfa82de8dd72a79574d83fad0e2f9deda3dc2
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed May 20 07:55:59 2020 -0400
generate and tag 3.0.1 build 4
Masud Hasan (mashasan) [Tue, 19 May 2020 21:43:18 +0000 (21:43 +0000)]
Merge pull request #2218 in SNORT/snort3 from ~MASHASAN/snort3:coverity_fixes_2 to master
Squashed commit of the following:
commit
a9c8c023afbbc552331e94306dacac3697069058
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue May 19 14:05:52 2020 -0400
network_inspectors: Fixing a few minor issues reported by Coverity
Bhagya Tholpady (bbantwal) [Tue, 19 May 2020 16:35:23 +0000 (16:35 +0000)]
Merge pull request #2214 in SNORT/snort3 from ~OKHOMIAK/snort3:print_rules_enabled_per_policy to master
Squashed commit of the following:
commit
c717346b95fb84e010e4256f5c05365c24ecb2e4
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Wed May 13 10:09:31 2020 +0300
parser: print enabled rules for each ips policy
Bhagya Tholpady (bbantwal) [Tue, 19 May 2020 13:47:42 +0000 (13:47 +0000)]
Merge pull request #2216 in SNORT/snort3 from ~BBANTWAL/snort3:sort_ilist_by_type to master
Squashed commit of the following:
commit
8439e633309782e799d1adbf410c12cff413c0ba
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon May 18 22:24:24 2020 -0400
managers: print alphabetically sorted verbose inspector config output within an inspection policy
commit
5a085e5a729027f8f85cafb90970fa9d024651f5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon May 18 22:18:34 2020 -0400
Revert "Merge pull request #2185 in SNORT/snort3 from ~BBANTWAL/snort3:sort_inspectors to master"
This reverts commit
f19685fd2b8b3443369f1181ca8f0f98c85df49d .
Russ Combs (rucombs) [Tue, 19 May 2020 12:26:26 +0000 (12:26 +0000)]
Merge pull request #2213 in SNORT/snort3 from ~RUCOMBS/snort3:snort_conf to master
Squashed commit of the following:
commit
7107ad5aa179c81bcf297198c9565dbf7c1af453
Author: russ <rucombs@cisco.com>
Date: Mon May 11 17:33:04 2020 -0400
build: fix cppcheck warnings and typos
commit
514844215a86e5e683649392f7eb3317c667f678
Author: russ <rucombs@cisco.com>
Date: Mon May 11 09:27:16 2020 -0400
snort_config: constify Inspector::show and remove unnecessary logger args
commit
4f61396efb898de6054dd3068bd2784f313bdf06
Author: russ <rucombs@cisco.com>
Date: Sun May 10 12:33:07 2020 -0400
search_tool: refactor initialization
commit
c24ff7a06b405b18b85c1317d4c42438ffcd8676
Author: russ <rucombs@cisco.com>
Date: Sun May 10 11:28:29 2020 -0400
mpse: constify snort config args
commit
cff5647c6f32eb1321964b729aac16fcfedaee2d
Author: russ <rucombs@cisco.com>
Date: Sat May 9 11:22:32 2020 -0400
snort_config: minimize thread local access to snort_config
commit
48a6e0db8b675c3283befb04b13b6468c98ce570
Author: russ <rucombs@cisco.com>
Date: Fri May 8 16:59:31 2020 -0400
snort_config: use provided conf
commit
d1329377a0c1a4fa5b333182c568da38c3b6b9a2
Author: russ <rucombs@cisco.com>
Date: Tue Apr 28 15:01:35 2020 -0400
snort_config: make const for packet threads
commit
c47aabc1d11ff6208b5cb1a970a7c7f49033625d
Author: russ <rucombs@cisco.com>
Date: Sun Apr 26 10:54:15 2020 -0400
snort_config: pseudo packet initialization
commit
bf4ac2a8d1910452c170577f62fa23c6856d81c0
Author: russ <rucombs@cisco.com>
Date: Sun Apr 26 09:54:45 2020 -0400
snort_config: refactor access methods
Michael Altizer (mialtize) [Mon, 18 May 2020 22:00:24 +0000 (22:00 +0000)]
Merge pull request #2211 in SNORT/snort3 from ~SMINUT/snort3:hpq_timeout_config to master
Squashed commit of the following:
commit
2fc74253788d479c939aa17354fdc44c24c4540f
Author: Silviu Minut <sminut@cisco.com>
Date: Tue May 12 11:57:14 2020 -0400
stream: move held packet timeout to Stream and support changing it on reload
Russ Combs (rucombs) [Fri, 15 May 2020 21:40:47 +0000 (21:40 +0000)]
Merge pull request #2189 in SNORT/snort3 from ~DAVMCPHE/snort3:fallback to master
Squashed commit of the following:
commit
0031d861c9c23b1a08e27a77d10d8ee68f4f7fb4
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri May 1 13:23:54 2020 -0400
dce_rpc: code style cleanups
commit
5a9614634d99202a0202494b6021116edea1d7e4
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Apr 29 11:24:49 2020 -0400
dce_rpc: generate alert when dce splitter aborts due to invalid fragment length
commit
75e56ee0f0a6e875c13de32963b58f15e3c43c7f
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri May 8 17:16:47 2020 -0400
stream_tcp: call splitter->finish() before reassemble() when flushing when PAF aborts due to gap in queued data
commit
39336beb1c4421ebb2124a2beb20ae1c8a5ae9b1
Author: russ <rucombs@cisco.com>
Date: Tue Apr 21 14:20:50 2020 -0400
stream_tcp: clear gadget from Flow object once fallback has happened in both directions
stream_tcp: when paf aborts due to gap in data set splitter state to ABORT
stream_tcp: only clear gadget after both splitters have aborted
loggers: when logging alert only use inspector buffers and name when the inspector's paf splitter is assigned for the direction of the alert"
Steve Chew (stechew) [Fri, 15 May 2020 19:53:20 +0000 (19:53 +0000)]
Merge pull request #2209 in SNORT/snort3 from ~SBAIGAL/snort3:coverity_fix to master
Squashed commit of the following:
commit
2496431615a57a9656134448372bd54765f22693
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed May 6 16:46:36 2020 -0400
coverity: fixed issues discovered by Coverity tool
Michael Altizer (mialtize) [Thu, 14 May 2020 15:31:28 +0000 (15:31 +0000)]
Merge pull request #2205 in SNORT/snort3 from ~MIALTIZE/snort3:instance_id to master
Squashed commit of the following:
commit
1cdd68e4ecc5e72b50472b258af6a31e4137497f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon May 11 16:56:07 2020 -0400
daq: Configure DAQ instances with total instances and instance IDs
The DAQ instances will only be explicitly configured with this
information when Snort is running in multi-instance mode (-z >1).
Steve Chew (stechew) [Thu, 14 May 2020 12:58:51 +0000 (12:58 +0000)]
Merge pull request #2197 in SNORT/snort3 from ~STECHEW/snort3:block_retry_no_flow to master
Squashed commit of the following:
commit
f8e17fe8506a9787e26d19b613c3b1fdc37f0b0c
Author: Steve Chew <stechew@cisco.com>
Date: Fri May 1 17:26:58 2020 -0400
flow: If a retry packet does not belong to a flow, block it.
Shravan Rangarajuvenkata (shrarang) [Wed, 13 May 2020 19:10:46 +0000 (19:10 +0000)]
Merge pull request #2212 in SNORT/snort3 from ~SATHIRKA/snort3:dns_session_alloc to master
Squashed commit of the following:
commit
cc4a642b171b30b844f78f3c50ea5bccb6fb42ea
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue May 12 15:08:28 2020 -0400
appid: Do not allocate DNS session for non-DNS flows and update memory tracker for HTTP sessions
Masud Hasan (mashasan) [Tue, 12 May 2020 20:29:23 +0000 (20:29 +0000)]
Merge pull request #2208 in SNORT/snort3 from ~MASHASAN/snort3:coverity_fixes to master
Squashed commit of the following:
commit
5847f19f97b1ffbc82f969af25f09402a723fba6
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon May 11 19:42:35 2020 -0400
main: Fixing some issues reported by Coverity
Michael Altizer (mialtize) [Mon, 11 May 2020 16:03:51 +0000 (16:03 +0000)]
Merge pull request #2204 in SNORT/snort3 from ~SMINUT/snort3:hpq_daq_verdict to master
Squashed commit of the following:
commit
006990ce86bed6fd6710ee2f868d4672887fa1eb
Author: Silviu Minut <sminut@cisco.com>
Date: Thu May 7 16:31:26 2020 -0400
stream_tcp: change the DAQ verdict from drop to blacklist for held packets that timed out
George Koikara (gkoikara) [Mon, 11 May 2020 08:26:56 +0000 (08:26 +0000)]
Merge pull request #2124 in SNORT/snort3 from ~APOORAJ/snort3:race_condition_ftp to master
Squashed commit of the following:
commit
af8985bba3de4f461d1471cc2bfac4c586cce0fe
Author: Apoorv Raj <apooraj@cisco.com>
Date: Mon Mar 30 15:15:35 2020 -0400
ftp_data: fix race condition
Shravan Rangarajuvenkata (shrarang) [Fri, 8 May 2020 22:42:41 +0000 (22:42 +0000)]
Merge pull request #2200 in SNORT/snort3 from ~SATHIRKA/snort3:appid_core_fix to master
Squashed commit of the following:
commit
08c9f1bf6bc7847d7ee85f7785af0e03deb77ecf
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue May 5 14:32:29 2020 -0400
appid: Get inspector for the current snort config during reload
Michael Altizer (mialtize) [Fri, 8 May 2020 17:31:11 +0000 (17:31 +0000)]
Merge pull request #2165 in SNORT/snort3 from ~SVLASIUK/snort3:trace_module to master
Squashed commit of the following:
commit
64ec8e2b940ab8815d8061f9a50ee6e82de3c435
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Apr 2 13:10:17 2020 +0300
trace: move module trace configuration into the trace module.
Instead of trace configuration being distributed amongst the individual module configurations,
all module trace topic and level configuration is now centralized within the trace module.
Mike Stepanek (mstepane) [Fri, 8 May 2020 14:28:04 +0000 (14:28 +0000)]
Merge pull request #2203 in SNORT/snort3 from ~MDAGON/snort3:h2i_fix to master
Squashed commit of the following:
commit
d042400ce1e3cba30ec905ce603580d27fe60392
Author: mdagon <mdagon@cisco.com>
Date: Tue May 5 12:14:49 2020 -0400
http2_inspect: change partial flush handling
Bhagya Tholpady (bbantwal) [Thu, 7 May 2020 18:56:51 +0000 (18:56 +0000)]
Merge pull request #2184 in SNORT/snort3 from ~OKHOMIAK/snort3:verbose_output_for_binders to master
Squashed commit of the following:
commit
2fd410c112d41467fc950fb45b61da97b784198e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Apr 24 12:54:58 2020 +0300
log: do not truncate config option names in ConfigLogger
commit
e5486fbe6016f443dd3f41f7021c2db3b69c10d0
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Thu Apr 23 11:38:53 2020 +0300
binder: print configured bindings in show() method
Michael Altizer (mialtize) [Thu, 7 May 2020 17:21:20 +0000 (17:21 +0000)]
Merge pull request #2163 in SNORT/snort3 from ~SMINUT/snort3:stream_detained_list2 to master
Squashed commit of the following:
commit
cc9777d3e2ae3aa4bf744f35ea5c218b3cbd3516
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Apr 14 19:40:15 2020 -0400
stream: add a configurable timeout for held packets
If a held packet has been detained for a certain amount of time,
flush it.
Michael Altizer (mialtize) [Wed, 6 May 2020 17:17:48 +0000 (17:17 +0000)]
Merge pull request #2201 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_1_build_3 to master
Squashed commit of the following:
commit
0d7f7cbababa6687b1484ac28802dd3c9ece31a1
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed May 6 12:14:19 2020 -0400
build: generate and tag 3.0.1 build 3
Shravan Rangarajuvenkata (shrarang) [Tue, 5 May 2020 17:37:19 +0000 (17:37 +0000)]
Merge pull request #2174 in SNORT/snort3 from ~AGIURGIU/snort3:appid_http2_ms_detect to master
Squashed commit of the following:
commit
3b0b9e7dbc443903f9f19def32648bc57bafb4da
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Apr 30 01:23:44 2020 -0400
appid: support for multi-stream http2 session
commit
c55b5718ef6877bbf16f4d1a3fde16f16117a2d3
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Apr 23 02:27:23 2020 -0400
appid: store appids for http traffic in http session
commit
8a78d00add4080c77538196d0ae98ffa74db1dfa
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Tue Apr 7 23:43:51 2020 -0400
appid: remove old http2 support
Masud Hasan (mashasan) [Tue, 5 May 2020 14:55:22 +0000 (14:55 +0000)]
Merge pull request #2194 in SNORT/snort3 from ~MASHASAN/snort3:rna_dev_notes to master
Squashed commit of the following:
commit
aadb6c6119ca49b6eae17cad91650078c7f5413a
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Apr 30 13:54:42 2020 -0400
rna: Updating dev notes to describe usage
Mike Stepanek (mstepane) [Tue, 5 May 2020 13:47:52 +0000 (13:47 +0000)]
Merge pull request #2192 in SNORT/snort3 from ~KATHARVE/snort3:h2i_concurrent_files to master
Squashed commit of the following:
commit
fa388955bae45e95f80034a69f010a7fa9b5a84b
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Apr 30 09:21:22 2020 -0400
file_api: mark processing of file complete after type detection if signature not enabled
commit
2aff0ce2b10432111d836a82537187e2676be998
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Apr 30 09:20:06 2020 -0400
http2_inspect: add peg count to track max concurrent http2 file transfers
Mike Stepanek (mstepane) [Tue, 5 May 2020 13:32:34 +0000 (13:32 +0000)]
Merge pull request #2196 in SNORT/snort3 from ~KATHARVE/snort3:hpack_fix to master
Squashed commit of the following:
commit
1d7269ff9265e9f562ce980fed45b19afbed394f
Author: Katura Harvey <katharve@cisco.com>
Date: Fri May 1 10:25:37 2020 -0400
http2_inspect: protect against unexpected eval calls
Shravan Rangarajuvenkata (shrarang) [Mon, 4 May 2020 02:17:18 +0000 (02:17 +0000)]
Merge pull request #2195 in SNORT/snort3 from ~SATHIRKA/snort3:tunneled_session_metadata to master
Squashed commit of the following:
commit
dce8ec78a6c30495e0233a8622c200b236ceb3fe
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Apr 28 14:43:16 2020 -0400
appid: Extract metadata for tunneled HTTP session
Masud Hasan (mashasan) [Fri, 1 May 2020 19:40:14 +0000 (19:40 +0000)]
Merge pull request #2186 in SNORT/snort3 from ~RUTIAN/snort3:stash_captive_portal to master
Squashed commit of the following:
commit
3be74831ae44aba42fbe37601511fc501d456ddc
Author: Ruiqi Tian <rutian@cisco.com>
Date: Tue Apr 28 21:11:02 2020 -0400
memory: expose memory_cap.h to plugins
Steve Chew (stechew) [Fri, 1 May 2020 13:05:34 +0000 (13:05 +0000)]
Merge pull request #2182 in SNORT/snort3 from ~STECHEW/snort3:retry_in_appid to master
Squashed commit of the following:
commit
2051a456ec98881eb3f9c4bf72c8d208700e804e
Author: Steve Chew <stechew@cisco.com>
Date: Wed Apr 29 23:19:24 2020 -0400
appid: Make unit tests multithread safe.
commit
b11c6c8c20b671e2645adbf9c1ac779223927e97
Author: Steve Chew <stechew@cisco.com>
Date: Fri Apr 24 18:35:12 2020 -0400
appid: On API call store new values and publish an event for them immediately.
commit
5d5fdc18224e6e0b927080ebdf9c8761139b9e20
Author: Steve Chew <stechew@cisco.com>
Date: Wed Apr 22 17:10:15 2020 -0400
appid: Do not process retry packets but continue processing future packets in AppId.
Mike Stepanek (mstepane) [Thu, 30 Apr 2020 20:49:57 +0000 (20:49 +0000)]
Merge pull request #2193 in SNORT/snort3 from ~MDAGON/snort3:leftover_wpadding to master
Squashed commit of the following:
commit
0fde3b3bea2241a9b0d76d03ffee08ac606b8be4
Author: mdagon <mdagon@cisco.com>
Date: Wed Apr 29 14:54:52 2020 -0400
http2_inspect: fix handling leftover data with padding
Shravan Rangarajuvenkata (shrarang) [Thu, 30 Apr 2020 15:45:42 +0000 (15:45 +0000)]
Merge pull request #2188 in SNORT/snort3 from ~SATHIRKA/snort3:tls_decryption to master
Squashed commit of the following:
commit
ea235de539cf4d7a36d07983133e1137e8fcccd1
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Apr 29 11:39:52 2020 -0400
appid: Update miscellaneous appid on first decrypted packet
Bhagya Tholpady (bbantwal) [Wed, 29 Apr 2020 14:04:03 +0000 (14:04 +0000)]
Merge pull request #2185 in SNORT/snort3 from ~BBANTWAL/snort3:sort_inspectors to master
Squashed commit of the following:
commit
5ab5610b9202d21193722a4a3957d84e851a3fa5
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Apr 27 18:49:47 2020 -0400
managers: sort the inspector list in inspection policy using the instance name
sort the inspector instances in inspection policy by name rather
than type to obtain an alphabetically sorted verbose inspector
config output.
Michael Altizer (mialtize) [Tue, 28 Apr 2020 16:18:26 +0000 (16:18 +0000)]
Merge pull request #2160 in SNORT/snort3 from ~SELYSENK/snort3:ccache to master
Squashed commit of the following:
commit
3b028188e6ee898c891f27ab7950251db147e94d
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Tue Apr 14 05:37:57 2020 -0400
build: add support for ccache
Russ Combs (rucombs) [Tue, 28 Apr 2020 14:52:46 +0000 (14:52 +0000)]
Merge pull request #2181 in SNORT/snort3 from ~RUCOMBS/snort3:more_meta to master
Squashed commit of the following:
commit
aac87fdd266361917e23a8f4490eaadbdd4a72b7
Author: russ <rucombs@cisco.com>
Date: Sat Apr 25 12:20:02 2020 -0400
so rules: allow #fragments in references in so rule stubs
Disallow # comments within so rule stub options since #frags in
references were interpreted as comments. Need to refactor the main
parser to support this case.
commit
41e61ea2f0639ff68fd85e4989d4e5b83b40dc60
Author: russ <rucombs@cisco.com>
Date: Fri Apr 24 17:28:52 2020 -0400
parameter: reject reals assigned to ints
commit
f7b6c8b83ec5609f92d4b270a3d4c53db064cd6b
Author: russ <rucombs@cisco.com>
Date: Wed Apr 22 16:46:38 2020 -0400
snort: convert --dump-rule-{meta,state,deps} to json format
commit
113228ee427c78785959445c2e56eb376c0e5478
Author: russ <rucombs@cisco.com>
Date: Thu Apr 23 09:46:12 2020 -0400
json: add stream formatter helper
commit
5a47d3ea423fe3dccdd7045b603fbfae01a09250
Author: russ <rucombs@cisco.com>
Date: Wed Apr 22 13:06:31 2020 -0400
snort: add classtype, priority, and references to --dump-rule-meta output
George Koikara (gkoikara) [Tue, 28 Apr 2020 04:57:13 +0000 (04:57 +0000)]
Merge pull request #2159 in SNORT/snort3 from ~PSREENAT/snort3:CSCvs97794 to master
Squashed commit of the following:
commit
ea62e068b25994685594f58da709c4589064500d
Author: Prajwal Srinivas Sreenath <psreenat@cisco.com>
Date: Tue Apr 14 05:00:22 2020 -0400
stream: Fix for stream pegs dumping zero values into perf_monitor_base.csv
Mike Stepanek (mstepane) [Mon, 27 Apr 2020 20:31:26 +0000 (20:31 +0000)]
Merge pull request #2175 in SNORT/snort3 from ~MDAGON/snort3:multi to master
Squashed commit of the following:
commit
5f3627d7056532a4388cf8a957a2785d28a789ea
Author: mdagon <mdagon@cisco.com>
Date: Fri Apr 10 13:53:59 2020 -0400
http2_inspect: support stream multiplexing
Mike Stepanek (mstepane) [Mon, 27 Apr 2020 19:27:36 +0000 (19:27 +0000)]
Merge pull request #2180 in SNORT/snort3 from ~DERAMADA/snort3:h2i_clear_padding_flag to master
Squashed commit of the following:
commit
f513b97ed307fbc72dd0b31d6bfa70dba0e06b7e
Author: deramada <deramada@cisco.com>
Date: Thu Apr 23 15:49:22 2020 -0400
http2_inspect: update padding check only for header and data frames
Mike Stepanek (mstepane) [Mon, 27 Apr 2020 19:24:19 +0000 (19:24 +0000)]
Merge pull request #2176 in SNORT/snort3 from ~KATHARVE/snort3:h2i_file to master
Squashed commit of the following:
commit
411b5c0939961bb2a96f45f988bc920c25c8f104
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Apr 20 13:55:27 2020 -0400
http_inspect: add support for http2 file processing
George Koikara (gkoikara) [Mon, 27 Apr 2020 04:12:24 +0000 (04:12 +0000)]
Merge pull request #2173 in SNORT/snort3 from ~DIPANDIT/snort3:stat_issue to master
Squashed commit of the following:
commit
5d96d28c82120cb6ee2e9babdc844c3f4bb3cacd
Author: Dipto Pandit <dipandit@cisco.com>
Date: Mon Apr 20 02:28:45 2020 -0400
file_api: fixing file stats
file stats were changing each time dump_stats called, as it was never
reset. clearing the stats when dumping is done.
Michael Altizer (mialtize) [Thu, 23 Apr 2020 16:12:51 +0000 (16:12 +0000)]
Merge pull request #2179 in SNORT/snort3 from ~MIALTIZE/snort3:3_0_1_build_2 to master
Squashed commit of the following:
commit
0e72d23267ca0d938d9bcb94273cf92e8cf93fac
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 23 11:44:18 2020 -0400
build: generate and tag 3.0.1 build 2
Michael Altizer (mialtize) [Thu, 23 Apr 2020 15:13:12 +0000 (15:13 +0000)]
Merge pull request #2140 in SNORT/snort3 from ~DAVMCPHE/snort3:reload_attribute_table to master
Squashed commit of the following:
commit
ffb923e26e17961fac352b54357f9fd2707e0b73
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Apr 8 11:11:59 2020 -0400
target_based: refactor to load host attribute table from file
target_based: refactor host attribute table logic into a c++ class, eliminate dead code
target_based: refactor to improve design of the host attribute classes
Shravan Rangarajuvenkata (shrarang) [Thu, 23 Apr 2020 02:02:56 +0000 (02:02 +0000)]
Merge pull request #2177 in SNORT/snort3 from ~KAMURTHI/snort3:http2-tp-processing to master
Squashed commit of the following:
commit
94fa65fd1b7138aae115e72945de1b3623bc7665
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Wed Apr 22 09:34:51 2020 -0400
appid: remove thirdparty processing for http2 traffic
Bhagya Tholpady (bbantwal) [Tue, 21 Apr 2020 17:30:41 +0000 (17:30 +0000)]
Merge pull request #2129 in SNORT/snort3 from ~SELYSENK/snort3:verbose_output to master
Squashed commit of the following:
commit
d09df74ea4a243e502ba15b7b246ad1c53eeb185
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Mon Apr 13 09:38:56 2020 -0400
managers: print inspectors' config output for every inspection policy configured
For each inspection policy print lua file name and policy id and dump
inspectors' config within that policy.
Steve Chew (stechew) [Tue, 21 Apr 2020 14:25:53 +0000 (14:25 +0000)]
Merge pull request #2155 in SNORT/snort3 from ~SBAIGAL/snort3:show_plugins to master
Squashed commit of the following:
commit
1b3e79195b4c3ea23bd24b3177a71a2ded085e64
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Mon Apr 13 11:55:20 2020 -0400
plugin_manager: make sure --show-plugins option picks up SO plugins
Steve Chew (stechew) [Tue, 21 Apr 2020 14:07:23 +0000 (14:07 +0000)]
Merge pull request #2157 in SNORT/snort3 from ~BBANTWAL/snort3:latency_fixes to master
Squashed commit of the following:
commit
58ed84f405600b31ff40e34e584b83ba425a5c80
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Apr 15 10:57:44 2020 -0400
latency: use test_timeout config option to deterministically trigger latency events for ifdef REG_TEST
commit
f88468caba4dacb779eb722f0a2f706f0a9de5da
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Apr 13 08:28:26 2020 -0400
latency: check if ip header is present before deferring it
Shravan Rangarajuvenkata (shrarang) [Mon, 20 Apr 2020 22:29:04 +0000 (22:29 +0000)]
Merge pull request #2156 in SNORT/snort3 from ~KAMURTHI/snort3:http2_multi_stream to master
Squashed commit of the following:
commit
af68aa5f7982ddeaa6d628dd21f9df6fd05192d6
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Apr 20 00:14:50 2020 -0400
appid: Changing sessionAPI to accomodate stream_index
Shravan Rangarajuvenkata (shrarang) [Mon, 20 Apr 2020 15:09:29 +0000 (15:09 +0000)]
Merge pull request #2171 in SNORT/snort3 from ~SATHIRKA/snort3:cert_viz_api to master
Squashed commit of the following:
commit
223fb2d6095510a409ad14361e40d9b96adabb8d
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Apr 1 17:45:26 2020 -0400
appid: Support org unit in SSL lookup API and do not overwrite the API provided data
Shravan Rangarajuvenkata (shrarang) [Mon, 20 Apr 2020 01:28:21 +0000 (01:28 +0000)]
Merge pull request #2133 in SNORT/snort3 from ~CLJUDGE/snort3:mark_service_unknown_if_only_client_sends_data to master
Squashed commit of the following:
commit
d28c407da03e2a6e9ad3d6becddae6cbf3140d00
Author: Cliff Judge <cljudge@cisco.com>
Date: Tue Apr 14 22:58:44 2020 -0400
appid: setting up packet counters to make sure flows with one-way data don't pend forever
Mike Stepanek (mstepane) [Fri, 17 Apr 2020 20:32:25 +0000 (20:32 +0000)]
Merge pull request #2161 in SNORT/snort3 from ~DERAMADA/snort3:h2i_discard_split_preface to master
Squashed commit of the following:
commit
f8545189f4980ad464cc7acbae782de0fe393c77
Author: deramada <deramada@cisco.com>
Date: Tue Apr 14 10:54:50 2020 -0400
http2_inspect: discard split connection preface
Ron Dempster (rdempste) [Fri, 17 Apr 2020 20:31:53 +0000 (20:31 +0000)]
Merge pull request #2169 in SNORT/snort3 from ~RDEMPSTE/snort3:remove_qos_from_firewall to master
Squashed commit of the following:
commit
40b91128051a27ef58af8b2963927cd550ab9227
Author: rdempste <rdempste@cisco.com>
Date: Thu Apr 16 16:20:23 2020 -0400
snort2lua: make qos configuration values deleted from firewall
Mike Stepanek (mstepane) [Fri, 17 Apr 2020 19:53:32 +0000 (19:53 +0000)]
Merge pull request #2172 in SNORT/snort3 from ~DERAMADA/snort3:log_daq_batch_size to master
Squashed commit of the following:
commit
d9d85d283835bccfa0d0b0b3dcb93136e27c9950
Author: deramada <deramada@cisco.com>
Date: Fri Apr 17 11:43:31 2020 -0400
packet_io: log daq batch size
Shravan Rangarajuvenkata (shrarang) [Fri, 17 Apr 2020 17:25:40 +0000 (17:25 +0000)]
Merge pull request #2167 in SNORT/snort3 from ~SATHIRKA/snort3:quic_url to master
Squashed commit of the following:
commit
e860159967cce1faafd932e2684fc88f8d9fabe1
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Aug 28 10:35:10 2019 -0400
appid: Populate url for QUIC sessions by extracting QUIC SNI metadata from third-party
Masud Hasan (mashasan) [Fri, 17 Apr 2020 16:48:17 +0000 (16:48 +0000)]
Merge pull request #2152 in SNORT/snort3 from ~MMATIRKO/snort3:flowalloc to master
Squashed commit of the following:
commit
c23b6251fdf1c653781ef3088cca5108fc0b2684
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Apr 9 15:26:00 2020 -0400
flow: track allocations for each flow, update cap_weights
projects / thirdparty / snort3.git / log
