]>
git.ipfire.org Git - thirdparty/snort3.git/log
Russ Combs (rucombs) [Fri, 17 Apr 2020 02:51:15 +0000 (02:51 +0000)]
Merge pull request #2164 in SNORT/snort3 from ~RUCOMBS/snort3:avc_only to master
Squashed commit of the following:
commit
de9579872286a2c44b89e8f1ebd4dc3b0c0593d2
Author: russ <rucombs@cisco.com>
Date: Sat Apr 11 21:06:42 2020 -0400
ftp_data: fix ids flushing at EOF
commit
22804f385fd0fc2eaf200fd69d7560b404700e07
Author: russ <rucombs@cisco.com>
Date: Sat Apr 11 02:14:33 2020 -0400
style: fix nits
commit
3248176e5aaf8132121290d791b1788db4c58469
Author: russ <rucombs@cisco.com>
Date: Sun Apr 12 19:33:27 2020 -0400
inspectors: designate service inspectors for start tls
This applies to pop, imap, and smtp wich can do start tls as well as to
ftp which can do auth tls.
commit
66a13456a5817ac628c3457365ba065f04f6b03e
Author: russ <rucombs@cisco.com>
Date: Sat Apr 11 00:35:01 2020 -0400
inspectors: designate service inspectors for file carving
This applies to dce_smb, ftp_data, http_inspect, http2_inspect, imap,
pop, and smtp which process files.
commit
3700b32c0d3e596bdea00beb321edb4a992533b4
Author: russ <rucombs@cisco.com>
Date: Sat Apr 11 00:33:39 2020 -0400
inspectors: designate service inspectors control channels for avc only
This applies to cip, ftp_server, and sip inspectors which support other
flows.
commit
0749035648aaee49de05e77100b268a23b89b484
Author: russ <rucombs@cisco.com>
Date: Sat Apr 11 00:18:26 2020 -0400
ips_context: add support to fallback to avc only
Mike Stepanek (mstepane) [Wed, 15 Apr 2020 14:27:07 +0000 (14:27 +0000)]
Merge pull request #2147 in SNORT/snort3 from ~KATHARVE/snort3:connect2 to master
Squashed commit of the following:
commit
d885bee3d44fc6276c2df089b071a7425208ea09
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Apr 7 13:35:33 2020 -0400
http_inspect: cut over to wizard on successful CONNECT response
Mike Stepanek (mstepane) [Wed, 15 Apr 2020 12:59:01 +0000 (12:59 +0000)]
Merge pull request #2158 in SNORT/snort3 from ~KATHARVE/snort3:script_case to master
Squashed commit of the following:
commit
9993a5e575b71d330a93f0d99e2a9fc60f19890e
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Apr 13 13:12:32 2020 -0400
http_inspect: make script tag check case insensitive
George Koikara (gkoikara) [Wed, 15 Apr 2020 03:53:19 +0000 (03:53 +0000)]
Merge pull request #2096 in SNORT/snort3 from ~APOORAJ/snort3:verdict_reason_support to master
Squashed commit of the following:
commit
673f015c0db9553d35377c8dc4792d34218c5b43
Author: Apoorv Raj <apooraj@cisco.com>
Date: Mon Mar 23 01:59:10 2020 -0400
ftp: whitelisting reason support
Shravan Rangarajuvenkata (shrarang) [Tue, 14 Apr 2020 13:41:01 +0000 (13:41 +0000)]
Merge pull request #2137 in SNORT/snort3 from ~AGIURGIU/snort3:file_category to master
Squashed commit of the following:
commit
663d16d880d21d4c772eb8c5451efcd374a41b3a
Author: agiurgiu <agiurgiu@cisco.com>
Date: Tue Apr 7 14:25:42 2020 +0300
file_magic: Update category for HWP and MSOLE2
Bhagya Tholpady (bbantwal) [Tue, 14 Apr 2020 12:11:32 +0000 (12:11 +0000)]
Merge pull request #2154 in SNORT/snort3 from ~OSHUMEIK/snort3:ffix to master
Squashed commit of the following:
commit
883564c8dbd5be8ad0b1da80074915177f317b39
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Apr 13 11:12:01 2020 +0300
http_inspect: fix duplicated detained_inspection print in show()
Shravan Rangarajuvenkata (shrarang) [Sat, 11 Apr 2020 23:59:13 +0000 (23:59 +0000)]
Merge pull request #2144 in SNORT/snort3 from ~SHRARANG/snort3:appid_remove_unused_code to master
Squashed commit of the following:
commit
08f71fa3082ed8e77f15403f1b0d2553f85c08de
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Thu Apr 9 12:29:40 2020 -0400
appid: remove unused code
Michael Altizer (mialtize) [Sat, 11 Apr 2020 18:09:43 +0000 (18:09 +0000)]
Merge pull request #2151 in SNORT/snort3 from ~OSERHIIE/snort3:fix_func_proto_warn to master
Squashed commit of the following:
commit
98ce3667e72552416a0f1ef154a6eea4ff8b5a0a
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Sat Apr 11 13:22:39 2020 +0300
main: Make test_log() static in snort_debug.cc
Shravan Rangarajuvenkata (shrarang) [Sat, 11 Apr 2020 11:05:13 +0000 (11:05 +0000)]
Merge pull request #2149 in SNORT/snort3 from ~SATHIRKA/snort3:tsan_appid to master
Squashed commit of the following:
commit
9b719e481c49f208ce7997edd841194d7010fc1e
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Mar 26 17:27:58 2020 -0400
appid: Fixing thread-safety issues in appid
Michael Altizer (mialtize) [Fri, 10 Apr 2020 23:27:02 +0000 (23:27 +0000)]
Merge pull request #2113 in SNORT/snort3 from ~OSERHIIE/snort3:trace_logger to master
Squashed commit of the following:
commit
5ae02e42ad00e7b23dea2ca7432f54f06c7debf5
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Fri Mar 13 17:05:30 2020 +0200
trace: refactor stdout/syslog logging of trace into logger framework
Michael Altizer (mialtize) [Fri, 10 Apr 2020 21:40:13 +0000 (21:40 +0000)]
Merge pull request #2150 in SNORT/snort3 from ~MIALTIZE/snort3:kill_inspectordata to master
Squashed commit of the following:
commit
55c887b65e3e21401ec64eb80b647ea5dfb6b4f5
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 10 12:56:52 2020 -0400
framework: Remove unused InspectorData template
Reimplement the only prior user (FtpClient) without the template.
Mike Stepanek (mstepane) [Fri, 10 Apr 2020 19:35:59 +0000 (19:35 +0000)]
Merge pull request #2145 in SNORT/snort3 from ~DERAMADA/snort3:hi_http_uri_fragment to master
Squashed commit of the following:
commit
54f33541eeb50c01b81671321e32f03551d9f19b
Author: deramada <deramada@cisco.com>
Date: Fri Apr 10 09:17:24 2020 -0400
http_inspect: add fragment to http_uri
Mike Stepanek (mstepane) [Thu, 9 Apr 2020 20:21:52 +0000 (20:21 +0000)]
Merge pull request #2143 in SNORT/snort3 from ~MDAGON/snort3:0len to master
Squashed commit of the following:
commit
1692fd54db389cb3094ed99c499236550d3e2ef1
Author: mdagon <mdagon@cisco.com>
Date: Thu Apr 2 15:07:35 2020 -0400
http2_inspect: support 0 length data frames
Bhagya Tholpady (bbantwal) [Thu, 9 Apr 2020 16:41:25 +0000 (16:41 +0000)]
Merge pull request #2127 in SNORT/snort3 from ~OKHOMIAK/snort3:standardize_all_inspectors_config_output to master
Squashed commit of the following:
commit
cb70afb884f256e88504a45217c28783cc70b083
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Tue Apr 7 21:44:31 2020 +0300
appid: remove unused config options and rename "debug" option
changes include:
* instance_id, dump_ports, app_stats_rollover_time options removed
* debug option renamed to list_odp_detectors
* snort2lua updated according to config option changes mentioned above
commit
cd58c49f50c9c22a1504405d449c137b9e743375
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Thu Mar 26 10:49:03 2020 +0200
inspectors: update verbose config output in show() method to a new format
Add ConfigLogger class containing standard print functions
Michael Altizer (mialtize) [Thu, 9 Apr 2020 14:35:52 +0000 (14:35 +0000)]
Merge pull request #2142 in SNORT/snort3 from ~ANTOROZC/snort3:expose_packet_gettimeofday to master
Squashed commit of the following:
commit
72ab3f58822fcf6c56fdb46fa9a121cf4dfc6e94
Author: Brian Morris <bmorris2@cisco.com>
Date: Wed Apr 8 14:43:39 2020 -0500
time: make packet_gettimeofday public
Russ Combs (rucombs) [Thu, 9 Apr 2020 03:43:45 +0000 (03:43 +0000)]
Merge pull request #2086 in SNORT/snort3 from ~PUNEETKU/snort3:pm_shell_cmd to master
Squashed commit of the following:
commit
2b6c7588e78aac9e3a0a31b0b1571095b25c80ad
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Sun Mar 15 22:52:53 2020 -0400
perf_monitor: Enable or disable flow-ip-profiling using shell commands
Mike Stepanek (mstepane) [Wed, 8 Apr 2020 20:10:23 +0000 (20:10 +0000)]
Merge pull request #2139 in SNORT/snort3 from ~DERAMADA/snort3:hi_fix_reload_extradata_reg to master
Squashed commit of the following:
commit
20bc030a4319888448db93d56abd040b5a3f624e
Author: deramada <deramada@cisco.com>
Date: Mon Apr 6 10:25:37 2020 -0400
http_inspect: register extra-data callbacks in constructor
Russ Combs (rucombs) [Wed, 8 Apr 2020 18:08:06 +0000 (18:08 +0000)]
Merge pull request #2141 in SNORT/snort3 from ~RUCOMBS/snort3:flowbits_fixups to master
Squashed commit of the following:
commit
6a0647dc39ea3806b2cbb51cd19833a25b6b1d51
Author: russ <rucombs@cisco.com>
Date: Wed Apr 8 10:00:16 2020 -0400
flowbits: fix build warnings from latest cleanup
Mike Stepanek (mstepane) [Tue, 7 Apr 2020 20:54:41 +0000 (20:54 +0000)]
Merge pull request #2126 in SNORT/snort3 from ~KATHARVE/snort3:connect_pt1 to master
Squashed commit of the following:
commit
e76efdd1ed2708467d1ffe895f238e986d5414b9
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Mar 30 14:58:36 2020 -0400
http_inspect: enhance processing of connect messages
Mike Stepanek (mstepane) [Tue, 7 Apr 2020 15:59:30 +0000 (15:59 +0000)]
Merge pull request #2138 in SNORT/snort3 from ~MDAGON/snort3:frame_hdr_wobody to master
Squashed commit of the following:
commit
880bf5d85b633eb7b49e9b9587bfc3323502a8ea
Author: mdagon <mdagon@cisco.com>
Date: Mon Apr 6 16:36:19 2020 -0400
http2_inspect: handle the case of leftover header only (no body)
Russ Combs (rucombs) [Tue, 7 Apr 2020 13:11:54 +0000 (13:11 +0000)]
Merge pull request #2115 in SNORT/snort3 from ~RUCOMBS/snort3:rule_meta to master
Squashed commit of the following:
commit
9f06fc29f374152d9258636b16e37f966753f6f6
Author: russ <rucombs@cisco.com>
Date: Sun Apr 5 11:25:48 2020 -0400
flowbits: relocate bitop.h to helpers
commit
28c62396337cab09d8762e2299043fc0dd75a60f
Author: russ <rucombs@cisco.com>
Date: Sun Apr 5 00:13:29 2020 -0400
flowbits: fix reload mapping
commit
6637ad94652470fbff956e90a33760d92f56937e
Author: russ <rucombs@cisco.com>
Date: Sun Mar 29 20:54:58 2020 -0400
ips: fix rule state mapping and policy lookup
commit
b12fae905f4d3e2fa845572cf9d51da42b21fde8
Author: russ <rucombs@cisco.com>
Date: Sun Mar 29 15:12:52 2020 -0400
src: remove extraneous trailing spaces
commit
bcab016e2dafb240316bfccaf728bb36dfb291e6
Author: russ <rucombs@cisco.com>
Date: Sun Mar 29 10:31:55 2020 -0400
so rules: allow stub gid:sid:rev to override so
commit
6e8e8a7e39df9030c0b679aaec1688eb602b1325
Author: russ <rucombs@cisco.com>
Date: Sat Mar 28 17:23:49 2020 -0400
metadata-filter: apply to so rule stubs
commit
2ba460819894571742f16166286b597963d08652
Author: russ <rucombs@cisco.com>
Date: Sat Mar 28 16:04:57 2020 -0400
so rules: allow stub header to override so header
commit
9a40462e5b02191f2bd44abd98d40876d87af233
Author: russ <rucombs@cisco.com>
Date: Sat Mar 28 10:40:41 2020 -0400
snort: add --dump-rule-state
commit
7aa13768693d7037a0525d90bef053866203bad8
Author: russ <rucombs@cisco.com>
Date: Sat Mar 28 09:47:31 2020 -0400
snort: add --dump-rule-deps
commit
3975f00f8476bccacb4047cd4488555d513d3b22
Author: russ <rucombs@cisco.com>
Date: Sat Mar 28 09:11:08 2020 -0400
snort: add rule text to --dump-rule-meta
commit
17eff18a925a8fc728fbe1821f2c390b05fac49b
Author: russ <rucombs@cisco.com>
Date: Mon Mar 23 22:15:30 2020 -0400
snort: enable --dump-rule-meta to work without a conf
commit
634dc34e894e0e6dd05568eb6a1184312da5011a
Author: russ <rucombs@cisco.com>
Date: Sat Mar 14 22:11:23 2020 -0400
snort: add flowbits set and checked to --dump-rule-meta
commit
dfecdf639ac3027e6fdb0ee9945f59c01490b166
Author: russ <rucombs@cisco.com>
Date: Fri Mar 13 19:45:35 2020 -0400
snort: initial implementation of --dump-rule-meta
commit
b969f1b1b19c9ecdf546828bfd73d80d02d01813
Author: russ <rucombs@cisco.com>
Date: Thu Mar 26 11:26:39 2020 -0400
stream_tcp: remove unused session printing cruft
commit
c9c7b527debe3c6689ffce4e4be5d1caa7b476e2
Author: russ <rucombs@cisco.com>
Date: Thu Mar 26 11:15:48 2020 -0400
hyperscan: simplify scratch memory initialization
commit
3be58eed3d48ede7c5bd6ae949c25d9f8825e9b2
Author: russ <rucombs@cisco.com>
Date: Tue Mar 24 08:49:17 2020 -0400
output: allow error messages in quiet mode
commit
c63c2cee10e3e924b27719770776b67e31339ad5
Author: russ <rucombs@cisco.com>
Date: Mon Mar 23 08:29:27 2020 -0400
session: remove unused IPS option
commit
d52b37a58007a4e1f8e9f191c96a48529a3aa8d0
Author: russ <rucombs@cisco.com>
Date: Sun Mar 22 20:44:10 2020 -0400
snort: remove unused --pcap-reload option
commit
616ac76d41aade222a16cf19a7f4634e6f92be9a
Author: russ <rucombs@cisco.com>
Date: Sun Mar 22 20:22:12 2020 -0400
snort: remove inappropriate fatal errors
commit
57ab3b040ba3735eb2f62f442641f49b6ee31ee1
Author: russ <rucombs@cisco.com>
Date: Sat Mar 14 12:10:39 2020 -0400
flowbits: refactor implementation
... and 4 more commits
Mike Stepanek (mstepane) [Tue, 7 Apr 2020 11:29:37 +0000 (11:29 +0000)]
Merge pull request #2134 in SNORT/snort3 from ~DERAMADA/snort3:fix_active_hold to master
Squashed commit of the following:
commit
a6ab217cd37c03e92fd8815de32e0453dca72fd4
Author: deramada <deramada@cisco.com>
Date: Mon Apr 6 09:45:41 2020 -0400
packet_io: revert hold_packet to bool
Mike Stepanek (mstepane) [Mon, 6 Apr 2020 12:46:05 +0000 (12:46 +0000)]
Merge pull request #2123 in SNORT/snort3 from ~MDAGON/snort3:pt5 to master
Squashed commit of the following:
commit
8bd4bd1239e961dba3287e9ec05fff34990ceb8c
Author: mdagon <mdagon@cisco.com>
Date: Wed Mar 25 16:19:22 2020 -0400
http2_inspect: flush pending data when a non-data frame is received
Steve Chew (stechew) [Sat, 4 Apr 2020 18:35:27 +0000 (18:35 +0000)]
Merge pull request #2131 in SNORT/snort3 from ~SBAIGAL/snort3:safe_erase_plug_map to master
Squashed commit of the following:
commit
16a5ac013e9100ebdf301bfb77d739fab41c9be0
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Apr 3 21:06:48 2020 -0400
plugin_manager: make erase from plug_map safer
Michael Altizer (mialtize) [Fri, 3 Apr 2020 20:05:50 +0000 (20:05 +0000)]
Merge pull request #2130 in SNORT/snort3 from ~MIALTIZE/snort3:template_viz to master
Squashed commit of the following:
commit
fc8fe9813154aff1cfa2891d1803681012a3f337
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 3 12:16:19 2020 -0400
host_tracker: Move all HostCacheAlloc template implementions to the header
Mike Stepanek (mstepane) [Fri, 3 Apr 2020 19:11:40 +0000 (19:11 +0000)]
Merge pull request #2117 in SNORT/snort3 from ~DERAMADA/snort3:log_daq_pool_size to master
Squashed commit of the following:
commit
f6bad88e3d04736dc28e96f74299306ebcf89c4d
Author: deramada <deramada@cisco.com>
Date: Mon Mar 30 12:25:28 2020 -0400
packet_io: log daq pool size
Michael Altizer (mialtize) [Fri, 3 Apr 2020 18:55:21 +0000 (18:55 +0000)]
Merge pull request #2128 in SNORT/snort3 from ~MASHASAN/snort3:wrap_enable_shell to master
Squashed commit of the following:
commit
9ccb24f001e6699d02a40b5198108773f3a5dcb1
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Apr 3 07:18:43 2020 -0400
control: Disable request unit-test in cmake if shell is disabled
Mike Stepanek (mstepane) [Fri, 3 Apr 2020 16:23:13 +0000 (16:23 +0000)]
Merge pull request #2077 in SNORT/snort3 from ~DERAMADA/snort3:gre_encode to master
Squashed commit of the following:
commit
14d1ebcee5a9b038c75e7c7ef2b5889dbe1e512f
Author: deramada <deramada@cisco.com>
Date: Thu Mar 12 16:50:17 2020 -0400
codecs: Update GRE flags and offset for injected packets
commit
2c99419277fa13e61819e54db9848c5fa523bf34
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Feb 20 13:24:39 2020 -0500
codecs: GRE checksum updated for injected and rewritten packets
Russ Combs (rucombs) [Fri, 3 Apr 2020 00:15:21 +0000 (00:15 +0000)]
Merge pull request #2122 in SNORT/snort3 from ~DAVMCPHE/snort3:consistent_reloaderror_messages to master
Squashed commit of the following:
commit
57247262ea9e7a32905c0e066fff83da239defb6
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Apr 1 09:17:48 2020 -0400
reload: update ReloadError response messages to use consistent wording across all messages
Mike Stepanek (mstepane) [Thu, 2 Apr 2020 18:29:05 +0000 (18:29 +0000)]
Merge pull request #2125 in SNORT/snort3 from ~MASHASAN/snort3:fix_shell_disabled to master
Squashed commit of the following:
commit
efb8ab4ca48af09be2c6b3f91a89c78b75c79c2c
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Apr 2 12:54:33 2020 -0400
control: Run unit-test only if shell is enabled
Shravan Rangarajuvenkata (shrarang) [Thu, 2 Apr 2020 15:41:52 +0000 (15:41 +0000)]
Merge pull request #2121 in SNORT/snort3 from ~SATHIRKA/snort3:ftp_data_smtp_whitelist to master
Squashed commit of the following:
commit
344a0e0c70ac76761a2ec02af9af893152a053dc
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Mar 31 11:39:00 2020 -0400
appid: mark third-party inspection as done for expected flows
Michael Altizer (mialtize) [Wed, 1 Apr 2020 21:08:11 +0000 (21:08 +0000)]
Merge pull request #2112 in SNORT/snort3 from ~MIALTIZE/snort3:cmd to master
Squashed commit of the following:
commit
629a62312051ee2a5a01debab91ffa0166113dcb
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 26 17:14:42 2020 -0400
loggers: Add SGT field to CSV and JSON loggers
commit
54211092635b918760eee6e9eea24f35a42aac2e
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 26 17:14:42 2020 -0400
codecs: Clean up CiscoMetaData implementation
Mike Stepanek (mstepane) [Wed, 1 Apr 2020 16:52:05 +0000 (16:52 +0000)]
Merge pull request #2116 in SNORT/snort3 from ~MASHASAN/snort3:request_race to master
Squashed commit of the following:
commit
3b0c7cc38f58f0f8fcbf864b5690cc4eb4cf6019
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Mar 27 20:16:40 2020 -0400
control: Fixing data races in request read and response
Shravan Rangarajuvenkata (shrarang) [Wed, 1 Apr 2020 15:36:11 +0000 (15:36 +0000)]
Merge pull request #2110 in SNORT/snort3 from ~OZAIKA/snort3:http2_get_header to master
Squashed commit of the following:
commit
42d9ee1fa66cbfd4eda0f057b83a3b09fb3c3115
Author: Oleksii Zaika <ozaika@cisco.com>
Date: Thu Mar 26 08:25:11 2020 -0400
appid: detect payload for first http2 stream
George Koikara (gkoikara) [Wed, 1 Apr 2020 14:55:27 +0000 (14:55 +0000)]
Merge pull request #2024 in SNORT/snort3 from ~GSAMBYAL/snort3:snort_6_7_port to master
Squashed commit of the following:
commit
e76a979bbd75892f5fc88ccd958c0a6410aceb96
Author: Garima Singh Sambyal <gsambyal@cisco.com>
Date: Wed Feb 19 01:51:28 2020 -0500
sip: Support pinhole for sip early media
George Koikara (gkoikara) [Wed, 1 Apr 2020 14:51:41 +0000 (14:51 +0000)]
Merge pull request #2103 in SNORT/snort3 from ~NEHASH4/snort3:CSCvt32429 to master
Squashed commit of the following:
commit
fc824674b7f4d878f4dfa7ed54bb4702f6a1aae5
Author: neha sharma <nehash4@cisco.com>
Date: Sun Mar 22 05:05:20 2020 -0400
file: apply cached verdict on already seen file
Michael Altizer (mialtize) [Tue, 31 Mar 2020 15:35:19 +0000 (15:35 +0000)]
Merge pull request #2119 in SNORT/snort3 from ~MIALTIZE/snort3:3.0.1_build_1 to master
Squashed commit of the following:
commit
fea387971db1f4f7552af4f7a402a5b032efb218
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 31 09:59:58 2020 -0400
build: generate and tag 3.0.1 build 1
Steve Chew (stechew) [Tue, 31 Mar 2020 14:41:57 +0000 (14:41 +0000)]
Merge pull request #2102 in SNORT/snort3 from ~STECHEW/snort3:detained_packet_with_ssl to master
Squashed commit of the following:
commit
403c0de29a90c3a101730357a9bd5ba9caabf243
Author: Steve Chew <stechew@cisco.com>
Date: Mon Mar 23 20:48:52 2020 -0400
analyzer: Send detained packet event when a packet is held.
commit
43ecbb9b1cdb32a532342e29be6162ada75e2ecf
Author: Steve Chew <stechew@cisco.com>
Date: Thu Mar 26 12:01:35 2020 -0400
dce_rpc: Fixed missing space in string.
Michael Altizer (mialtize) [Mon, 30 Mar 2020 22:50:53 +0000 (22:50 +0000)]
Merge pull request #2078 in SNORT/snort3 from ~MIALTIZE/snort3:version_3_0_1 to master
Squashed commit of the following:
commit
017bead76ae7609494c26cf0a5756a3e07f73995
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Mar 13 13:16:37 2020 -0400
build: Increment version to 3.0.1
Steve Chew (stechew) [Mon, 30 Mar 2020 21:36:02 +0000 (21:36 +0000)]
Merge pull request #2107 in SNORT/snort3 from ~BBANTWAL/snort3:latency_updates to master
Squashed commit of the following:
commit
99e8356b5e645aebb676d58acc22462948cab5b8
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 25 10:01:54 2020 -0400
latency: remove action config option and convert the log handler to trace_log message
commit
d9ce00ad8447b8f376077b249f1a03c7f0c2acbc
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 25 09:05:41 2020 -0400
snort2lua: remove conversion of deprecated options pkt-log and rule-log
Mike Stepanek (mstepane) [Mon, 30 Mar 2020 15:36:59 +0000 (15:36 +0000)]
Merge pull request #2111 in SNORT/snort3 from ~KATHARVE/snort3:h2_headers to master
Squashed commit of the following:
commit
b076d151ec56be77b27a72904e68c9eae18e887b
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Mar 25 19:06:59 2020 -0400
http2_inspect: handle Cl and TE headers, and end_stream flags set on headers frames
Mike Stepanek (mstepane) [Mon, 30 Mar 2020 11:54:35 +0000 (11:54 +0000)]
Merge pull request #2114 in SNORT/snort3 from ~THOPETER/snort3:nhttp138 to master
Squashed commit of the following:
commit
cdbf6e7e9e313444606b38d2afcea79954cca108
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Mar 27 11:47:19 2020 -0400
http_inspect: added FIXIT for thread safety
Russ Combs (rucombs) [Sat, 28 Mar 2020 00:10:29 +0000 (00:10 +0000)]
Merge pull request #2095 in SNORT/snort3 from ~RUCOMBS/snort3:fixit_h to master
Squashed commit of the following:
commit
0ebc66453a734219078df3fd286d01dd63fa8474
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Mar 22 13:22:33 2020 -0400
doc: add FIXIT-E description
commit
fb12eb5b0cbdc6976de6a27bb13866085969a0e2
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Mar 22 13:04:12 2020 -0400
src: udpate high priority "to be fixed" comments (FIXIT-H)
Mike Stepanek (mstepane) [Fri, 27 Mar 2020 19:32:59 +0000 (19:32 +0000)]
Merge pull request #2101 in SNORT/snort3 from ~MDAGON/snort3:h2i_pt4 to master
Squashed commit of the following:
commit
9942a2e7ebd578c2c0715646e09f3357026083a7
Author: mdagon <mdagon@cisco.com>
Date: Tue Mar 17 10:36:25 2020 -0400
http2_inspect: multiple data frames support
Russ Combs (rucombs) [Thu, 26 Mar 2020 22:53:55 +0000 (22:53 +0000)]
Merge pull request #2083 in SNORT/snort3 from ~SBAIGAL/snort3:so_proxy to master
Squashed commit of the following:
commit
f19ea58fa5e667524c554164ab956346e1abe04a
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Mar 10 18:11:14 2020 -0400
so_rule: fix reload of shared object rules that use flow data
add tracking SO rule flow data with so_proxy inspector
Shravan Rangarajuvenkata (shrarang) [Thu, 26 Mar 2020 22:32:57 +0000 (22:32 +0000)]
Merge pull request #2098 in SNORT/snort3 from ~SAARAYA/snort3:http2_app_detection to master
Squashed commit of the following:
commit
472fe39ed1ec39a11bbc0748b4f1368b8a7d6a1e
Author: Oleksii Zaika <ozaika@cisco.com>
Date: Mon Mar 23 06:13:16 2020 -0400
appid: use http2 inspector for detection even if third-party module is present
Mike Stepanek (mstepane) [Thu, 26 Mar 2020 14:57:55 +0000 (14:57 +0000)]
Merge pull request #2105 in SNORT/snort3 from ~THOPETER/snort3:nhttp137 to master
Squashed commit of the following:
commit
f813962863f8f35615109ccea129f68499903e00
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Mar 24 13:33:49 2020 -0400
http_inspect: eliminate empty body sections for missing message bodies
Michael Altizer (mialtize) [Wed, 25 Mar 2020 22:15:48 +0000 (22:15 +0000)]
Merge pull request #2045 in SNORT/snort3 from ~SVLASIUK/snort3:trace_log_level to master
Squashed commit of the following:
commit
b83b61ba207177d583ef57ec3642ae130b9a7680
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Feb 14 16:33:00 2020 +0200
modules: Support verbosity level for module trace options, modify trace logging macros.
Log level range [0-255].
There are conditional debug_log/debug_logf and unconditional trace_log/trace_logf macros for logging.
Now log messages have format: module:sub_module:log_level: msg.
Ex: detection:rule_eval:1: Fast pattern search
Added trace 'all' option for detection module.
Mike Stepanek (mstepane) [Wed, 25 Mar 2020 19:40:43 +0000 (19:40 +0000)]
Merge pull request #2089 in SNORT/snort3 from ~NIHDESAI/snort3:tsan_mime to master
Squashed commit of the following:
commit
60962397f8910eb4ade3ff842db5262d3337eeea
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Mar 18 04:57:26 2020 -0400
mime: fix data race in mime config
Steve Chew (stechew) [Wed, 25 Mar 2020 15:37:32 +0000 (15:37 +0000)]
Merge pull request #2081 in SNORT/snort3 from ~OKHOMIAK/snort3:standardize_inspectors_config_output to master
Squashed commit of the following:
commit
136f35e3127f142c92e37717b9b864b36a2074f2
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Fri Mar 13 02:15:11 2020 +0200
service_inspectors: standardize verbose config startup output for SMTP, POP and IMAP inspectors
Davis McPherson (davmcphe) [Wed, 25 Mar 2020 14:33:23 +0000 (14:33 +0000)]
Merge pull request #2073 in SNORT/snort3 from ~ZHIJLIU/snort3:CSCvs59026_badack to master
Squashed commit of the following:
commit
c0f2ed2c2b2572310314aa5b7b53557b12cc9966
Author: Louis Zhijun Liu <zhijliu@cisco.com>
Date: Wed Mar 11 17:44:19 2020 -0700
stream_tcp: Out-of-order ACK processing fix
Mike Stepanek (mstepane) [Wed, 25 Mar 2020 14:13:20 +0000 (14:13 +0000)]
Merge pull request #2106 in SNORT/snort3 from ~MSTEPANE/snort3:build_270 to master
Squashed commit of the following:
commit
6155a90e061a401368f4c31c22c36cbae2a85a64
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Mar 25 09:08:03 2020 -0400
build: generate and tag build 270
Michael Altizer (mialtize) [Wed, 25 Mar 2020 01:39:33 +0000 (01:39 +0000)]
Merge pull request #2091 in SNORT/snort3 from ~MIALTIZE/snort3:detained_fixups to master
Squashed commit of the following:
commit
1444a851fb7c3714995441a3cd6385f38e733e5e
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Mar 24 12:03:33 2020 -0400
stream_tcp: Cancel hold requests on the current packet when flushing
commit
16ab4c97c5342e893a2ab5dc6b50b4c7a909fd79
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 19 13:52:16 2020 -0400
active: Move packet hold realization for Stream detainment to verdict handling
commit
3e5d373c511b04dd2fcd61937c75e5ae490bd407
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 19 11:24:46 2020 -0400
active: Base hold_packet() decision on DAQ message pool usage
This change cascades into TcpStreamTracker's hold packet logic.
commit
d61ce2dc2ba3d30bd8347ed6b7885e5bd5699e8a
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 19 09:34:10 2020 -0400
stream_tcp: Finalize held packets in TcpSession::clear_session()
This ensures that held packets are released even if a flow is cleared
without cleanup (as in prune conditions).
Shravan Rangarajuvenkata (shrarang) [Tue, 24 Mar 2020 22:40:00 +0000 (22:40 +0000)]
Merge pull request #2069 in SNORT/snort3 from ~OZAIKA/snort3:http2_draft_test to master
Squashed commit of the following:
commit
3c70e324722c55684edd27c3689db0d699dfcad8
Author: Oleksii Zaika <ozaika@cisco.com>
Date: Tue Mar 10 08:26:02 2020 -0400
appid: support detection for first stream in http/2 session
George Koikara (gkoikara) [Tue, 24 Mar 2020 18:18:28 +0000 (18:18 +0000)]
Merge pull request #1984 in SNORT/snort3 from ~NEHASH4/snort3:CSCvh17903 to master
Squashed commit of the following:
commit
fe0e3ebb85728a7ace9022accf90046561a843ce
Author: neha sharma <nehash4@cisco.com>
Date: Tue Dec 17 05:53:19 2019 -0500
smb: inspect midstream sessions for file inspection
Mike Stepanek (mstepane) [Tue, 24 Mar 2020 17:51:01 +0000 (17:51 +0000)]
Merge pull request #2094 in SNORT/snort3 from ~SMINUT/snort3:expect_cache_min_prune to master
Squashed commit of the following:
commit
9eb02b8dabe4bee0a03cbcbf0a991913f014d059
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Mar 20 22:30:54 2020 -0400
flow: allow the ExpectCache to force prune, so that we can always make room when the cache is full.
flow: change the ExpectCache prune logic to only remove a specified number of oldest entries, regardless of node expiration time.
flow: do away altogether with the loop in ExpectCache::prune, just remove one, only when the cache is full.
Steve Chew (stechew) [Tue, 24 Mar 2020 14:03:54 +0000 (14:03 +0000)]
Merge pull request #2079 in SNORT/snort3 from ~STECHEW/snort3:malware_block_with_retry to master
Squashed commit of the following:
commit
9c4ea9f5a683908369e005325ca833d85fec01a3
Author: Steve Chew <stechew@cisco.com>
Date: Sun Mar 22 10:48:00 2020 -0400
stream/tcp: Moved retry check to TcpSession::process.
commit
46cc63de4bd2b0b5e026dfd5e47e17f98680e531
Author: Steve Chew <stechew@cisco.com>
Date: Sat Mar 14 18:55:51 2020 -0400
stream: short-circuit stream when handling retry packets in no-ack mode.
Mike Stepanek (mstepane) [Tue, 24 Mar 2020 14:01:40 +0000 (14:01 +0000)]
Merge pull request #2100 in SNORT/snort3 from ~KATHARVE/snort3:nhi_refactor_print_body_section to master
Squashed commit of the following:
commit
9c9226cea9e366bfd8be4da464ba1428497c9221
Author: Katura Harvey <katharve@cisco.com>
Date: Mon Mar 23 16:54:22 2020 -0400
http_inspect: refactor print_section for message bodies
Shravan Rangarajuvenkata (shrarang) [Tue, 24 Mar 2020 10:43:18 +0000 (10:43 +0000)]
Merge pull request #2068 in SNORT/snort3 from ~CLJUDGE/snort3:ftpsdata_not_overwritten_as_ssl to master
Squashed commit of the following:
commit
2999eb64b825646b5840ced516c8ec4894c05ba5
Author: cljudge <cljudge@cisco.com>
Date: Fri Mar 6 03:36:54 2020 -0500
appid: restart service detection on start of decryption
Steve Chew (stechew) [Mon, 23 Mar 2020 23:25:02 +0000 (23:25 +0000)]
Merge pull request #2084 in SNORT/snort3 from ~STECHEW/snort3:ioctl_inject_fix to master
Squashed commit of the following:
commit
49237a73836f4b17b7cf9ef4ce101abca6e876c6
Author: Steve Chew <stechew@cisco.com>
Date: Thu Mar 19 01:05:01 2020 -0400
active: Send entire buffer at once when send_data uses ioctl.
commit
38a9fd566784902701899bd098456e442ca6fd15
Author: Steve Chew <stechew@cisco.com>
Date: Tue Mar 17 17:52:51 2020 -0400
active: Fix direction of RST packet being sent to server.
Mike Stepanek (mstepane) [Mon, 23 Mar 2020 19:26:48 +0000 (19:26 +0000)]
Merge pull request #2088 in SNORT/snort3 from ~KATHARVE/snort3:nhi_h2 to master
Squashed commit of the following:
commit
eada91f3303497cbb76e33cc1dc6e54c5c34e5fd
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Mar 18 10:08:59 2020 -0400
http_inspect: create http2 message body type
commit
242bff1e4f0c717a184f213a342ade9192b895de
Author: mdagon <mdagon@cisco.com>
Date: Mon Mar 9 15:39:02 2020 -0400
http2_inspect: refactor data cutter - preparation for multi packet processing
Shravan Rangarajuvenkata (shrarang) [Mon, 23 Mar 2020 19:19:14 +0000 (19:19 +0000)]
Merge pull request #2093 in SNORT/snort3 from ~KAMURTHI/snort3:DoT to master
Squashed commit of the following:
commit
175d9f0296de8b09fd637fd5ec3c997794758483
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Tue Mar 17 16:26:41 2020 -0400
appid: Include DNS over TLS port for classification.
Shravan Rangarajuvenkata (shrarang) [Mon, 23 Mar 2020 18:24:59 +0000 (18:24 +0000)]
Merge pull request #2082 in SNORT/snort3 from ~KAMURTHI/snort3:client_ut to master
Squashed commit of the following:
commit
366655b4b7b6468df1722d9fe33bbc43dd4b971f
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Mar 16 16:46:31 2020 -0400
appid: Adding UT for client_app_aim_test
Steve Chew (stechew) [Mon, 23 Mar 2020 14:16:34 +0000 (14:16 +0000)]
Merge pull request #1937 in SNORT/snort3 from ~OSHUMEIK/snort3:snort2lua_ips_option_replace to master
Squashed commit of the following:
commit
78fd7e410f877f6850b8e1a43877695e3c9804ac
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Mar 16 11:42:39 2020 +0200
lua: enable a rewrite plugin in a default config
commit
a96c133df889bf8e9261c960053e5fab347f7a6e
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Mar 10 12:09:40 2020 +0200
build: refactor included headers
Sort a list of included headers according to the Coding Style.
For .cc files in `tools/snort2lua/rule_states` directory.
commit
e78f54d6fa600155d05b2eac9f5b0528db452116
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Jan 9 11:50:20 2020 +0200
snort2lua: convert a replace option to a rewrite plugin/action.
Check if option has empty value.
Add comment for rules with a replace option.
Drop/block action takes precedence over a rewrite action.
Mike Stepanek (mstepane) [Mon, 23 Mar 2020 13:18:40 +0000 (13:18 +0000)]
Merge pull request #2090 in SNORT/snort3 from ~MASHASAN/snort3:idle_reload to master
Squashed commit of the following:
commit
77d0b2b990780864d9c6a3f67d076a9f14a216ea
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Mar 19 12:34:45 2020 -0400
reload: Setting higher maximum pruning when idle
George Koikara (gkoikara) [Mon, 23 Mar 2020 08:38:46 +0000 (08:38 +0000)]
Merge pull request #1952 in SNORT/snort3 from ~NEHASH4/snort3:CSCvh69673 to master
Squashed commit of the following:
commit
ad1702181be3428dba9fb67fdc5215134a8cc648
Author: neha sharma <nehash4@cisco.com>
Date: Wed Feb 5 11:36:31 2020 -0500
file_api: reading the new data for the overlapped file_data
Michael Altizer (mialtize) [Fri, 20 Mar 2020 23:14:35 +0000 (23:14 +0000)]
Merge pull request #2092 in SNORT/snort3 from ~MIALTIZE/snort3:no_uuid to master
Squashed commit of the following:
commit
39849097efee6f2e6cad02c598424ea46792d8c1
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Mar 20 12:17:19 2020 -0400
build: Don't try to use libuuid headers/libraries when not found
The updated FindUUID macros properly set the libuuid variables to
NOTFOUND, which exposed the places where they were being unconditionally
used. This properly conditionalizes that usage.
Thanks to James Lay <jlay@slave-tothe-box.net> for reporting the issue.
Mike Stepanek (mstepane) [Fri, 20 Mar 2020 20:25:19 +0000 (20:25 +0000)]
Merge pull request #2072 in SNORT/snort3 from ~THOPETER/snort3:nhttp133 to master
Squashed commit of the following:
commit
ad73c4fabe6ecbc90bb9283d52ae574288072ec9
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Feb 5 14:54:56 2020 -0500
http_inspect: gzip detained inspection
Michael Altizer (mialtize) [Fri, 20 Mar 2020 16:59:53 +0000 (16:59 +0000)]
Merge pull request #1957 in SNORT/snort3 from ~SELYSENK/snort3:bug/network_policy_nullptr to master
Squashed commit of the following:
commit
691b1f3af718cf70893c4026b1d480ca1abe3d9b
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Mar 5 13:37:53 2020 +0200
loggers: update usage to GLOBAL for all loggers
commit
d661b7e1eac7fdb3386ac4cbab537de72ebfcabb
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 4 11:26:20 2020 -0500
snort2lua: don't print out network_policy binding
commit
43de169f5a6f10c0c03bfe6521bd22dfab0a0b17
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 4 11:25:22 2020 -0500
binder: ignore the network_policy binding
commit
3ac2647f7f2e358ab6205adabd9e22a4643ef845
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Feb 26 20:23:07 2020 -0500
filters: update threshold tracking functions
General event threshold tracking functions take one more parameter
policy_id.
Usage for suppress and rate_filter modules is changed to CONTEXT.
event_filter, rate_filter and suppress modules use get_network_policy
to get the policy_id passed to the generic threshold tracking.
detection filter module uses get_ips_policy to get the policy_id
passed to the generic threshold traching.
Michael Altizer (mialtize) [Wed, 18 Mar 2020 14:21:42 +0000 (14:21 +0000)]
Merge pull request #1851 in SNORT/snort3 from ~BBANTWAL/snort3:vxlan_new to master
Squashed commit of the following:
commit
5c8104ebe65146c9315ae4a5a52e8fa3843b19c8
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Mar 17 15:19:57 2020 -0400
main: check if flow state is blocked while applying verdicts
commit
c7f9f5def1d0a42695a0a1e6f9229a443f329b4b
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Dec 10 15:14:37 2019 -0500
codecs: add new proto bit for udp tunneled traffic
commit
82313413cf6f4152915ffce33fc2f41118bbbd1c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Thu Aug 30 13:41:51 2018 -0400
codecs: add vxlan codec
move gtp_ports and deep_teredo_inspection from
snort config to UdpCodecConfig
Mike Stepanek (mstepane) [Wed, 18 Mar 2020 11:41:37 +0000 (11:41 +0000)]
Merge pull request #2062 in SNORT/snort3 from ~MDAGON/snort3:h2i_pt3 to master
Squashed commit of the following:
commit
4ef91cac5ae0967b79a057bbc11828098c55d694
Author: mdagon <mdagon@cisco.com>
Date: Wed Feb 26 16:09:04 2020 -0500
http2_inspect: support single data frame sent to http, multiple flushes
Shravan Rangarajuvenkata (shrarang) [Tue, 17 Mar 2020 22:27:03 +0000 (22:27 +0000)]
Merge pull request #2076 in SNORT/snort3 from ~SATHIRKA/snort3:icmpv6_in_ipv4_tunnel to master
Squashed commit of the following:
commit
c3f39b0995a7821d1fd1c3ca05db359467b26a44
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Mar 12 17:24:53 2020 -0400
appid: Support appid detection for outer protocol service
Shravan Rangarajuvenkata (shrarang) [Mon, 16 Mar 2020 14:17:30 +0000 (14:17 +0000)]
Merge pull request #2075 in SNORT/snort3 from ~KAMURTHI/snort3:smb_appid to master
Squashed commit of the following:
commit
158a37aa6275e82dc1504f26f83617463336700f
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Wed Mar 11 14:40:01 2020 -0400
appid: Fix SMB session data memory leak.
Michael Altizer (mialtize) [Fri, 13 Mar 2020 21:37:04 +0000 (21:37 +0000)]
Merge pull request #2067 in SNORT/snort3 from ~MIALTIZE/snort3:cxx14 to master
Squashed commit of the following:
commit
be07a2b2ac719b81b1d16e09e9cb552e73573a29
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Mar 6 18:13:43 2020 -0500
build: Bump the C++ compiler supported feature set requirement to C++14
Mike Stepanek (mstepane) [Fri, 13 Mar 2020 14:43:25 +0000 (14:43 +0000)]
Merge pull request #2065 in SNORT/snort3 from ~DERAMADA/snort3:h2i_flow_data_size to master
Squashed commit of the following:
commit
b4ed56e4d29821bd549824de43845861fc062b62
Author: deramada <deramada@cisco.com>
Date: Fri Mar 6 10:18:28 2020 -0500
http2_inspect: update dev notes with memory calculations
Michael Altizer (mialtize) [Thu, 12 Mar 2020 18:28:08 +0000 (18:28 +0000)]
Merge pull request #2074 in SNORT/snort3 from ~MIALTIZE/snort3:build_269 to master
Squashed commit of the following:
commit
08d5b15a1d4a8eedc4628bbed0a36f2e0bb8ed9d
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Mar 12 10:40:14 2020 -0400
build: generate and tag build 269
Steve Chew (stechew) [Wed, 11 Mar 2020 19:53:38 +0000 (19:53 +0000)]
Merge pull request #1990 in SNORT/snort3 from ~OSHUMEIK/snort3:trace_all_builds to master
Squashed commit of the following:
commit
d82d981dd4e40793bb741e8cfd8c2ac053b908cf
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Mar 3 12:05:28 2020 +0200
build: refactor trace logs
Changes follow:
* move on/off check before forming va_list
* delete unused trace_debug trace_debugf
* delete unused code
FileMemPool::verify()
flush_policy_names in src/stream/tcp/tcp_stream_session.cc
George Koikara (gkoikara) [Wed, 11 Mar 2020 18:07:10 +0000 (18:07 +0000)]
Merge pull request #2040 in SNORT/snort3 from ~KBHANDAN/snort3:fw_reload to master
Squashed commit of the following:
commit
d555619fa3df7e73a2921d8ff353dcc724877558
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Thu Feb 27 03:44:42 2020 -0500
main: do FileService::post_init after inspectors are configured
Shravan Rangarajuvenkata (shrarang) [Wed, 11 Mar 2020 15:51:59 +0000 (15:51 +0000)]
Merge pull request #2070 in SNORT/snort3 from ~SHRARANG/snort3:appid_mdns_tsan to master
Squashed commit of the following:
commit
33e1910c3dfc27f1c28507c29cc743fb07cf33b4
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Mar 10 12:17:26 2020 -0400
appid: fix thread-safety issues in mdns detector
Shravan Rangarajuvenkata (shrarang) [Tue, 10 Mar 2020 13:16:29 +0000 (13:16 +0000)]
Merge pull request #2066 in SNORT/snort3 from ~SATHIRKA/snort3:reload_mid_stream to master
Squashed commit of the following:
commit
74a624bbb17b3405addc1dc0107df4070c6b2274
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Mar 6 14:19:29 2020 -0500
appid: Adding support for third-party reload on midstream session
Shravan Rangarajuvenkata (shrarang) [Tue, 10 Mar 2020 02:05:43 +0000 (02:05 +0000)]
Merge pull request #2013 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_4 to master
Squashed commit of the following:
commit
86c07b18b201441bba9c0986b5f35d6c21b88f63
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Feb 17 08:49:08 2020 -0500
appid: move client/service pattern detectors and service discovery manager to odp context
Russ Combs (rucombs) [Mon, 9 Mar 2020 23:59:23 +0000 (23:59 +0000)]
Merge pull request #2050 in SNORT/snort3 from ~RUCOMBS/snort3:long_road to master
Squashed commit of the following:
commit
7fac732d47e375c11ccaaa09c460ce097698c052
Author: russ <rucombs@cisco.com>
Date: Sat Mar 7 16:55:46 2020 -0500
build: use const and auto references where possible
commit
ab2497818f6dbcfb448deee8b29ba60ba69dcda6
Author: russ <rucombs@cisco.com>
Date: Fri Mar 6 17:56:59 2020 -0500
style: remove tabs and too long lines
commit
ef713d0a2672db3c3e99fec22085a871c9554493
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 23:56:53 2020 -0500
parser: remove legacy parsing code
commit
8cb33a613e08adc45eacc3ec7ec1f0fef4e6aba6
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 13:09:13 2020 -0500
service: update implementation to vector
commit
f1abe6fd867f95825860489b075f77c392fa2efc
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 12:37:42 2020 -0500
rules: add constructors for references and classifications
commit
a8bd8c55d6a1f639a5107a86d34d1126d1759cf4
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 11:21:10 2020 -0500
classifications: use consistent variable names
commit
b7c8f3bcc6ea05b65c607cb3955860c4cc4539dd
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 11:01:39 2020 -0500
reference: update implementation to vector
commit
7d0e021b805a82aeabe2af0fa09259d5afc3a2e7
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 10:23:08 2020 -0500
references: update implementation with unordered map
commit
f85ef33a59b2bc3d6a81fbcc0ed97ac433fd8f4d
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 09:38:47 2020 -0500
classifications: update implementation with unordered map
commit
7046a630d3e94901b0c0bb0c61404666ba547e8d
Author: russ <rucombs@cisco.com>
Date: Sun Mar 1 08:45:28 2020 -0500
build: tweak includes
commit
43db2d95c454236cf638c280736fa6ac506e9eaa
Author: russ <rucombs@cisco.com>
Date: Sat Feb 29 17:12:58 2020 -0500
stats: update shutdown timing stats
Fix pkts/sec to use analyzed packet count. Also remove packets which is
already provided under daq stats. Add Mbits/sec.
commit
3a331613022272a845ca4e3ee30e2e6d486abe1f
Author: russ <rucombs@cisco.com>
Date: Thu Feb 27 09:32:55 2020 -0500
# This is a combination of 2 commits.
# This is the 1st commit message:
rules: simplify implementation of services, classifications, and references by using std::string
# The commit message #2 will be skipped:
# fixup std::string
commit
ee176681f558429e98e1a2dcca9bc318b2051f56
Author: russ <rucombs@cisco.com>
Date: Wed Feb 26 23:16:21 2020 -0500
rules: update --gen-msg-map to include all configured rules with references
commit
431dddb0a50b2dd1766cc12f8d5454d43367aaa1
Author: russ <rucombs@cisco.com>
Date: Sun Feb 23 08:15:54 2020 -0500
rules: remove cruft
commit
51816c1d9776221651bc639bd9870df4d6285212
Author: russ <rucombs@cisco.com>
Date: Sun Feb 23 08:15:07 2020 -0500
rules: fix warnings and startup counts for duplicates
commit
1c9f4b1ca655c9e8ed3bab2814caaa21616891b5
Author: russ <rucombs@cisco.com>
Date: Sun Feb 23 08:12:19 2020 -0500
stream_tcp: no_ack applies only to ips mode
Mike Stepanek (mstepane) [Mon, 9 Mar 2020 19:52:38 +0000 (19:52 +0000)]
Merge pull request #2056 in SNORT/snort3 from ~MMATIRKO/snort3:reputation_improvements to master
Squashed commit of the following:
commit
0228a7d28c9569b818e9d8697af27607ba9a9316
Author: Michael Matirko <mmatirko@cisco.com>
Date: Tue Mar 3 10:45:30 2020 -0500
reputation: remove flag from packet, track verdict on flow
Steve Chew (stechew) [Fri, 6 Mar 2020 21:06:48 +0000 (21:06 +0000)]
Merge pull request #2060 in SNORT/snort3 from ~SHEFAPRA/snort3:fix_gmtime to master
Squashed commit of the following:
commit
d65d98524cbe1485686934992791fec0d16d4b9f
Author: Shefali <shefapra@cisco.com>
Date: Wed Mar 4 12:28:39 2020 -0500
util: handled out-of-range time
Steve Chew (stechew) [Fri, 6 Mar 2020 20:24:57 +0000 (20:24 +0000)]
Merge pull request #2058 in SNORT/snort3 from ~STECHEW/snort3:lzma_fix to master
Squashed commit of the following:
commit
e259cd43f913bec63910d067bc2b276c77390e4a
Author: Steve Chew <stechew@cisco.com>
Date: Wed Mar 4 01:46:40 2020 -0500
cmake: Fix building without lzma library.
Thanks to Fabrice Fontaine <fontaine.fabrice@gmail.com> for reporting the issue.
Steve Chew (stechew) [Fri, 6 Mar 2020 20:02:03 +0000 (20:02 +0000)]
Merge pull request #2053 in SNORT/snort3 from ~ALLEWI/snort3:byte_overflows to master
Squashed commit of the following:
commit
f179c255237e6d9a7bcfd5c81c49bcdf60d95e5b
Author: allewi <allewi@cisco.com>
Date: Sat Feb 29 21:33:34 2020 -0500
byte_math: Snort2 bug port of integer over and under flow detection
Michael Altizer (mialtize) [Fri, 6 Mar 2020 16:43:40 +0000 (16:43 +0000)]
Merge pull request #2061 in SNORT/snort3 from ~OSERHIIE/snort3:alpine_build_fix to master
Squashed commit of the following:
commit
c149560b8bd0fabb7ce802cde20685ad1ef67e5b
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Tue Mar 3 12:41:53 2020 +0200
flow: Add missing time.h include for struct timeval
Russ Combs (rucombs) [Fri, 6 Mar 2020 13:38:27 +0000 (13:38 +0000)]
Merge pull request #2064 in SNORT/snort3 from ~DAVMCPHE/snort3:hash_foo_2 to master
Squashed commit of the following:
commit
649dd07dbd388d18c87bb0a8d1da755a1dff1a11
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Mar 5 09:13:14 2020 -0500
ips_manager: revert broken support for thread_reinit
commit
14333c503c2694e3d811097e84f14d1bd66dc701
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Mar 5 08:12:25 2020 -0500
flow_cache: fix memory deallocation bug due to inverted return value from hash release node
commit
5fe12ecd06e53b8239540fd51ad5a1527ddefa3d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Wed Mar 4 09:25:06 2020 -0500
Revert "Merge pull request #2054 in SNORT/snort3 from ~DAVMCPHE/snort3:revert_hash_foo to master"
This reverts commit
6b385a10a4c012df7c8dd682b72958ae8e9d9adb .
Mike Stepanek (mstepane) [Fri, 6 Mar 2020 13:18:32 +0000 (13:18 +0000)]
Merge pull request #2018 in SNORT/snort3 from ~DERAMADA/snort3:hi_http_uri to master
Squashed commit of the following:
commit
d06d71e6983cde3acc12c1955425235e771258c8
Author: deramada <deramada@cisco.com>
Date: Wed Feb 19 10:01:15 2020 -0500
http_inspect: change http_uri to only include path and query for absolute and absolute path uris
Michael Altizer (mialtize) [Fri, 6 Mar 2020 00:21:31 +0000 (00:21 +0000)]
Merge pull request #2052 in SNORT/snort3 from ~MIALTIZE/snort3:freebsd_osx to master
Squashed commit of the following:
commit
23b466c713fcf8ffeed1c3c3f07dc04cdf506d4e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 2 10:07:34 2020 -0500
build: Fix various build issues on FreeBSD and OS X
commit
0dd9359134dc17194fa31f75d65e6f752675c7af
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 2 10:07:34 2020 -0500
build: Fix LibUUID detection on OS X
commit
30ebcc7187ec3127571caaa8d18aa3fb6516170d
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 2 10:07:34 2020 -0500
http_inspect: Properly mock HttpModule::peg_counts in http_transaction_test
Mike Stepanek (mstepane) [Thu, 5 Mar 2020 17:26:43 +0000 (17:26 +0000)]
Merge pull request #2049 in SNORT/snort3 from ~SMINUT/snort3:flow_mem_leak to master
Squashed commit of the following:
commit
ac638bb058bbb634528feb5d666a46e85d53efdb
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Feb 28 16:05:33 2020 -0500
flow: free the flow data before deleting the actual flow
Steve Chew (stechew) [Thu, 5 Mar 2020 16:34:27 +0000 (16:34 +0000)]
Merge pull request #2015 in SNORT/snort3 from ~STECHEW/snort3:defer_whitelist to master
Squashed commit of the following:
commit
0f77d6e97b51eaf3aef757874f36c2ebf612c3fe
Author: Steve Chew <stechew@cisco.com>
Date: Wed Feb 5 17:49:46 2020 -0500
flow: turn off deferred whitelist on DONE if no whitelist was seen.
Steve Chew (stechew) [Thu, 5 Mar 2020 13:40:11 +0000 (13:40 +0000)]
Merge pull request #2007 in SNORT/snort3 from ~OKHOMIAK/snort3:not_load_daq_in_test_mode to master
Squashed commit of the following:
commit
3988e995744d8ab7d87c47824086cbd80706d7b0
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Thu Feb 13 21:55:30 2020 +0200
sfdaq: converted parsing related error messages in DAQ init to ParseErrors
George Koikara (gkoikara) [Thu, 5 Mar 2020 11:19:24 +0000 (11:19 +0000)]
Merge pull request #1986 in SNORT/snort3 from ~APOORAJ/snort3:ftp_whitelist to master
Squashed commit of the following:
commit
cd28ecf05fbe5379661772cdd6704ea2d7f8c253
Author: Apoorv Raj <apooraj@cisco.com>
Date: Thu Feb 6 02:57:58 2020 -0500
ftp: Whitelist ftp session after max sig depth reached
Mike Stepanek (mstepane) [Tue, 3 Mar 2020 19:51:34 +0000 (19:51 +0000)]
Merge pull request #2019 in SNORT/snort3 from ~MDAGON/snort3:data_frame to master
Squashed commit of the following:
commit
00768b50e95acb2349676661affb73b40f2a53b1
Author: mdagon <mdagon@cisco.com>
Date: Fri Jan 31 11:49:38 2020 -0500
http2_inspect: send data frames to http - full frames only in a single flush
Russ Combs (rucombs) [Tue, 3 Mar 2020 15:59:38 +0000 (15:59 +0000)]
Merge pull request #2054 in SNORT/snort3 from ~DAVMCPHE/snort3:revert_hash_foo to master
Squashed commit of the following:
commit
2b1a1979ac8b05de9e1adbf78cd80a334408f626
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Mar 3 07:38:43 2020 -0500
Revert "Merge pull request #2009 in SNORT/snort3 from ~DAVMCPHE/snort3:lru_cache_for_hash to master"
This reverts commit
bb26ceaaed7ca78c25ff5b8aa6f0b338fb9ecc1a .
commit
ed107a307c5b1c05b69a99d6f167133af90e2dba
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Mar 3 07:32:19 2020 -0500
Revert "Merge pull request #2037 in SNORT/snort3 from ~DAVMCPHE/snort3:nuking_reload_errors to master"
This reverts commit
9ee76016f1abe825d5ebcaa472a2651e89f88171 .
Mike Stepanek (mstepane) [Tue, 3 Mar 2020 14:49:29 +0000 (14:49 +0000)]
Merge pull request #2042 in SNORT/snort3 from ~NIHDESAI/snort3:abort_h2h to master
Squashed commit of the following:
commit
d5b1e259399fbcc38fa191291ef6c4b99264f809
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Feb 19 15:41:51 2020 -0500
http2_inspect: aborts for nhi errors
Mike Stepanek (mstepane) [Tue, 3 Mar 2020 14:35:11 +0000 (14:35 +0000)]
Merge pull request #2035 in SNORT/snort3 from ~KATHARVE/snort3:h2i_pub_sub to master
Squashed commit of the following:
commit
07072478f6c3cd762193531d4bec7f62beb44b0f
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Feb 26 11:51:19 2020 -0500
pub_sub: add http2 info to http pub messages
George Koikara (gkoikara) [Tue, 3 Mar 2020 04:21:59 +0000 (04:21 +0000)]
Merge pull request #1989 in SNORT/snort3 from ~LBEVINAM/snort3:telemetry_counters to master
Squashed commit of the following:
commit
508c753c767cf033b551b1f31621fd5f070cbab0
Author: lbevinam <lbevinam@cisco.com>
Date: Thu Jan 30 05:35:55 2020 -0500
service_inspectors: added counters to track total number of data bytes processed in SMTP,POP,SSH and FTP
udp_stream: added counters to track total number of data bytes processed
ip_stream: added counters to track total number of data bytes processed
Mike Stepanek (mstepane) [Mon, 2 Mar 2020 17:59:53 +0000 (17:59 +0000)]
Merge pull request #2044 in SNORT/snort3 from ~MASHASAN/snort3:stats_and_data_races to master
Squashed commit of the following:
commit
9d4b9171cdde544f26b63f2390e6dafc3fb7f1fb
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Feb 27 18:27:03 2020 -0500
stream: Addressing inconsistent stream stats and some data races
projects / thirdparty / snort3.git / log
