]>
git.ipfire.org Git - thirdparty/snort3.git/log
Michael Matirko (mmatirko) [Mon, 13 Jan 2025 22:26:20 +0000 (22:26 +0000)]
Pull request #4558: main: support an instance ID dump for multiprocess
Merge in SNORT/snort3 from ~MMATIRKO/snort3:instance_id to master
Squashed commit of the following:
commit
e6fd2fbf34761266266520c3a470285d3fad4673
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Dec 19 15:48:00 2024 -0500
main: support an instance ID dump per-thread
Ashutosh Gupta (ashugup3) [Fri, 10 Jan 2025 08:27:57 +0000 (08:27 +0000)]
Pull request #4553: shadowtraffic_aggregator: Implemented header definitions
Merge in SNORT/snort3 from ~ASHUGUP3/snort3:shadow_traffic_master to master
Squashed commit of the following:
commit
e0a2ec29595b80164609c63f313e46bbff819ae5
Author: ashutosh <ashugup3@cisco.com>
Date: Wed Dec 18 14:14:04 2024 +0530
shadowtraffic_aggregator: Implemented header defintions
Juweria Ali Imran (jaliimra) [Tue, 7 Jan 2025 21:29:22 +0000 (21:29 +0000)]
Pull request #4548: stream_tcp: initialize 3whs normalizer for peer tracker separately
Merge in SNORT/snort3 from ~JALIIMRA/snort3:init_peer_tracker_norm to master
Squashed commit of the following:
commit
330edd264c0d87c0f04e2e913e28c6bcd8de3903
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Mon Dec 16 16:44:33 2024 -0500
stream_tcp: initialize 3whs normalizer for peer tracker separately
Pull request #4552: stream_tcp: evaluate flush policy on asymmetric connections when the connection closes or the tcp session is cleared
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_asymmetric_ids_tweaks to master
Squashed commit of the following:
commit
9f263828231d4721e508406852f0d3292c0d6075
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Nov 21 13:57:05 2024 -0500
stream_tcp: evaluate flush policy on asymmetric connections when the connection closes or the tcp session is cleared
check for asymmetric connection when doing a final flush
Russ Combs (rucombs) [Tue, 7 Jan 2025 14:49:39 +0000 (14:49 +0000)]
Pull request #4561: Tsanity1
Merge in SNORT/snort3 from ~RUCOMBS/snort3:tsanity1 to master
Squashed commit of the following:
commit
ddec702eca36358fe5238fa2cee3664bc20d0f9d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Dec 19 09:47:37 2024 -0500
data_bus: fix publisher registration data races
commit
da6d5590d82cd4d123029f00e4b18d4de46bf72d
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Dec 19 07:42:03 2024 -0500
hyperscan: fix debug log tsan issue
Pull request #4555: js_norm: fix int code overflow
Merge in SNORT/snort3 from ~ANOROKH/snort3:js_norm_int_code_overflow to master
Squashed commit of the following:
commit
fa6d223a340d7c5dae2f35327ec87d6fead07aa3
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Nov 27 18:50:18 2024 +0200
js_norm: add stoi out of range exception handling
Russ Combs (rucombs) [Mon, 6 Jan 2025 17:11:35 +0000 (17:11 +0000)]
Pull request #4551: Api Tweaks
Merge in SNORT/snort3 from ~RUCOMBS/snort3:api_tweaks to master
Squashed commit of the following:
commit
50b83b5e26510b702a5c896fe02198a09f024f53
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:24:58 2024 -0500
tcp_pdu: rename to tlv_pdu
commit
325cbe349a3c4065244d82d391bad748d40e6d6f
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:13:33 2024 -0500
data_bus: remove unsubscribe methods
commit
f37fc721d0417d20ef6679ad7871c8b06b187bf2
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Dec 16 11:13:06 2024 -0500
ips: add access to Event references
Priyanka Bangalore Gurudev (prbg) [Mon, 23 Dec 2024 16:25:38 +0000 (16:25 +0000)]
Pull request #4559: build: generate and tag 3.6.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.6.1.0 to master
Squashed commit of the following:
commit
56bf8a27d2efecab8c123e0a775bc6f2b1348f51
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun Dec 22 20:12:57 2024 -0500
build: generate and tag 3.6.1.0
Rishabh Duggal (riduggal) [Wed, 18 Dec 2024 11:41:51 +0000 (11:41 +0000)]
Pull request #4476: dns: adding fallback functionality
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:dns_fallback to master
Squashed commit of the following:
commit
9ef5c14e1f1ebc5d2b62e23326bc10c6de931b29
Author: riduggal <riduggal@cisco.com>
Date: Tue Oct 8 10:29:36 2024 +0000
dns: adding fallback functionality
Pull request #4539: main: Improve logging reload_config arguments
Merge in SNORT/snort3 from ~JAIMEACA/snort3:improve_logging_reload_config_arguments to master
Squashed commit of the following:
commit
1f109f003269d60a986b7dcb7b640a2ec8340c0f
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Tue Dec 10 15:16:06 2024 -0500
main: improve logging reload_config arguments
Pull request #4481: Include FP detection time in ConnProfiling
Merge in SNORT/snort3 from ~VIIZHYK/snort3:fp_detection to master
Squashed commit of the following:
commit
fb421c5addc2cc9b687155e735b88cffaddbd63c
Author: viizhyk <viizhyk@cisco.com>
Date: Mon Dec 16 13:14:31 2024 -0500
inspector_manager: Refactored instrumentation code of connection profiling.
Pull request #4525: stream_tcp: refactor tcp reasseabler class structure and init to avoid thread data race scenarios
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_ignore_tsan_fix to master
Squashed commit of the following:
commit
25a35b3442f010d4d242b27e18fde5d9e2ac61f3
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Nov 19 14:49:46 2024 -0500
stream_tcp: refactor tcp reasseabler class structure and init to avoid thread data race scenarios
Andres Avila Segura (aavilase) [Fri, 13 Dec 2024 20:01:54 +0000 (20:01 +0000)]
Pull request #4517: pop: adding wrong bytes threshold to determine if pop splitter should fallback
Merge in SNORT/snort3 from ~AAVILASE/snort3:pop_inspector_fallback_functionality to master
Squashed commit of the following:
commit
38022a1ce200493ee3f61d72674c505c4f0b4687
Author: Andres Avila <aavilase@cisco.com>
Date: Thu Nov 7 11:51:21 2024 -0500
pop: adding wrong bytes threshold to determine if pop splitter should fallback
Andres Avila Segura (aavilase) [Fri, 13 Dec 2024 19:27:49 +0000 (19:27 +0000)]
Pull request #4526: smtp: smtp inspector fallback functionality for invalid commands and responses
Merge in SNORT/snort3 from ~AAVILASE/snort3:smtp_inspector_fallback_functionality to master
Squashed commit of the following:
commit
a6a911df8240625796685f3b43f23cd3a00cd5bd
Author: Andres Avila <aavilase@cisco.com>
Date: Tue Nov 19 08:32:53 2024 -0500
smtp: smtp inspector fallback functionality for invalid commands and responses
Pull request #4544: appid: Extended error log in controlcon.
Merge in SNORT/snort3 from ~VIIZHYK/snort3:controlcon_log to master
Squashed commit of the following:
commit
8fde0b7a2381b41adc6b07b9b8378be7b342d227
Author: viizhyk <viizhyk@cisco.com>
Date: Fri Dec 13 04:39:48 2024 -0500
appid: Enhanced control error message with additional info.
Pull request #4542: Enable parse warning for plugin loading
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fix_static_build to master
Squashed commit of the following:
commit
cc436080f672ff6ed30899493d3fd340d1c1963f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Dec 10 10:02:05 2024 +0200
log: print all warnings before command line is parsed
commit
f8d595f5517c2990037a0a59ac47fb16c564cdd2
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Dec 9 17:02:24 2024 +0200
build: include/exclude snort_ml module conditionally
Pull request #4541: file_api: three files evaluation fix
Merge in SNORT/snort3 from ~OTORUBAR/snort3:three_files_evaluation_fix to master
Squashed commit of the following:
commit
a84f98875d465b61f2ced2e58080b6e18804fe7e
Author: otorubar <otorubar@cisco.com>
Date: Mon Dec 9 03:19:28 2024 -0800
file_api: add re_eval flag to fileinfo
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Dec 2024 02:06:35 +0000 (02:06 +0000)]
Pull request #4535: build: generate and tag 3.6.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.6.0.0 to master
Squashed commit of the following:
commit
8e251139bb57e5f6edcfaeaa96a48d70a169b0a1
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Dec 3 21:44:27 2024 -0500
build: generate and tag 3.6.0.0
Pull request #4522: http_inspect, mime: add hostname and url for http/mime file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:mime_file_processing to master
Squashed commit of the following:
commit
5f58cc4b19b587bc101ae21d9dd22543cc037f88
Author: otorubar <otorubar@cisco.com>
Date: Fri Nov 1 12:02:18 2024 -0700
http_inspect, mime: add hostname and url for http with mime
Pull request #4531: bufferlen: reset "relative" flag in module::begin method
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:bufferlen_reinit to master
Squashed commit of the following:
commit
f86e73e67019cc5d99758284b68ebf89ce5b8182
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 27 12:48:19 2024 +0200
bufferlen: reset "relative" flag in module::begin method
commit
256ee2c838d7b44f77e7afaee64a12b86f5ad43f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 27 14:35:52 2024 +0200
ips_options: update module::begin and other in several ips options
Pull request #4532: connectors: suppress cppcheck warning in std_connector test
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_conn_fix to master
Squashed commit of the following:
commit
ad96b5a1d67122607075d6883f862f4ef54eb765
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Nov 27 15:40:42 2024 +0200
connectors: fix cppcheck warning in std_connector test
Rishabh Choudhary (rishacho) [Wed, 27 Nov 2024 03:02:25 +0000 (03:02 +0000)]
Pull request #4524: main: remove mutex from snort command to show snort cpu
Merge in SNORT/snort3 from ~RISHACHO/snort3:snort_cpu_fix to master
Squashed commit of the following:
commit
18b3cc1bddd7ee90e287dd8c08c1aa5c3388897e
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed Nov 20 19:02:22 2024 +0530
main: remove mutex from snort command to show snort cpu
Pull request #4514: extractor: replace Writer with Connector
Merge in SNORT/snort3 from ~VHORBATO/snort3:extractor_conn to master
Squashed commit of the following:
commit
471be3fed9f5dd10ed724fdb10d338a5d6a9466e
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Nov 20 18:41:45 2024 +0200
extractor: update thread initialization
commit
3e87e761431d77f39abd4c1ea6183a49f3c0b18b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Nov 7 17:13:43 2024 +0200
build: update docs about the bump of C++ compiler supported feature set requirement
commit
1cc99e4e1d7784beb046449697b33324c0ba622d
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed Nov 13 11:56:40 2024 +0200
connectors: update config transition
commit
190e9bb3ce86ee9cdc43414ab2e592b334d83c2e
Author: vhorbato <vhorbato@cisco.com>
Date: Tue Nov 5 19:08:51 2024 +0200
connectors: add metadata support to Connector API
commit
3df7a97195f51463bd881b6decd378d6a32b18b6
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 30 14:44:24 2024 +0200
connectors: add std I/O connector
commit
e5aa4bf71a73cc42824b37448f7a62eca2abea52
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 30 14:40:57 2024 +0200
extractor: replace writer with connector
commit
4a43a077933c59c88677cdb827a72ab77919b7a9
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 28 18:03:45 2024 +0200
extractor: make csv formatter call writer only once
commit
b2c5a3e2075af951c3554b09e8d087b0979f557e
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 23 14:07:58 2024 +0300
extractor: make logger thread_local
Adrian Mamolea (admamole) [Tue, 26 Nov 2024 12:09:54 +0000 (12:09 +0000)]
Pull request #4523: analyzer: add logging for resource tuning progress
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:reload_tuner2 to master
Squashed commit of the following:
commit
8d93eee846ae6a585cf86db11b5316f35ca5fe27
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Nov 19 11:15:03 2024 -0500
analyzer: add logging for resource tuning progress
Brandon Stultz (brastult) [Mon, 25 Nov 2024 12:54:06 +0000 (12:54 +0000)]
Pull request #4516: http_inspect: remove semicolon http_param delimiter
Merge in SNORT/snort3 from ~BRASTULT/snort3:http_param_delim to master
Squashed commit of the following:
commit
bc450cd810193622688ffd750c6feda501215f8d
Author: Brandon Stultz <brastult@cisco.com>
Date: Mon Nov 11 13:58:30 2024 -0500
http_inspect: remove semicolon http_param delimiter
Maya Dagon (mdagon) [Mon, 25 Nov 2024 12:00:34 +0000 (12:00 +0000)]
Pull request #4509: Publish end of flow
Merge in SNORT/snort3 from ~MDAGON/snort3:conn_event to master
Squashed commit of the following:
commit
bf95668b7ea4fc66c9afcebcf658ae3fa1f78949
Author: maya dagon <mdagon@cisco.com>
Date: Fri Oct 25 14:13:30 2024 -0400
flow: publish flow end event
Andres Avila Segura (aavilase) [Thu, 21 Nov 2024 13:44:24 +0000 (13:44 +0000)]
Pull request #4493: appid: adding full path to read list of lua detectors
Merge in SNORT/snort3 from ~AAVILASE/snort3:reduce_appid_test_load_time to master
Squashed commit of the following:
commit
fe548a9e96f666fe57435bf404faac94d58a85bf
Author: Andres Avila Segura <aavilase@cisco.com>
Date: Wed Oct 23 12:39:40 2024 -0400
appid: adding full path to read list of lua detectors
Pull request #4519: file_api: add unit-tests to cover new FileInfo methods
Merge in SNORT/snort3 from ~OTORUBAR/snort3:suppress_unused_functions_errors to master
Squashed commit of the following:
commit
2ae7fbbf689f31d1e374d70da5779b7627e295e7
Author: otorubar <otorubar@cisco.com>
Date: Fri Nov 15 07:59:17 2024 -0800
file_api: add unit tests for fileinfo methods
Priyanka Bangalore Gurudev (prbg) [Wed, 20 Nov 2024 02:52:37 +0000 (02:52 +0000)]
Pull request #4521: build: generate and tag 3.5.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.2.0 to master
Squashed commit of the following:
commit
c223b85dcf4ad5c6bd8690c36b2f5452b0ba84fc
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Nov 18 20:50:28 2024 -0500
build: generate and tag 3.5.2.0
Pull request #4510: stream_tcp: initialize the daq_instance field in the meta-ack pseudo-packet
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:meta_ack_init_daq_instance to master
Squashed commit of the following:
commit
c46a154c9f67df88376fb9ac999b6602c9fa5e72
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Nov 6 11:19:17 2024 -0500
stream_tcp: initialize the daq_instance field in the Packet instance allocated for a meta-ack to the value from the wire packet
Pull request #4518: extractor: fix platforms run
Merge in SNORT/snort3 from ~ANOROKH/snort3:extr_fix_platform to master
Squashed commit of the following:
commit
d816b984d5c458e30b9df6dd5ab156b063af6e15
Author: anorokh <anorokh@cisco.com>
Date: Thu Nov 14 11:41:36 2024 +0200
extractor: include type support header explicitly
Pull request #4515: file_api: add helper methods to unset a FileInfo::is_filename_set flag and reset FileInfo::sha256 for file re-evaluation
Merge in SNORT/snort3 from ~OTORUBAR/snort3:file_cache_fix to master
Squashed commit of the following:
commit
b3d0034c497eab42dd06bcb41f2746f7357e937f
Author: otorubar <otorubar@cisco.com>
Date: Thu Nov 7 13:59:03 2024 -0800
file_api: add helper methods to unset filename and reset sha
Shijin Bose (shibose) [Wed, 13 Nov 2024 16:57:41 +0000 (16:57 +0000)]
Pull request #4445: sip: Parse all the sip method defined
Merge in SNORT/snort3 from ~SHIBOSE/snort3:sip_parse to master
Squashed commit of the following:
commit
9ad19022df7840a0b44c28b300d65217f7fe603a
Author: shibose <shibose@cisco.com>
Date: Thu Sep 12 05:40:57 2024 +0000
sip: parse all the SIP methods defined
Brandon Stultz (brastult) [Wed, 13 Nov 2024 09:09:46 +0000 (09:09 +0000)]
Pull request #4513: decompress: handle ZIP central directory and invalid local file headers
Merge in SNORT/snort3 from ~BRASTULT/snort3:zip_central_dir to master
Squashed commit of the following:
commit
18fa67b9dee2dc3effc41138788a12824265bdaf
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue Nov 5 16:17:57 2024 -0500
decompress: handle ZIP central directory
Michael Matirko (mmatirko) [Tue, 12 Nov 2024 18:14:46 +0000 (18:14 +0000)]
Pull request #4508: [Multiprocess] thread: get_relative_instance_number now zero-based
Merge in SNORT/snort3 from ~MMATIRKO/snort3:mp_id to master
Squashed commit of the following:
commit
4ac2befd5591bd5526f84b8d2d483e16d98de1e9
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Nov 1 20:42:56 2024 -0400
thread: get_relative_instance_number now zero-based
Pull request #4505: extractor: add ftp logging
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_ftp to master
Squashed commit of the following:
commit
56210e0e89a4ab1cafb2fa6f03f5ec8d5a4105c9
Author: anorokh <anorokh@cisco.com>
Date: Thu Oct 31 12:27:46 2024 -0400
extractor: address review comments
commit
11c34c621d2d08318c663dd049c3e6823fb47db6
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Oct 31 14:08:31 2024 +0200
extractor: move internal stuff out of snort namespace
commit
6b9bc7780c3badafb317158e1f0f27cbff1a3da5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Oct 31 12:00:58 2024 +0200
extractor: fix memory management
The inspector owns service/event extractor instances.
Data handlers are split from instances and managed by data bus only.
Flow data bumps the inspector's reference count.
commit
ae80500b23ba88b835e0560c1ccbf8e99c7c041f
Author: anorokh <anorokh@cisco.com>
Date: Tue Oct 29 08:13:53 2024 -0400
ftp: reset cmd_size when reset cmd_str
commit
9ceac98772e6bb86404976162f3ca8ea6dcdf67e
Author: anorokh <anorokh@cisco.com>
Date: Mon Oct 28 11:58:00 2024 -0400
extractor: log on last response
commit
4b21cebdd076b810b4c11f1606cf47fd163f045c
Author: anorokh <anorokh@cisco.com>
Date: Thu Oct 24 05:14:09 2024 -0400
extractor: refactor code
* rename field types
* keep flow data intact to log multiple responses
* reorder list of commands for more effective search
commit
b279b45af550dcf7f671fdc88817f5476376afc5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 17:43:52 2024 +0300
extractor: enable logging for FTP aggregated event
commit
e025bf510a92e4eca3da7cdd69cb520373a6c43d
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 17:19:48 2024 +0300
extractor: delete unused headers
commit
5578678ba65ddadb06ef8ec2229318635fbdee2a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 21 14:07:34 2024 +0300
extractor: event handlers subscribe by themselves
Flow data augmented with a callback to dump data whenever the flow gets deleted.
commit
a67039d4d80d81e60f9d3c3e50b68756e9f83e61
Author: anorokh <anorokh@cisco.com>
Date: Tue Oct 15 06:07:49 2024 -0400
extractor: add user field
commit
ade23b33e79dc1489b3e1c66c328b895584ef3cf
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 15:00:59 2024 +0300
extractor: add imaginary transaction event to FTP
commit
ea5869b7ff24e5426b7a0e0b97fc52f8e489fba0
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 10:49:02 2024 -0400
extractor: update dev_notes.txt
commit
c342f3d43fec88f1969128f52468664ba5707da9
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Oct 23 18:00:50 2024 +0300
doc: add a page about data logging feature
commit
349a85e29ed832050aa4e7661e66929e06f07fc5
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Oct 14 11:14:22 2024 +0300
extractor: rearrange source files
commit
b17b1e5720e4843b2b4137a529dc1291f8282dbd
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Oct 11 12:30:28 2024 +0300
extractor: introduce flow data
Move enums to common place.
commit
7892d2a5c53166e29fbf4f373855085d8cdbf43f
Author: anorokh <anorokh@cisco.com>
Date: Wed Oct 9 14:29:00 2024 -0400
extractor: add ftp service implementation
Priyanka Bangalore Gurudev (prbg) [Thu, 7 Nov 2024 15:54:48 +0000 (15:54 +0000)]
Pull request #4511: build: generate and tag 3.5.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.1.0 to master
Squashed commit of the following:
commit
ad0968bb1e19953ef2a3483355ad08d0ca99e053
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Nov 6 12:32:14 2024 -0500
build: generate and tag 3.5.1.0
Pull request #4497: stream_tcp: fix core cause by seglist with nullptr value in TcpReassemblerIgnore
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_core_fix2 to master
Squashed commit of the following:
commit
136be196a094fb3b909b5a5e79b0ae2ba70f8556
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Oct 29 17:09:49 2024 -0400
stream_tcp: pass tracker and seglist to TcpReassembler* as refs, define dummy tracker & seglist for use by TcpReassemblerIgnore
Pull request #4496: doc: add details regarding RTN evaluation
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:ips_eval_doc_upd to master
Squashed commit of the following:
commit
d2945e9cf99f3b171cbe8d90e2d3393291128b02
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Oct 29 17:42:37 2024 +0200
doc: add details regarding RTN evaluation
Shijin Bose (shibose) [Thu, 31 Oct 2024 13:09:47 +0000 (13:09 +0000)]
Pull request #4499: appid: unit-test added for is_service_over_quic
Merge in SNORT/snort3 from ~SHIBOSE/snort3:quic_white_list_mock to master
Squashed commit of the following:
commit
4188e83312d24a55eaefd8495f8f2f8da3e7830b
Author: shibose <shibose@cisco.com>
Date: Wed Oct 30 12:54:38 2024 +0000
appid: unit-test added for is_service_over_quic
Cliff Judge (cljudge) [Tue, 29 Oct 2024 19:57:31 +0000 (19:57 +0000)]
Pull request #4468: appid: implement an API that allows users to specify values for data items used in lua detectors.
Merge in SNORT/snort3 from ~CLJUDGE/snort3:appid_user_data_map to master
Squashed commit of the following:
commit
e6ce02952acc21c70876dcc3a74f628cf90da339
Author: Cliff Judge <cljudge@cisco.com>
Date: Thu Sep 5 23:38:42 2024 -0400
appid: implement an API that allows users to specify values for data items used in lua detectors.
Pull request #4492: stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ids_asymmetric_tweaks to master
Squashed commit of the following:
commit
3ea41ca77b1fc9f6f1bb775eb01ed784fdc71ad9
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Oct 22 12:10:15 2024 -0400
stream_tcp: when queue limit thresholds are exceeded in IDS mode on asymmetric connections only skip a hole at the beginning of the seglist before flushing
Raza Shafiq (rshafiq) [Tue, 29 Oct 2024 15:22:31 +0000 (15:22 +0000)]
Pull request #4483: flow: new allowlist LRU
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:whitelist_cache to master
Squashed commit of the following:
commit
a1647130533346a651396d00c1d251c294094416
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Oct 2 19:08:52 2024 -0400
flow: new allowlist LRU
Shijin Bose (shibose) [Tue, 29 Oct 2024 11:05:19 +0000 (11:05 +0000)]
Pull request #4495: appid: add new api to check if service is over quic
Merge in SNORT/snort3 from ~SHIBOSE/snort3:quic_white_list to master
Squashed commit of the following:
commit
92bcf5b8b1199b4a135ffa8d664d8603c7fd92f1
Author: shibose <shibose@cisco.com>
Date: Fri Oct 25 08:13:08 2024 +0000
appid: add new api to check if service is over quic
Pull request #4475: http2_inspect: HTTP/2 handle multiple cookie headers
Merge in SNORT/snort3 from ~JAIMEACA/snort3:http2_handle_multiple_cookie to master
Squashed commit of the following:
commit
856c312ef84bee12338f759883bac06d5cc70983
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Tue Oct 8 12:52:29 2024 -0400
http2_inspect: handle multiple cookie header fields
Pull request #4312: appid: add tls_version captured in appid_session
Merge in SNORT/snort3 from ~OPOLUIAN/snort3:appid_navl_opoluian_ssl_version to master
Squashed commit of the following:
commit
d3328cd520f27cf01735a851b48e9fbac29f488f
Author: Oleh Poluianskyi <opoluian@cisco.com>
Date: Thu May 2 03:27:15 2024 +0300
appid: add tls_version capture in appid_session
Bhumika Sachdeva (bsachdev) [Tue, 22 Oct 2024 21:36:28 +0000 (21:36 +0000)]
Pull request #4466: smtp: Fixing the processing of SMTP response in case of encrypted traffic
Merge in SNORT/snort3 from ~BSACHDEV/snort3:smtp_alert_fix to master
Squashed commit of the following:
commit
615507541e02cf81c25c210449f82d37bd41b9e6
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Oct 2 16:12:52 2024 -0400
smtp: Fixing the processing of SMTP response in case of encrypted traffic
Pull request #4486: Add thread instance number to dump_flows control command output
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:add_instance_number to master
Squashed commit of the following:
commit
52fa22e84bfcb080b6f94c95f1401d0778b1ee2a
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Mon Oct 14 18:00:22 2024 -0400
stream: add thread instance number to dump_flows control command output
Pull request #4488: side_channel: fix compiler warning in side channel formatting test
Merge in SNORT/snort3 from ~VHORBATO/snort3:sc_format_warn_fix to master
Squashed commit of the following:
commit
63b51eb539f5eeebc9c5f5897657a8e60fd829a8
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 21 12:05:44 2024 +0300
side_channel: fix compiler warning in side channel formatting test
Pull request #4482: js_norm: add cross-PDU PDF token reassembly
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:js_pdf_token_split to master
Squashed commit of the following:
commit
9bb663ecbe181eec9401428277a80d0068a10801
Author: dkyrylov <dkyrylov@cisco.com>
Date: Thu Oct 10 13:39:45 2024 +0300
js_norm: add cross-PDU PDF token reassembly
Priyanka Bangalore Gurudev (prbg) [Mon, 21 Oct 2024 19:34:27 +0000 (19:34 +0000)]
Pull request #4489: build: generate and tag 3.5.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.5.0.0 to master
Squashed commit of the following:
commit
fcf5ce4eecfe007c2a4ad820ffc78ca26e318d92
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Oct 21 08:01:50 2024 -0400
build: generate and tag 3.5.0.0
Pull request #4462: Connectors API update
Merge in SNORT/snort3 from ~VHORBATO/snort3:connector_upd to master
Squashed commit of the following:
commit
9acdf2c1e2657ff86cdd96ebcadd4af28ac30107
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Oct 8 16:21:02 2024 +0300
connectors: make config object as reference
commit
0e8976d37222ad400feb5529ec336679b52d8b2f
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 2 16:30:52 2024 +0300
managers: update connector manager
- use instance_id instead of a thread_id to access thread connectors
- fix vector corruption in case of a thread restart
commit
c8c1851b046b49f681b1a9f5cff240c18555cef0
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Oct 7 14:00:49 2024 +0300
connectors: fix tsan warning in tcp conector
commit
6904058a46cb899949b6aee45cce0b3335f1de6b
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Oct 2 16:31:56 2024 +0300
connectors: add connector reinitialization functionality
commit
0019e46ea3ecd3fa19129ca45437bedf8a5cb5de
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:15:26 2024 +0300
framework: update Connector interface
* make ConnectorMsg fields const and accessible thru getters
* make ConnectorMsg data lifetime control configurable
* connectors: move message text formatting to SideChannel
* connectors: change transmit_message overloads
commit
ac8bd110f70287ce9c1f03cf84a4ab8f972c2e4b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:24:24 2024 +0300
connectors: fill tcp_connector port number from user-configured list
: fill port number from user-configured list
commit
c6352512967c81d2f31c52da80a7708612079b3b
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:23:19 2024 +0300
main: move Connectors initialization from SideChannel
commit
8e6923fcf6c00a3204cf8d40f929b9bb9c0fdea1
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Sep 26 19:06:53 2024 +0300
connectors: remove MessageHandle abstraction
Michael Matirko (mmatirko) [Tue, 15 Oct 2024 14:59:09 +0000 (14:59 +0000)]
Pull request #4484: main: implement function to grab relative process id
Merge in SNORT/snort3 from ~MMATIRKO/snort3:proc_id to master
Squashed commit of the following:
commit
52dac29650af818dd6d336100f3fb46b468fd854
Author: Michael Matirko <mmatirko@cisco.com>
Date: Fri Oct 11 12:45:56 2024 -0400
main: implement function to grab relative process id
Ron Dempster (rdempste) [Mon, 14 Oct 2024 17:51:58 +0000 (17:51 +0000)]
Pull request #4479: packet_io: set the flow state to block when forcing the session block
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:block_flow_state to master
Squashed commit of the following:
commit
fc47b9301b9d235d493929d0eb746cab06eef574
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Oct 8 11:38:49 2024 -0400
packet_io: set the flow state to block when forcing the session block
Pull request #4470: add filename for ftp file process
Merge in SNORT/snort3 from ~SVLASIUK/snort3:ftp_download to master
Squashed commit of the following:
commit
756cb0d29045470f3d0510b35192c12da2b83f25
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Sep 10 14:16:02 2024 +0300
ftp_telnet: add filename for ftp file processing
Pull request #4400: stream_tcp: fix snort crash when processing held packet on flow when reassembly policy is IGNORE
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_reassembly_rewrite_u3.0 to master
Squashed commit of the following:
commit
4aeb81a4548c117b0d5595b03f5d3a4860ee8c0d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jul 26 12:37:12 2024 -0400
stream_tcp: streamline allocation and release of reassemblers, tweak ips flush_on_data process
stream_tcp: implement ignore flush policy reassembler as a singleton to improve performance,
implement all TcpReassembler base class public methods as virtual methods and override each in
the ignore flush policy subclass to do nothing
Maya Dagon (mdagon) [Fri, 11 Oct 2024 11:28:41 +0000 (11:28 +0000)]
Pull request #4477: Extractor - HTTP fields support: add support for body length, info_code/msg, filename, proxied
Merge in SNORT/snort3 from ~MDAGON/snort3:http_fields to master
Squashed commit of the following:
commit
1fc153936a564191ae716130d477859198d12e2a
Author: maya dagon <mdagon@cisco.com>
Date: Tue Jul 2 11:02:28 2024 -0400
extractor: add support for body length, info_code/msg, filename, proxied
Akhilesh MY (amuttuva) [Fri, 11 Oct 2024 06:59:54 +0000 (06:59 +0000)]
Pull request #4478: main: suppress cppcheck issue
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:supp_lat to master
Squashed commit of the following:
commit
22ffa72119179a38a4bedf9fc32a72db7f0f321a
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Oct 8 09:02:33 2024 -0400
main: suppress cppcheck issue
Umang Sharma (umasharm) [Thu, 10 Oct 2024 21:04:36 +0000 (21:04 +0000)]
Pull request #4471: appid: Reading only required lua detectors for regtests
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_load_time to master
Squashed commit of the following:
commit
722f0b294738e25d3a62ffff1f71cc9673b4b925
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue Oct 1 04:17:46 2024 -0400
appid: Reading and loading only required lua detectors for regtests
Pull request #4454: file_api, http_inspect: set uri for file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:set_uri_for_file_processing to master
Squashed commit of the following:
commit
02350f3bcb2b5d023bed4f74cb707b7ebc7cf3c1
Author: otorubar <otorubar@cisco.com>
Date: Thu Sep 19 04:44:33 2024 -0700
file_api,http_inspect: extract and set hostname for file processing
Akhilesh MY (amuttuva) [Mon, 7 Oct 2024 11:34:23 +0000 (11:34 +0000)]
Pull request #4446: Avoid data race when latency is enabled during flow ip profiling
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:latency_fix to master
Squashed commit of the following:
commit
6539c68b6d81b515cc74bd98d251805a141a47e3
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 12 02:29:55 2024 -0400
perf_monitor,latency: avoid data race when latency is enabled during flow ip profiling
Russ Combs (rucombs) [Fri, 4 Oct 2024 21:28:46 +0000 (21:28 +0000)]
Pull request #4464: snort, search_engine: remove --dump-rule-databases
Merge in SNORT/snort3 from ~RUCOMBS/snort3:rule_db_dir to master
Squashed commit of the following:
commit
453e493024c93e33af63800afa5322e7b47c6013
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Oct 4 07:58:10 2024 -0400
snort: bump minor version for MPSE API change
commit
e2a836a2dcaafd000edebaf275244bd8f5e7424c
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 12 12:28:39 2024 -0400
snort, search_engine: remove --dump-rule-databases
Rules are now automatically dumped to search_engine.rule_db_dir if not
loaded. Combine with snort --mem-check to get equivalent functionality
to --dump-rule-databases.
Russ Combs (rucombs) [Fri, 4 Oct 2024 15:55:59 +0000 (15:55 +0000)]
Pull request #4465: tcp_pdu: new inspector for simple length based flushing
Merge in SNORT/snort3 from ~RUCOMBS/snort3:tcp_pdu to master
Squashed commit of the following:
commit
58b1bc69c07c863d04c446207eb317d99ed1e7fd
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 16 14:06:01 2024 -0400
tcp_pdu: new inspector for simple length based flushing
tcp_pdu provides a generic protocol-aware-flushing capability for PDUs
that contain a length field. The field may be at a configurable offset
from the start of the PDU, it has a configurable length, and may specify
the total length of the PDU or the number of bytes following the length
field.
Russ Combs (rucombs) [Fri, 4 Oct 2024 11:44:56 +0000 (11:44 +0000)]
Pull request #4467: ips: ignore proto when service supersedes ports
Merge in SNORT/snort3 from ~RUCOMBS/snort3:svc_proto to master
Squashed commit of the following:
commit
63858fa7c98027773703bf38a6df9015b62ab238
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Oct 1 10:03:47 2024 -0400
ips: ignore proto when service supersedes ports
Russ Combs (rucombs) [Fri, 4 Oct 2024 01:01:25 +0000 (01:01 +0000)]
Pull request #4439: Require 3whs
Merge in SNORT/snort3 from ~RUCOMBS/snort3:require_3whs to master
Squashed commit of the following:
commit
1fe3d9094bceea1d0f512c5b71c4da92b662407a
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 4 11:56:27 2024 -0400
stream: recheck flow eligibility if session times out
commit
c2456283071ce2a9df50eff31bb7207f85eb0830
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Aug 22 15:44:01 2024 -0400
stream_tcp: move require_3whs to stream to avoid undesired flow creation
Pull request #4463: stream_tcp: implement flush on asymmetric flows in IDS mode when queued bytes exceeds configured threshold
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:ids_asymmetric_support to master
Squashed commit of the following:
commit
97bdb1f6e267a42f2f83dc62444a9c0bf97170ad
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Sep 5 09:30:58 2024 -0400
stream_tcp: implement flush on asymmetric flows in IDS mode when queued bytes exceeds configure threshold
Pull request #4447: main: change help command to print in alphabetical order.
Merge in SNORT/snort3 from ~MMYKHAIL/snort3:help_commands to master
Squashed commit of the following:
commit
8a8144228ce38a2395be33cf5509b6a2847aeae9
Author: Maksym Mykhailov <mmykhail@cisco.com>
Date: Thu Sep 12 09:31:58 2024 -0400
main: change help command to print in alphabetical order.
Pull request #4450: js_norm: allow processing complex nested PDF objects
Merge in SNORT/snort3 from ~YCHALOV/snort3:pdf_tokenizer_improve to master
Squashed commit of the following:
commit
a8a63adb802cc2dc3fa7d3c0eb112993e1845f11
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Sep 9 17:02:21 2024 +0200
js_norm: allow processing complex nested PDF objects
Pull request #4449: pub_sub: add request and response events
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_ftp_event to master
Squashed commit of the following:
commit
45a8734430fa07e7e0898180e82508531efe0cdd
Author: anorokh <anorokh@cisco.com>
Date: Mon Sep 16 16:19:15 2024 +0300
pub_sub: add request and response FTP events
Priyanka Bangalore Gurudev (prbg) [Wed, 25 Sep 2024 21:57:40 +0000 (21:57 +0000)]
Pull request #4458: build: generate and tag 3.3.7.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.7.0 to master
Squashed commit of the following:
commit
f9cd360311cda662584c9d570aa103a26776bd94
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Sep 24 22:06:31 2024 -0400
build: generate and tag 3.3.7.0
Pull request #4451: binder: change binding to have single service
Merge in SNORT/snort3 from ~OSTEPANO/snort3:binder_service to master
Squashed commit of the following:
commit
14207b6c9c45c1eac1494a04589a3891195d3a3d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Sep 18 13:04:28 2024 -0400
binder: change binding to have single service
Pull request #4433: stream_tcp: Do not set global normalizer policy config when proxy mode is enabled
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:start_proxy_config_fix to master
Squashed commit of the following:
commit
7568e72e147ef564ed2ac545f700e25f86823a98
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Sep 10 08:40:34 2024 -0400
stream_tcp: Do not overwrite global normalizer policy config option when proxy mode is enabled
stream_tcp: add assert to verify configured normalizer policy is valid
Pull request #4457: Extractor: flush data
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_flush to master
Squashed commit of the following:
commit
f454e0e1f24ebffafc4a62b00d906c7bc4511f98
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 24 11:58:19 2024 +0300
extractor: flush data on unlocking a writer
Pull request #4442: appid: Early SSH detection brute-force fix
Merge in SNORT/snort3 from ~VIIZHYK/snort3:viizhyk_CSCwm05155_master to master
Squashed commit of the following:
commit
1ce5264a30bcbf5ff4ac3068b489599521e8c255
Author: viizhyk <viizhyk@cisco.com>
Date: Wed Sep 11 08:44:12 2024 -0400
appid: Early SSH detection brute-force fix
Pull request #4441: Extractor Refactoring
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:ext_hare to master
Squashed commit of the following:
commit
21382cc49cc74bfd0f9c375eca7904bc221fbfe1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 10 16:51:00 2024 +0300
extractor: notify handler whether it is a fixed-width formatting
commit
a6bc7ff8501415b727fa09f4c5e62eadb232519b
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 10 16:18:44 2024 +0300
extractor: update logger with an internal set of fields for logging
commit
6b8452f585d60ef6cf2215f6c7e3696894db392e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Sep 6 13:47:27 2024 +0300
extractor: refactor data pipe between an inspector and extractor's logger
Manav Soneja (msoneja) [Thu, 19 Sep 2024 07:47:46 +0000 (07:47 +0000)]
Pull request #4432: ftp_telnet: adding fallback functionality
Merge in SNORT/snort3 from ~MSONEJA/snort3:ftp_telnet_fallback to master
Squashed commit of the following:
commit
b64420ab2fa645d2c38aa874d26a2a3525c8a6a8
Author: msoneja <msoneja@cisco.com>
Date: Mon Aug 26 06:56:49 2024 +0000
ftp_telnet: adding fallback functionality for ftp
Pull request #4448: extractor: rewrite std writer to use text_log utility
Merge in SNORT/snort3 from ~ASERBENI/snort3:log_perf_ci to master
Squashed commit of the following:
commit
11c5aa69552e778d782dc74bce964d8e2e34378e
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Fri Sep 6 10:13:34 2024 +0300
extractor: rewrite std writer to use text_log utility
This way its output will be written to the same descriptor as ips events. In most of the cases it's stdout, but it can also be descriptor 3 if snort was build with --enable-stdlog
Adrian Mamolea (admamole) [Tue, 17 Sep 2024 12:37:03 +0000 (12:37 +0000)]
Pull request #4425: http2_inspect: add IPS options for frame header and data
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:http2_header_len to master
Squashed commit of the following:
commit
98609c16c63feb3e8249d4d9f7b2e87456389ef0
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Aug 15 14:46:45 2024 -0400
http2_inspect: add IPS options for frame header and data
Akhilesh MY (amuttuva) [Mon, 16 Sep 2024 13:10:39 +0000 (13:10 +0000)]
Pull request #4387: appid: fixes for one definiton rule violation
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:lto_enable to master
Squashed commit of the following:
commit
480bc87f6d76b4ec66ee85cb19438e12eb9e707e
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Jul 16 05:03:46 2024 -0400
appid: fixes for one definiton rule violation
Pull request #4430: Unwind arm fix
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:unwind_arm_fix to master
Squashed commit of the following:
commit
b1e48c94f8eae4d6b92da78d1c4164830501c272
Author: dkyrylov <dkyrylov@cisco.com>
Date: Wed Aug 28 19:38:14 2024 +0300
process: skip vDSO frame on aarch64
skip vDSO frame on aarch64,
continue unwinding past unw_get_proc_info failure
Shijin Bose (shibose) [Thu, 12 Sep 2024 13:51:34 +0000 (13:51 +0000)]
Pull request #4417: ssh: added abort session in streamsplitter
Merge in SNORT/snort3 from ~SHIBOSE/snort3:ssh_fallback to master
Squashed commit of the following:
commit
c5a27bacf94fff0db24793b62ffa22ee6587ff42
Author: shibose <shibose@cisco.com>
Date: Thu Aug 8 05:37:06 2024 +0000
ssh: added abort session in streamsplitter
Akhilesh MY (amuttuva) [Wed, 11 Sep 2024 12:39:34 +0000 (12:39 +0000)]
Pull request #4435: memory: add shell commands for jemalloc heap profiling
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:jemalloc_cli to master
Squashed commit of the following:
commit
6a36e76117b05b637cebb0d17997627f9e045d6e
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Sep 5 10:47:53 2024 -0400
memory: add shell commands for jemalloc heap profiling
Pull request #4429: stream: fix to dump all flows
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:dump_all_flows to master
Squashed commit of the following:
commit
5bdf40420c947eeb8490cab14a0632feded8905c
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Tue Aug 20 12:21:14 2024 -0400
stream: fix to dump all flows
Rishabh Choudhary (rishacho) [Tue, 10 Sep 2024 07:22:07 +0000 (07:22 +0000)]
Pull request #4427: appid: dns sinkhole support for edns
Merge in SNORT/snort3 from ~RISHACHO/snort3:dns_sinkhole to master
Squashed commit of the following:
commit
a63ed896fa9b21e1267b9c397c2104d7111c40e3
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Tue Aug 27 00:28:11 2024 +0530
appid: dns sinkhole support for edns
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Sep 2024 19:28:02 +0000 (19:28 +0000)]
Pull request #4436: build: generate and tag 3.3.6.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.6.0 to master
Squashed commit of the following:
commit
dee67015a58f06f9ea056830a3d6b8844746c9d9
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 13:04:42 2024 -0400
build: generate and tag 3.3.6.0
Priyanka Bangalore Gurudev (prbg) [Thu, 5 Sep 2024 16:21:18 +0000 (16:21 +0000)]
Pull request #4434: build: generate and tag 3.3.5.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.5.0 to master
Squashed commit of the following:
commit
3757dff650b549cfa5dfd001eb027890635d7139
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Sep 5 09:16:32 2024 -0400
build: generate and tag 3.3.5.0
Steven Baigal (sbaigal) [Wed, 4 Sep 2024 14:12:42 +0000 (14:12 +0000)]
Pull request #4426: packet_tracer: add tcp window size, options and meta-ack info
Merge in SNORT/snort3 from ~SBAIGAL/snort3:meta-ack-win to master
Squashed commit of the following:
commit
7a336ceee9838076d706ba55a30d1135b2012b8a
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Aug 23 14:12:22 2024 -0400
packet_tracer: add tcp window size, options and meta-ack info
Pull request #4431: JSON formatting for data logging
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:extr_json to master
Squashed commit of the following:
commit
2bd2c95c4d5ab3b10dc1600f79e77e0c5fe2ab9e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Sep 4 09:56:08 2024 +0300
extractor: mention a field in initialization list
Despite that initialization order is defined by class fields only,
an explicit initializer in the list will add cross-validation.
commit
7eeaf9b8814aab9331a0e6d507c7e356ee8a9582
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 3 13:50:18 2024 +0300
extractor: add unit tests for enum types
commit
08928ef3bddf3f61878fe2a936d6be96f2a410e1
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Sep 3 10:49:41 2024 +0300
extractor: remove unused headers
commit
4a6f42fd87d00ce27d5b8b27add094921c85fd5e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 12:13:52 2024 +0300
extractor: add json logger
commit
b783608bc41247bd3d45e8acedfc87c5dea445c2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 12:00:25 2024 +0300
extractor: fix local variable
Declare a local variable to be static to not interfere at linking stage.
commit
077f8133e94079ec86ee5e053b96f2b45afa71de
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 11:55:23 2024 +0300
extractor: take a note of FIXIT-P in key points
commit
08ed77f484fa19a4cd384af4ee62565a5ea81976
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed Aug 28 11:47:49 2024 +0300
extractor: add field name to logging function
Field order is not preset for all formattings.
Thus, a caller must pass a field name for proper logging.
commit
7a81360468ffe1431c4f93d384b295f659c7b93e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Aug 27 15:21:38 2024 +0300
extractor: fix guard-macro names
Bhumika Sachdeva (bsachdev) [Fri, 30 Aug 2024 19:40:10 +0000 (19:40 +0000)]
Pull request #4424: appid: logs added around third party reload
Merge in SNORT/snort3 from ~BSACHDEV/snort3:tp_fix_logs to master
Squashed commit of the following:
commit
b113ad653effd50f9021dbb62371be1f457b2176
Author: bsachdev <bsachdev@cisco.com>
Date: Tue Aug 13 16:32:29 2024 -0400
appid: added new logs for reload third party
Pull request #4422: file_api: filename for file processing
Merge in SNORT/snort3 from ~OTORUBAR/snort3:filename_for_file_processing to master
Squashed commit of the following:
commit
c25848c0fca7d9d7f33fece004314ad88a3c8e8d
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Jul 26 15:13:52 2024 -0400
file_api: set file name for file processing
Adrian Mamolea (admamole) [Wed, 28 Aug 2024 18:19:09 +0000 (18:19 +0000)]
Pull request #4423: http_inspect: when cutting chunks check for MAX_OCTETS too
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:max_octets to master
Squashed commit of the following:
commit
310c5907c602cc5d46f24ddfb711d0033cd50c3e
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Aug 19 14:54:13 2024 -0400
http_inspect: when cutting chunks check for MAX_OCTETS too
Priyanka Bangalore Gurudev (prbg) [Tue, 27 Aug 2024 16:21:59 +0000 (16:21 +0000)]
Pull request #4428: build: generate and tag 3.3.4.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.4.0 to master
Squashed commit of the following:
commit
745fb3e8c31cac674067037f4644198def469e50
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Aug 26 23:17:35 2024 -0400
build: generate and tag 3.3.4.0
Pull request #4369: appid: Notify binder on service change
Merge in SNORT/snort3 from ~OSTEPANO/snort3:appid_binder to master
Squashed commit of the following:
commit
b95ee6c0632260fe1a295f7eba7b90ae7be4424d
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Mon Jul 1 09:00:35 2024 -0400
appid: Notify binder on service change
Pull request #4394: AppId: CSCwk30965: AppIdSessionData causes snort3 to crash.
Merge in SNORT/snort3 from ~VIIZHYK/snort3:viizhyk_CSCwk30965_master to master
Squashed commit of the following:
commit
ce4124066c911c5cbc48f16f2393b7edafe857fa
Author: viizhyk <viizhyk@cisco.com>
Date: Mon Jul 22 19:37:51 2024 -0400
Replaced hsessions vector of raw pointers into vector of smart pointers.
Signed-off-by: viizhyk <viizhyk@cisco.com>
Pull request #4419: latency, dce, stream_ip: fix max pegs incorrectly declared sum
Merge in SNORT/snort3 from ~ANOROKH/snort3:max_sum to master
Squashed commit of the following:
commit
92a7505f2c68f505dda1f23bbbfa7a46793900cc
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jul 18 15:23:26 2024 -0400
latency, dce, stream_ip: fix max pegs incorrectly declared sum
Manav Soneja (msoneja) [Wed, 14 Aug 2024 13:22:20 +0000 (13:22 +0000)]
Pull request #4343: ftp: refactoring ftp_data
Merge in SNORT/snort3 from ~MSONEJA/snort3:ftps_malware to master
Squashed commit of the following:
commit
27655a50c70a8b28abd85876866a9e4176350f1d
Author: msoneja <msoneja@cisco.com>
Date: Thu Jul 4 05:35:07 2024 +0000
ftp_telnet: refactoring ftp-data
Akhilesh MY (amuttuva) [Tue, 13 Aug 2024 16:42:44 +0000 (16:42 +0000)]
Pull request #4412: telnet: avoid flush when cr or lf is between commands
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:telnet_cr_fix to master
Squashed commit of the following:
commit
c7c9dbff527ab392d276e6deae89b542b5ca13a4
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Aug 6 02:41:17 2024 -0400
telnet: avoid flush when cr or lf is between commands
Priyanka Bangalore Gurudev (prbg) [Tue, 13 Aug 2024 16:19:14 +0000 (16:19 +0000)]
Pull request #4418: build: generate and tag 3.3.3.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.3.0 to master
Squashed commit of the following:
commit
8f9c6cc9c72e719f150cfeab8ea765c81864b756
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Tue Aug 13 00:25:59 2024 -0400
build: generate and tag 3.3.3.0
Pull request #4407: daq: add outstanding packets counter
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_counter to master
Squashed commit of the following:
commit
cf04baa02339a76fdf0f234255815f1a4349bbd7
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Aug 2 05:36:13 2024 -0400
daq: add outstanding packets counter
Juweria Ali Imran (jaliimra) [Mon, 12 Aug 2024 17:49:33 +0000 (17:49 +0000)]
Pull request #4416: stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet
Merge in SNORT/snort3 from ~JALIIMRA/snort3:meta_ack_ports_master to master
Squashed commit of the following:
commit
c707c9e73334859b9603e8d58611a087a7022a6e
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Aug 6 11:13:41 2024 -0400
stream_tcp: make sure ports are correctly swapped when filling a meta-ACK packet
projects / thirdparty / snort3.git / log
