]>
git.ipfire.org Git - thirdparty/snort3.git/log
Shravan Rangarajuvenkata (shrarang) [Mon, 2 Mar 2020 15:50:11 +0000 (15:50 +0000)]
Merge pull request #2041 in SNORT/snort3 from ~OZAIKA/snort3:ozaika_asproxy to master
Squashed commit of the following:
commit
57ea30912d8b864caf6f17cd0dda03d771db595d
Author: Oleksii Zaika <ozaika@cisco.com>
Date: Thu Feb 27 08:24:06 2020 -0500
appid: detect apps using x-working-with http field in response header
Steve Chew (stechew) [Mon, 2 Mar 2020 15:39:36 +0000 (15:39 +0000)]
Merge pull request #2020 in SNORT/snort3 from ~SBAIGAL/snort3:so_reload_2 to master
Squashed commit of the following:
commit
0ffe1aa821d7d4e092a64173900e9a264f999dde
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Feb 19 11:01:43 2020 -0500
plugin_manager: add support for reload so_rule plugins
Shravan Rangarajuvenkata (shrarang) [Fri, 28 Feb 2020 21:18:07 +0000 (21:18 +0000)]
Merge pull request #2010 in SNORT/snort3 from ~SATHIRKA/snort3:navl_reload_multithread to master
Squashed commit of the following:
commit
481482201b9e05af0fed08f8cec583c001e52f5b
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Feb 13 14:14:58 2020 -0500
appid: Support third-party reload when snort is running with multiple packet threads
Russ Combs (rucombs) [Fri, 28 Feb 2020 18:15:34 +0000 (18:15 +0000)]
Merge pull request #2046 in SNORT/snort3 from ~RUCOMBS/snort3:base64_fix to master
Squashed commit of the following:
commit
fec65014e2215bf87ab02639dbd6d28130fe02ca
Author: russ <rucombs@cisco.com>
Date: Fri Feb 28 09:05:31 2020 -0500
base64_decode: use standard detection context data buffer
Russ Combs (rucombs) [Fri, 28 Feb 2020 04:12:34 +0000 (04:12 +0000)]
Merge pull request #2037 in SNORT/snort3 from ~DAVMCPHE/snort3:nuking_reload_errors to master
Squashed commit of the following:
commit
9d50248d9b1768509c9876ed3ed53a3c52cc8d91
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Feb 27 21:12:31 2020 -0500
ghash: fix thread race condition with GHash member variables when a GHash instance is global
commit
8b7b0bab38e9d567e81acf784b39fe4eae4d6534
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Feb 10 17:24:28 2020 -0500
snort_config: footprint REG_TEST, no check for stream inspector add/rm, etc
reload: add description of reload error to the response message of the reload_config command
ips_base64: add logic to call ips option tinit method on reload if not previously called
hash: delete unused sfmemcap.[h|cc] and remove unnecessary includes
Steve Chew (stechew) [Fri, 28 Feb 2020 03:58:34 +0000 (03:58 +0000)]
Merge pull request #1949 in SNORT/snort3 from ~OSERHIIE/snort3:trace_bitmask to master
Squashed commit of the following:
commit
4cccd12b0aacbc85543aabc63db1ad5212bc4a7d
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Wed Feb 12 19:31:05 2020 +0200
detection: refactoring updates to detection. Moved DetectionModule into a separate file.
commit
cded4b12458ea9d4c7456ebd93041482a91c2a30
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Tue Feb 4 20:34:00 2020 +0200
framework: add generic convertation trace string to bitmaks.
commit
29c144ae2e148b35d76bebef24146d84adc83311
Author: Oleksandr Serhiienko <oserhiie@cisco.com>
Date: Thu Jan 16 17:08:49 2020 +0200
detection: added support for trace config option to take a list of strings with verbosity level instead of bitmask
Steve Chew (stechew) [Thu, 27 Feb 2020 21:03:27 +0000 (21:03 +0000)]
Merge pull request #2011 in SNORT/snort3 from ~STECHEW/snort3:inject_ioctls to master
Squashed commit of the following:
commit
b45dc3b4723aa06a7c058bd94b6da8226ba50c0f
Author: Steve Chew <stechew@cisco.com>
Date: Fri Feb 14 17:35:50 2020 -0500
active: Add ability to inject resets and payload via IOCTLs.
George Koikara (gkoikara) [Thu, 27 Feb 2020 16:40:52 +0000 (16:40 +0000)]
Merge pull request #2033 in SNORT/snort3 from ~KDEWANGA/snort3:iab to master
Squashed commit of the following:
commit
66cade7b40d9f07deeba5ff0735b82f8a58f9806
Author: Keshaw Dewangan <kdewanga@cisco.com>
Date: Tue Feb 11 05:55:01 2020 -0500
daq:Made get_stats public for plugins
Michael Altizer (mialtize) [Wed, 26 Feb 2020 23:41:35 +0000 (23:41 +0000)]
Merge pull request #2038 in SNORT/snort3 from ~MMATIRKO/snort3:improved_flowstats3 to master
Squashed commit of the following:
commit
8382ed77ac0571ff4601934ae6dec7f1ce26493d
Author: Michael Matirko <mmatirko@cisco.com>
Date: Thu Feb 6 12:02:12 2020 -0500
flow: added initiator bytes/packets onto flow
Russ Combs (rucombs) [Wed, 26 Feb 2020 20:54:36 +0000 (20:54 +0000)]
Merge pull request #2009 in SNORT/snort3 from ~DAVMCPHE/snort3:lru_cache_for_hash to master
Squashed commit of the following:
commit
6f962204d41c0b1007992483f739db508e5d9c0d
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Jan 24 09:11:21 2020 -0500
xhash/zhash: refactor duplicated code into a common base class, xhash/zhash will subclass this new base class
utils: create memory allocation class based on sfmemcap functionality
xhash: refactor XHash and HashFnc to eliminate c-style callbacks and simplify ctor options
xhash: rename hashfcn.[cc|h] to hash_keys.[cc|h]
zhash: refactor to use hash_lru_cache and hash_key_operations classes
zhash: make zhash a subclass of xhash...eliminate duplicate code
utils: add unit tests for MemCapAllocator class
hash: add unit tests for new HashLruCache class - (PR review comments
Michael Altizer (mialtize) [Tue, 25 Feb 2020 23:34:14 +0000 (23:34 +0000)]
Merge pull request #2034 in SNORT/snort3 from ~MIALTIZE/snort3:revert_flowip_cli to master
Squashed commit of the following:
commit
450cc0e132f5d062b82624f2d44c29ea7a6ee4ca
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Feb 25 14:38:18 2020 -0500
Revert "Merge pull request #1985 in SNORT/snort3 from ~PUNEETKU/snort3:snort3_flowip to master"
This reverts commit
5530a271854442972f88c740c335957488a480ea .
Steve Chew (stechew) [Tue, 25 Feb 2020 19:06:51 +0000 (19:06 +0000)]
Merge pull request #1954 in SNORT/snort3 from ~OKHOMIAK/snort3:big_endian_system_build to master
Squashed commit of the following:
commit
d402a299c4168f67eea200fc0e5973071a6bc5c1
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Mon Jan 20 16:03:04 2020 +0200
build: fix build on big-endian systems
moved little-endian arrays conversion macros in a common header
added macros to convert little endian to host order for unaligned access
made unit tests independent of types size and system arch
Shravan Rangarajuvenkata (shrarang) [Tue, 25 Feb 2020 17:45:34 +0000 (17:45 +0000)]
Merge pull request #2014 in SNORT/snort3 from ~OZAIKA/snort3:ozaika_cert_status_type to master
Squashed commit of the following:
commit
f09bbc493a8567cb60a280c264e120216ebbc82f
Author: Oleksii Zaika <ozaika@cisco.com>
Date: Mon Feb 17 18:48:19 2020 +0200
appid: handle CERTIFICATE STATUS handshake type in SSL detector
George Koikara (gkoikara) [Tue, 25 Feb 2020 14:25:57 +0000 (14:25 +0000)]
Merge pull request #2032 in SNORT/snort3 from ~KDEWANGA/snort3:backout_IAB_changes to master
Squashed commit of the following:
commit
19314b6ea33ab3b634cf221eacf216e85d5a7d56
Author: Keshaw Dewangan <kdewanga@cisco.com>
Date: Tue Feb 25 08:59:29 2020 -0500
daq: reverting changes to get_stats declaration
George Koikara (gkoikara) [Tue, 25 Feb 2020 10:02:42 +0000 (10:02 +0000)]
Merge pull request #1996 in SNORT/snort3 from ~KDEWANGA/snort3:iab to master
Squashed commit of the following:
commit
92605d70bc76df74cf3aeedec85fc44508f472a9
Author: Keshaw Dewangan <kdewanga@cisco.com>
Date: Tue Feb 11 05:55:01 2020 -0500
IAB:Made get_stats public to get Daq Stats for IAB.
George Koikara (gkoikara) [Tue, 25 Feb 2020 10:01:51 +0000 (10:01 +0000)]
Merge pull request #1988 in SNORT/snort3 from ~POAWASTH/snort3:cli to master
Squashed commit of the following:
commit
7ec3359e5db730e2f7e7529e22269b55fc9b3dd3
Author: Pooja Awasthi <poawasth@cisco.com>
Date: Tue Feb 4 03:49:36 2020 -0500
CLI:Dump stats termination label for show snort3 counters CLI
George Koikara (gkoikara) [Tue, 25 Feb 2020 09:13:59 +0000 (09:13 +0000)]
Merge pull request #1985 in SNORT/snort3 from ~PUNEETKU/snort3:snort3_flowip to master
Squashed commit of the following:
commit
a458cd3697d0e8c6dce66a6c83203db2ca29977b
Author: Puneeth Kumar C V <puneetku@cisco.com>
Date: Thu Jan 30 22:04:29 2020 -0500
perf_monitor: Enable or disable flow-ip-profiling using shell commands.
George Koikara (gkoikara) [Tue, 25 Feb 2020 06:38:48 +0000 (06:38 +0000)]
Merge pull request #1928 in SNORT/snort3 from ~DIPANDIT/snort3:port-CSCvg68807 to master
Squashed commit of the following:
commit
158c355b026dd0a57f139a129ac630e888b41a0c
Author: Dipto Pandit <dipandit@cisco.com>
Date: Fri Jan 31 00:16:44 2020 -0500
smb:Malware over size 131kb is not detected in SMBv2/SMBv3
For SMB2/SMB3, the length field in NetBIOS Session Service Header should be considered 3 bytes.
Shravan Rangarajuvenkata (shrarang) [Mon, 24 Feb 2020 19:29:24 +0000 (19:29 +0000)]
Merge pull request #2027 in SNORT/snort3 from ~SATHIRKA/snort3:appid_cert_viz to master
Squashed commit of the following:
commit
1ddc6c3d40591b403d2f36b783d2fef0767d3693
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Feb 20 12:24:44 2020 -0500
appid: Enhance ssl appid lookup api to store SNI and CN provided by SSL for app detection
Mike Stepanek (mstepane) [Mon, 24 Feb 2020 14:07:49 +0000 (14:07 +0000)]
Merge pull request #2030 in SNORT/snort3 from ~THOPETER/snort3:nhttp135 to master
Squashed commit of the following:
commit
d7b1e4a922555e1d5b046eaacb8f36849e56e1ac
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Feb 21 11:26:22 2020 -0500
http_inspect: improve precautions for stream interactions
Michael Altizer (mialtize) [Fri, 21 Feb 2020 18:06:45 +0000 (18:06 +0000)]
Merge pull request #1992 in SNORT/snort3 from ~MIALTIZE/snort3:build_268 to master
Squashed commit of the following:
commit
785c0e89b1bde00cc72133e23738c57727407758
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Feb 21 11:00:08 2020 -0500
build: generate and tag build 268
Michael Altizer (mialtize) [Thu, 20 Feb 2020 17:52:16 +0000 (17:52 +0000)]
Merge pull request #2022 in SNORT/snort3 from ~SMINUT/snort3:multiple_reject_take5 to master
Squashed commit of the following:
commit
46f3ef78a578553e2eedb7f4da91a366b55967fd
Author: Silviu Minut <sminut@cisco.com>
Date: Wed Feb 19 14:09:50 2020 -0500
file_api: enable Active only when idx = 0 and misc style edits.
Shravan Rangarajuvenkata (shrarang) [Wed, 19 Feb 2020 02:48:43 +0000 (02:48 +0000)]
Merge pull request #2016 in SNORT/snort3 from ~ARMANDAV/snort3:appidbugfix to master
Squashed commit of the following:
commit
837f3ec09a88152c620c0a0138b9fb0c9fd9316d
Author: Arun Mandava <armandav@cisco.com>
Date: Mon Feb 17 12:23:16 2020 -0500
appid: handle invalid uri in http tunnel traffic
Steve Chew (stechew) [Tue, 18 Feb 2020 22:09:36 +0000 (22:09 +0000)]
Merge pull request #2002 in SNORT/snort3 from ~ALLEWI/snort3:smtp_default_typo to master
Squashed commit of the following:
commit
156df41662dc1ceef7af7b958d04564ce2759a04
Author: allewi <allewi@cisco.com>
Date: Thu Feb 13 09:47:31 2020 -0500
lua: fix typo in default smtp's alt_max_command_line_len
Mike Stepanek (mstepane) [Tue, 18 Feb 2020 21:21:07 +0000 (21:21 +0000)]
Merge pull request #1961 in SNORT/snort3 from ~SMINUT/snort3:multiple_reject_take5 to master
Squashed commit of the following:
commit
d2f17bbd38c252525c3a36822d2e19c872dc4868
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jan 3 18:01:36 2020 -0500
main: make ips actions (reject, react, replace) configurable by ips policy and provide default reject to everything else that needs one.
managers: take IpsAction out of ActionManager.
actions: change ReactData from struct to class with proper constructor and destructor and enable default_react in active.cc.
packet_io: introduce the BaseAction class for Active to work with, and take IpsAction out of Active.
packet_io: allow ips reject to put both an RST and ICMP dest unreachable on the wire, if so configured, and make the active default reset action put a RST for tcp and ICMP for icmp.
packet_io: add a version of Active::reset_session()that does not take a BaseAction as an input argument, but rather queues the default reset; similarly for set_delayed_action.
actions: remove act_react.h, act_reject.h and act_replace.h.
actions: get rid of Replace_ResetQueue() and Replace_QueueChange().
packet_io: rename ActiveAction to ActiveActionType and BaseAction to ActiveAction.
Russ Combs (rucombs) [Tue, 18 Feb 2020 16:32:41 +0000 (16:32 +0000)]
Merge pull request #1947 in SNORT/snort3 from ~BRASTULT/snort3:http_param to master
Squashed commit of the following:
commit
7372ff7c4455456788e055bb74a8ff957042ad70
Author: Brandon Stultz <brastult@cisco.com>
Date: Wed Dec 11 18:29:15 2019 -0500
http_inspect: add http_param rule option
Michael Altizer (mialtize) [Tue, 18 Feb 2020 15:38:18 +0000 (15:38 +0000)]
Merge pull request #1908 in SNORT/snort3 from ~BBANTWAL/snort3:lua_whitelist to master
Squashed commit of the following:
commit
b3a7aed754ada79a9493d27b9eda4cac57db6810
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Feb 11 20:54:48 2020 -0500
doc: update documentation for lua whitelist
commit
c91dc91110887f7348fe09f60b4fad2a95de4fe4
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Feb 11 20:52:38 2020 -0500
main: add verbose output and print whitelist during reload
commit
3c54fac801e3ea60854e34cd8d46dc0b8e27f64a
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Feb 11 20:52:15 2020 -0500
lua: update lua files to whitelist the tables defined.
define default_whitelist and whitelist them in snort_defaults.lua
file_magic.lua to add file_magic table to whitelist
commit
a1867b791cd05bcf36e308f701423aee08ae8dd4
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Feb 11 20:48:44 2020 -0500
module_manager: add snort_whitelist_append and snort_whitelist_add_prefix ffis
These ffis add table names and prefixes to the lua whitelist used to print warnings when modules for the table names are not found in snort.
split bootstrap into two lua files( bootstrap and finalize )
load aliases before called snort_traversal in finalize.lua
main: move config_lua to Shell::configure
snort: add new warn flag warn-conf-strict that will throw out warning when table is not found
Mike Stepanek (mstepane) [Tue, 18 Feb 2020 15:27:42 +0000 (15:27 +0000)]
Merge pull request #2001 in SNORT/snort3 from ~KATHARVE/snort3:h2i_disable_detection to master
Squashed commit of the following:
commit
3f544dd8749a9ea7f25cdbafa29582b0396ade31
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Feb 7 13:32:24 2020 -0500
http2_inspect: support disabling detection for uninteresting HTTP/2 frames
http_inspect: when detection is disabled, disable all rules not just content rules
Russ Combs (rucombs) [Tue, 18 Feb 2020 01:02:52 +0000 (01:02 +0000)]
Merge pull request #2012 in SNORT/snort3 from ~RUCOMBS/snort3:new_stuff to master
Squashed commit of the following:
commit
442e97ad2054e74f008a9f800f1e99930e24e8af
Author: russ <rucombs@cisco.com>
Date: Sat Feb 15 10:27:32 2020 -0500
gtp_inspect: fix default port binding
The default snort.lua had a port binding to type = 'gtp' which is a typo.
The service is 'gtp' and the inspector is 'gtp_inspect'. Due to a flaw in
lookup, the inspector was being matched by service. To avoid confusing type
and service the lookups were separated. However, we silenty covert the old
type = 'gtp' bidings to type = 'gtp_inspect' until RC at which point this
deprecated usage support will be removed.
commit
215bd1e4829550183ae36198a3764245a3669cba
Author: russ <rucombs@cisco.com>
Date: Sat Feb 15 10:08:29 2020 -0500
inspectors: ensure correct lookup by type, name, or service
commit
db649915eddbf805d9f587dd985ec9bd254b4f37
Author: russ <rucombs@cisco.com>
Date: Sat Feb 8 10:12:19 2020 -0500
metadata: add --metadata-filter to load matching rules only
Rule metadata is a comma separated list of name-value tokens, eg:
metadata:impact_flag red,policy security-ips drop,ruleset community;
--metadata-filter f will load only rules where f appears in one of
the metadata tokens. "policy security" and "security-ips" would
both match the above example. Rules that are filtered out are
counted as "total rules not loaded" in the startup output.
Steve Chew (stechew) [Fri, 14 Feb 2020 01:04:46 +0000 (01:04 +0000)]
Merge pull request #2006 in SNORT/snort3 from ~SBAIGAL/snort3:revert_so_reload to master
Squashed commit of the following:
commit
b75c6217776b5d124c7ae002a1f9432e305a82c3
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 13 18:00:27 2020 -0500
Revert "Merge pull request #1963 in SNORT/snort3 from ~SBAIGAL/snort3:so_reload to master"
This reverts commit
e6293b0e23bc8620560896d15930f1725db33d0e .
commit
68842c56dd0a9bc484fe0ecf95e816c54b9f70cd
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 13 18:00:09 2020 -0500
Revert "Merge pull request #2003 in SNORT/snort3 from ~SBAIGAL/snort3:soapi_version_bump to master"
This reverts commit
1b256c379cc1ca49626817c2edd11fab713ecb94 .
Mike Stepanek (mstepane) [Thu, 13 Feb 2020 21:35:38 +0000 (21:35 +0000)]
Merge pull request #2005 in SNORT/snort3 from ~KAMURTHI/snort3:appid_array_init to master
Squashed commit of the following:
commit
0adb29e412cce1d019c6b9056f5a0247116c6a01
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu Feb 13 14:20:29 2020 -0500
appid: Fix array initialization on Appid
Steve Chew (stechew) [Thu, 13 Feb 2020 18:57:15 +0000 (18:57 +0000)]
Merge pull request #2003 in SNORT/snort3 from ~SBAIGAL/snort3:soapi_version_bump to master
Squashed commit of the following:
commit
f37b20d300f63e2f9f7e8efd2ff8792f9ed3cfe1
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Thu Feb 13 13:35:10 2020 -0500
soapi: dumped version number due to change to IpsOption data structure
Davis McPherson (davmcphe) [Thu, 13 Feb 2020 14:26:17 +0000 (14:26 +0000)]
Merge pull request #1965 in SNORT/snort3 from ~DAVMCPHE/snort3:reload_fatal_attractions to master
Squashed commit of the following:
commit
24b57441e129bcfdd47bfaf62d55957a0ccc6c38
Author: davis mcpherson <davmcphe@cisco.com>
Date: Fri Nov 22 13:27:03 2019 -0500
reload: eliminate FatalError calls that can't happen because snort_calloc always returns valid memory
ghash: refactor ghash implementation to convert it to an actual c++ class.
xhash: refactor xhash to be a real c++ class
xhash/zhash: refactor to move common definitions into hash_defs.h
hashfcn: refactor key compare function prototype and functions to return boolean
Michael Altizer (mialtize) [Thu, 13 Feb 2020 03:28:48 +0000 (03:28 +0000)]
Merge pull request #1998 in SNORT/snort3 from ~THOPETER/snort3:nhttp134 to master
Squashed commit of the following:
commit
70adf9b7d5329b7c573739d6f952b67e228bd173
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Feb 11 16:52:43 2020 -0500
http_inspect: gzip splitting beyond request_depth should use correct target size
Mike Stepanek (mstepane) [Wed, 12 Feb 2020 15:22:24 +0000 (15:22 +0000)]
Merge pull request #1995 in SNORT/snort3 from ~MASHASAN/snort3:fix_reload_tests to master
Squashed commit of the following:
commit
c3ae82898a061d84054fe286738848186b25dd1b
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Feb 10 22:04:34 2020 -0500
host_tracker: Checking lock in a separate thread in unit-test
Mike Stepanek (mstepane) [Wed, 12 Feb 2020 15:09:12 +0000 (15:09 +0000)]
Merge pull request #1969 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_3 to master
Squashed commit of the following:
commit
dd1d2a4f13e9f73f8406fa6530b1f9ab5dcc4acc
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jan 28 22:18:16 2020 -0500
appid: move dns, sip, ssl and http pattern matchers to odp context; move client discovery manager to odp context
Shravan Rangarajuvenkata (shrarang) [Fri, 7 Feb 2020 21:54:01 +0000 (21:54 +0000)]
Merge pull request #1993 in SNORT/snort3 from ~PGUPTE/snort3:flic to master
Squashed commit of the following:
commit
82bdd3a425074d76e5a4655f6f11b97685976df7
Author: Payal Gupte <pgupte@cisco.com>
Date: Fri Feb 7 15:49:34 2020 -0500
file-magic: Added missing file magic pattern for FLIC
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 18:45:00 +0000 (18:45 +0000)]
Merge pull request #1982 in SNORT/snort3 from ~KATHARVE/snort3:h2i_dynamic_size to master
Squashed commit of the following:
commit
a1bbb525ea89620dfcfc6d3985ba6ccb7fe86ba2
Author: Katura Harvey <katharve@cisco.com>
Date: Thu Jan 23 16:48:27 2020 -0500
http2_inspect: support HPACK dynamic table size updates
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 17:53:42 +0000 (17:53 +0000)]
Merge pull request #1979 in SNORT/snort3 from ~MASHASAN/snort3:reload_host_cache to master
Squashed commit of the following:
commit
11e7d21da60752a0281cd6e74485c5ce2cebe140
Author: Masud Hasan <mashasan@cisco.com>
Date: Thu Jan 30 14:24:14 2020 -0500
host_tracker: Support host_cache reload with RRT when memcap changes
Mike Stepanek (mstepane) [Fri, 7 Feb 2020 15:53:19 +0000 (15:53 +0000)]
Merge pull request #1987 in SNORT/snort3 from ~THOPETER/snort3:nhttp132 to master
Squashed commit of the following:
commit
fcc1bd432f77302b8e39012725841b813abb7ca1
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Feb 4 15:50:27 2020 -0500
http_inspect: gzip splitting fix
Shravan Rangarajuvenkata (shrarang) [Thu, 6 Feb 2020 16:48:57 +0000 (16:48 +0000)]
Merge pull request #1945 in SNORT/snort3 from ~SATHIRKA/snort3:appid_ssl_decryption to master
Squashed commit of the following:
commit
9b25ac57051282d79daab57cc67858e7b43de526
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Jan 8 10:44:55 2020 -0500
appid: Adding support for appid detection on decrypted SSL sessions
Mike Stepanek (mstepane) [Thu, 6 Feb 2020 16:45:32 +0000 (16:45 +0000)]
Merge pull request #1960 in SNORT/snort3 from ~MASHASAN/snort3:memory_cap_per_thread to master
Squashed commit of the following:
commit
466a7cfba777b9d1693c3da0321d5b05852603a4
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Jan 21 22:40:53 2020 -0500
memory: Treating config value memory.cap as per thread instead of global
Steve Chew (stechew) [Wed, 5 Feb 2020 16:06:46 +0000 (16:06 +0000)]
Merge pull request #1963 in SNORT/snort3 from ~SBAIGAL/snort3:so_reload to master
Squashed commit of the following:
commit
97637d76fb074ffa778a317b586c7e0446fd720d
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed Dec 18 16:02:02 2019 -0500
reload: make so_rule plugins reloadable
Russ Combs (rucombs) [Tue, 4 Feb 2020 11:40:41 +0000 (11:40 +0000)]
Merge pull request #1970 in SNORT/snort3 from ~SELYSENK/snort3:update_copyright to master
Squashed commit of the following:
commit
2c566a2e52955a699529ddc84ca04097f27111ea
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Tue Feb 4 10:41:57 2020 +0200
copyright: update year to 2020
Russ Combs (rucombs) [Tue, 4 Feb 2020 01:28:00 +0000 (01:28 +0000)]
Merge pull request #1967 in SNORT/snort3 from ~RUCOMBS/snort3:crc_miscellany to master
Squashed commit of the following:
commit
bc841270df5017e7d2e4c14290269d97eae7896e
Author: russ <rucombs@cisco.com>
Date: Fri Jan 31 12:06:57 2020 -0500
stream_tcp: ensure that flows with mss and timestamps are picked up on syn
commit
a40f9e06dcd6209b050b89578234bb19346a3af7
Author: russ <rucombs@cisco.com>
Date: Thu Jan 30 07:46:03 2020 -0500
tweaks: set reasonable stream_ip.min_fragment_length values
commit
1ca008ec891eb29786878cb5e73b21dd7bb37423
Author: russ <rucombs@cisco.com>
Date: Thu Jan 30 07:43:27 2020 -0500
tweaks: update per new normalizer defaults
commit
d552fcc6c8769cc9d6117ddbe13a5c1208d60ee1
Author: russ <rucombs@cisco.com>
Date: Wed Jan 29 21:30:13 2020 -0500
tweaks: update policy configs to better align with Snort 2
commit
c308df033a25fbb7b2d8ac319cc8dc13c64809e9
Author: russ <rucombs@cisco.com>
Date: Wed Jan 29 21:28:46 2020 -0500
smtp: update defaults to better align with Snort 2
commit
cf37521cc7f04db3f65378eb55815ac8f5c393c2
Author: russ <rucombs@cisco.com>
Date: Mon Jan 27 09:07:17 2020 -0500
build: clean up non-hyperscan builds
commit
c210f495c665920cfd8af2cfda1ab0e721f15a19
Author: russ <rucombs@cisco.com>
Date: Mon Jan 27 09:06:20 2020 -0500
dce_tcp: fixup flow data handling
Michael Altizer (mialtize) [Mon, 3 Feb 2020 20:10:23 +0000 (20:10 +0000)]
Merge pull request #1981 in SNORT/snort3 from ~MIALTIZE/snort3:f31_const to master
Squashed commit of the following:
commit
1031ff1e1db6a258fb70b5f50f04b24e07d8d2ce
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Feb 3 12:48:30 2020 -0500
build: Updates across the board for stricter Clang const-casting warnings
Mike Stepanek (mstepane) [Mon, 3 Feb 2020 18:25:49 +0000 (18:25 +0000)]
Merge pull request #1978 in SNORT/snort3 from ~SMINUT/snort3:doc_reload_update to master
Squashed commit of the following:
commit
010a267c9f94e2341f84161ec761a89e1a626da4
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Jan 31 15:18:36 2020 -0500
doc: update reload_limitations.txt.
Mike Stepanek (mstepane) [Mon, 3 Feb 2020 15:21:20 +0000 (15:21 +0000)]
Merge pull request #1977 in SNORT/snort3 from ~THOPETER/snort3:nhttp131 to master
Squashed commit of the following:
commit
4202f01e2fdc2a3e0fb5178ecb6de438b264a5e6
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 31 13:59:15 2020 -0500
http_inspect: refactoring
Michael Altizer (mialtize) [Mon, 3 Feb 2020 14:34:30 +0000 (14:34 +0000)]
Merge pull request #1976 in SNORT/snort3 from ~DERAMADA/snort3:parse_conf_service_name to master
Squashed commit of the following:
commit
be557ef9287e921ccaed09b178133315745e56ea
Author: deramada <deramada@cisco.com>
Date: Thu Jan 30 14:57:50 2020 -0500
parser: store local copy of service name
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 18:27:51 +0000 (18:27 +0000)]
Merge pull request #1964 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt_2 to master
Squashed commit of the following:
commit
d581343cebbbb26244cfd6cba4eeddddc308cf50
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 22 14:53:39 2020 -0500
appid: load app mapping data to odp context
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 15:45:55 +0000 (15:45 +0000)]
Merge pull request #1972 in SNORT/snort3 from ~KAMURTHI/snort3:URL_MATCHING to master
Squashed commit of the following:
commit
c62c61b3a77171e76dc64ab42fa86cf6baad31f3
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Mon Jan 27 13:19:11 2020 -0500
appid: Don't mark HTTP session done if the ssl detector is still in progress
Shravan Rangarajuvenkata (shrarang) [Fri, 31 Jan 2020 15:45:09 +0000 (15:45 +0000)]
Merge pull request #1973 in SNORT/snort3 from ~CLJUDGE/snort3:reset_tp_packet_counts_on_reinspect to master
Squashed commit of the following:
commit
99401d020af70075a285aa27113a8ca3b904eede
Author: cljudge <cljudge@cisco.com>
Date: Thu Jan 30 01:18:57 2020 -0500
appid: reset tp packet counters each time we do reinspect
Mike Stepanek (mstepane) [Fri, 31 Jan 2020 14:40:15 +0000 (14:40 +0000)]
Merge pull request #1975 in SNORT/snort3 from ~THOPETER/snort3:h2i_xtra_data to master
Squashed commit of the following:
commit
7cd28267a8c166bc495818c24e33ebf930aeb25a
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jan 28 13:57:41 2020 -0500
http_inspect/http2_inspect: H2I unified2 extra data logging
Michael Altizer (mialtize) [Fri, 31 Jan 2020 05:46:28 +0000 (05:46 +0000)]
Merge pull request #1953 in SNORT/snort3 from ~OKHOMIAK/snort3:snort2lua_variable_expansion to master
Squashed commit of the following:
commit
02f1799f1ed55f6763603fb2aa3470fc0741a3ee
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date: Tue Jan 21 09:49:35 2020 +0200
snort2lua: conversion of path containing variables
Mike Stepanek (mstepane) [Thu, 30 Jan 2020 18:31:34 +0000 (18:31 +0000)]
Merge pull request #1971 in SNORT/snort3 from ~DERAMADA/snort3:doc_h2i_manual_update to master
Squashed commit of the following:
commit
d5be2e81ccc7858c1857f0233a424b68d6f18f35
Author: deramada <deramada@cisco.com>
Date: Wed Jan 29 15:00:03 2020 -0500
doc: manual updates for HTTP/2
Mike Stepanek (mstepane) [Thu, 30 Jan 2020 14:04:41 +0000 (14:04 +0000)]
Merge pull request #1966 in SNORT/snort3 from ~MDAGON/snort3:h2i to master
Squashed commit of the following:
commit
bbe358a1e38a2c5256f20792b9ad5c3120f9a942
Author: mdagon <mdagon@cisco.com>
Date: Fri Jan 17 09:50:41 2020 -0500
http2_inspect: data frame http inspection walking skeleton first phase
Shravan Rangarajuvenkata (shrarang) [Wed, 29 Jan 2020 11:28:44 +0000 (11:28 +0000)]
Merge pull request #1968 in SNORT/snort3 from ~PGUPTE/snort3:intelhex to master
Squashed commit of the following:
commit
502015d880f65dc234870871f4d515fab08939d1
Author: Payal Gupte <pgupte@cisco.com>
Date: Tue Jan 28 15:56:55 2020 -0500
file-magic: Added missing file magic pattern for IntelHEX.
Mike Stepanek (mstepane) [Tue, 28 Jan 2020 18:52:48 +0000 (18:52 +0000)]
Merge pull request #1958 in SNORT/snort3 from ~DERAMADA/snort3:h2i_http2_w_http_rules to master
Squashed commit of the following:
commit
b09dd25c6ca83b761ceedfc2616d4ac69cc2450f
Author: deramada <deramada@cisco.com>
Date: Wed Jan 22 08:58:33 2020 -0500
parser: add service http2 to http rules
Mike Stepanek (mstepane) [Tue, 28 Jan 2020 17:13:01 +0000 (17:13 +0000)]
Merge pull request #1959 in SNORT/snort3 from ~KATHARVE/snort3:h2i_test_tool to master
Squashed commit of the following:
commit
403392e41d8058a6ffa1dc1adcdabe18665c5450
Author: Katura Harvey <katharve@cisco.com>
Date: Tue Jan 14 13:30:58 2020 -0500
http_inspect: update test tool to support the HTTP/2 macros and new insert command
Michael Altizer (mialtize) [Tue, 28 Jan 2020 16:54:44 +0000 (16:54 +0000)]
Merge pull request #1939 in SNORT/snort3 from ~SVLASIUK/snort3:multiple_ftp_server_in_output to master
Squashed commit of the following:
commit
29b6f44f49d8d15a30d0fe8c37e43ff80fbb1630
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Mon Jan 13 12:21:27 2020 +0200
inspectors: print label for type and alias in inspector manager. Remove printing module name in inspectors ::show() method.
Russ Combs (rucombs) [Fri, 24 Jan 2020 21:30:39 +0000 (21:30 +0000)]
Merge pull request #1951 in SNORT/snort3 from ~RUCOMBS/snort3:ports_and_services to master
Squashed commit of the following:
commit
bd7626b4fdfcd27e2502859ea742c89a8460b6db
Author: russ <rucombs@cisco.com>
Date: Mon Jan 20 07:35:50 2020 -0500
ips: alert service rules check ports
commit
1df737255567925932f6c68db0d557edab560688
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 15:28:01 2020 -0500
ips: refactor rule parsing
commit
257406547538e5ba728240047f617e494e7f1256
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 11:35:57 2020 -0500
ips: remove dead code from rule parser
commit
d1a4bf86979b7379ca00ce3265e710d38163cf9b
Author: russ <rucombs@cisco.com>
Date: Sat Jan 18 07:53:25 2020 -0500
bufferlen: match on total length unless remaining is specified
commit
202b4a29e00148ed79143f0a1b80fb79447be71e
Author: russ <rucombs@cisco.com>
Date: Fri Jan 17 16:16:22 2020 -0500
ips: use service "file" instead of "user"
Shravan Rangarajuvenkata (shrarang) [Fri, 24 Jan 2020 18:37:08 +0000 (18:37 +0000)]
Merge pull request #1962 in SNORT/snort3 from ~THOPETER/snort3:h2i_xtra_crash to master
Squashed commit of the following:
commit
cc0f3d5419cb13e11168d1ca6591ce314c706b50
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Jan 24 12:30:07 2020 -0500
http_inspect: patch H2I-related xtra data crash
Michael Altizer (mialtize) [Fri, 24 Jan 2020 17:59:49 +0000 (17:59 +0000)]
Merge pull request #1926 in SNORT/snort3 from ~SELYSENK/snort3:dont_log_zero_vid to master
Squashed commit of the following:
commit
acbf1f541bffec35d3d63a779c515287bd43255f
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Thu Jan 23 16:16:20 2020 +0200
loggers: update vlan logging in csv and json loggers
Log vlan id 0 if vlan_agnostic or untagged, use flow vlan id or packet
vid otherwise.
Russ Combs (rucombs) [Fri, 24 Jan 2020 17:33:34 +0000 (17:33 +0000)]
Merge pull request #1890 in SNORT/snort3 from ~DAVMCPHE/snort3:hyper_vs_pcre to master
Squashed commit of the following:
commit
3b003e8e351bacc4eb161515615dd2a6b3736933
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Nov 14 16:55:24 2019 -0500
ips_pcre: compile/evaluate pcre rule option regular expressions with the hyperscan regex engine when possible
ips_pcre: support the O & R modifiers when converting pcre to regex
detection: add config option to enable conversion of pcre expressions to use the regex engine
Russ Combs (rucombs) [Thu, 23 Jan 2020 03:11:14 +0000 (03:11 +0000)]
Merge pull request #1929 in SNORT/snort3 from ~ALLEWI/snort3:disable_normalization_defaults to master
Squashed commit of the following:
commit
dcf81f202f0d8aa46297cb90cbf69c8eaf371f14
Author: allewi <allewi@cisco.com>
Date: Thu Jan 9 16:55:53 2020 -0500
normalizer: disable all normalizations by default except for tcp.ips
Shravan Rangarajuvenkata (shrarang) [Wed, 22 Jan 2020 18:35:49 +0000 (18:35 +0000)]
Merge pull request #1956 in SNORT/snort3 from ~THOPETER/snort3:h2i_fast_pattern to master
Squashed commit of the following:
commit
5d2bd437978f0b7fa782ce887622c338dca14024
Author: Tom Peters <thopeter@cisco.com>
Date: Wed Jan 15 12:46:04 2020 -0500
http2_inspect: fast pattern support
Michael Altizer (mialtize) [Tue, 21 Jan 2020 23:04:27 +0000 (23:04 +0000)]
Merge pull request #1955 in SNORT/snort3 from ~SHRARANG/snort3:appid_delete_odp_ctxt to master
Squashed commit of the following:
commit
9e71869618f6bd18b9a1cc4402cda55c707af133
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Jan 21 15:17:37 2020 -0500
appid: clean up ENABLE_APPID_THIRD_PARTY from configure_cmake
Michael Altizer (mialtize) [Tue, 21 Jan 2020 03:04:07 +0000 (03:04 +0000)]
Merge pull request #1946 in SNORT/snort3 from ~SELYSENK/snort3:bug/362106 to master
Squashed commit of the following:
commit
47f108c7be1b3aca7ff8a0b238ca997c469ffbde
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Fri Jan 17 15:18:21 2020 +0200
cip: explicitly include sys/time.h header
commit
51d311de1b4f34931b017529ff382ae2a79b7cba
Author: Serhii Lysenko <selysenk@cisco.com>
Date: Fri Jan 17 18:24:31 2020 +0200
rna: use standard uint8_t type instead of u_int8_t
russ [Mon, 20 Jan 2020 22:37:41 +0000 (17:37 -0500)]
content: delete flawed hyper search test
Russ Combs (rucombs) [Mon, 20 Jan 2020 14:01:54 +0000 (14:01 +0000)]
Merge pull request #1943 in SNORT/snort3 from ~RUCOMBS/snort3:dinty_moore to master
Squashed commit of the following:
commit
505d59a649bcef812ceaa2c5656fa5d90c98775f
Author: russ <rucombs@cisco.com>
Date: Wed Jan 1 21:00:42 2020 -0500
detection: add pcre_override to enable/disable pcre/O
commit
264b6283af3f57198ced03b3db995dbd25edf12b
Author: russ <rucombs@cisco.com>
Date: Wed Jan 1 20:15:54 2020 -0500
detection: add hyperscan_literals option
commit
b7cfac2065b0332d70b767cba705e21a9e24dc92
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:41:41 2019 -0500
search_engine: trivial reformatting
commit
00ad9c9f9c0b5db81cfc28697a6f27a24e022278
Author: russ <rucombs@cisco.com>
Date: Sat Dec 14 08:40:52 2019 -0500
detection: signature evaluation looping based on literal contents only (exclude regex)
commit
3fc421f1739a45bfc37bde0732c442b78386a7cc
Author: russ <rucombs@cisco.com>
Date: Thu Jan 2 08:10:00 2020 -0500
content: use hs_compile if hs_compile_lit is not available
commit
d5c5c32b613011286d0dca879ce1b92b4853d590
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:44:15 2019 -0500
content: add hyperscan content literal matching alternative to boyer-moore
commit
00feeb9b5e7dadac2ccfc9c4332bf9a7606ae075
Author: russ <rucombs@cisco.com>
Date: Tue Dec 10 09:32:57 2019 -0500
framework: introduce ScratchAllocator class to help with scratch memory management
commit
b91dfca84c0b4bc8e8b3d686ae83f9eff1bc06d8
Author: russ <rucombs@cisco.com>
Date: Sun Dec 29 08:59:21 2019 -0500
pcre: ensure use of maximal ovector size and simplify logic
commit
6cd139d98726d5c058bb5733a74f9eb48879a2e7
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:40:37 2019 -0500
hyperscan: convert thread locals to scan context
commit
1a059cea1ba0c9f101039c36f1703308b946686b
Author: russ <rucombs@cisco.com>
Date: Mon Dec 9 04:39:48 2019 -0500
regex: convert thread locals to scan context
Shravan Rangarajuvenkata (shrarang) [Sat, 18 Jan 2020 02:37:43 +0000 (02:37 +0000)]
Merge pull request #1948 in SNORT/snort3 from ~SHRARANG/snort3:appid_delete_odp_ctxt to master
Squashed commit of the following:
commit
551921d010187340395bc3a45e053755cfa43b6e
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 17 12:15:15 2020 -0500
appid: delete odp context on exit
Mike Stepanek (mstepane) [Fri, 17 Jan 2020 21:08:04 +0000 (21:08 +0000)]
Merge pull request #1920 in SNORT/snort3 from ~SMINUT/snort3:host_cache_atomic_size to master
Squashed commit of the following:
commit
8e02a12362716ed4da4c267879e19eea5ebacfbb
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Jan 7 15:27:55 2020 -0500
host_tracker: make current_size atomic to save some locks.
Mike Stepanek (mstepane) [Fri, 17 Jan 2020 14:48:09 +0000 (14:48 +0000)]
Merge pull request #1942 in SNORT/snort3 from ~DERAMADA/snort3:h2i_new_tests to master
Squashed commit of the following:
commit
4ff7df9bd99779dc9fb82e72eaaaf548624811ef
Author: deramada <deramada@cisco.com>
Date: Tue Jan 14 10:41:19 2020 -0500
http2_inspect: fix string decode error
Shravan Rangarajuvenkata (shrarang) [Thu, 16 Jan 2020 20:40:53 +0000 (20:40 +0000)]
Merge pull request #1944 in SNORT/snort3 from ~SHRARANG/snort3:appid_nuke_tp_compile_flag to master
Squashed commit of the following:
commit
a8822d9513a9a5783c4e9eed53bc4d0e1a4a670f
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 15 13:28:50 2020 -0500
appid: get rid of ENABLE_APPID_THIRD_PARTY flag
Mike Stepanek (mstepane) [Thu, 16 Jan 2020 16:11:34 +0000 (16:11 +0000)]
Merge pull request #1931 in SNORT/snort3 from ~KATHARVE/snort3:http_mime_file to master
Squashed commit of the following:
commit
159de978a1e07db74de106810e3f268690488567
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jan 8 15:50:36 2020 -0500
mime: support simultaneous file processing of MIME-encoded files over HTTP/1.1
Shravan Rangarajuvenkata (shrarang) [Thu, 16 Jan 2020 16:08:22 +0000 (16:08 +0000)]
Merge pull request #1941 in SNORT/snort3 from ~SHRARANG/snort3:appid_odp_ctxt to master
Squashed commit of the following:
commit
16d04f32ed78eb83eb52ca2c44b1104581814a06
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 10 10:29:27 2020 -0500
appid: move odp config, host-port cache and length cache to a separate class OdpContext; remove obsolete port detector code
Shravan Rangarajuvenkata (shrarang) [Wed, 15 Jan 2020 19:14:05 +0000 (19:14 +0000)]
Merge pull request #1932 in SNORT/snort3 from ~SHRARANG/snort3:appid_tp_reload_config to master
Squashed commit of the following:
commit
ce792e96a5d6abf2d1804c90e738487061616700
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Fri Jan 10 11:26:32 2020 -0500
appid: do not reload third party on reload_config
Shravan Rangarajuvenkata (shrarang) [Tue, 14 Jan 2020 19:45:33 +0000 (19:45 +0000)]
Merge pull request #1938 in SNORT/snort3 from ~KAMURTHI/snort3:TOR-Proxy to master
Squashed commit of the following:
commit
7885b4c4de8c5a6396aa29c839818e0732e718c0
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Sun Jan 12 17:24:24 2020 -0500
appid: detect payload for http tunnel traffic
Mike Stepanek (mstepane) [Tue, 14 Jan 2020 14:28:36 +0000 (14:28 +0000)]
Merge pull request #1884 in SNORT/snort3 from ~MASHASAN/snort3:verbose_logs to master
Squashed commit of the following:
commit
57cb51f8838f06da64b8891bca9a08321f05c60e
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Dec 6 14:19:18 2019 -0500
snort: Adding some verbose logs for appid, file_id, and reputation inspectors
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 21:30:04 +0000 (21:30 +0000)]
Merge pull request #1915 in SNORT/snort3 from ~NIHDESAI/snort3:hblock_adjustments to master
Squashed commit of the following:
commit
9a77a8807f272283149ca15da0f1c48f7407c150
Author: Nihal Desai <nihdesai@cisco.com>
Date: Thu Jan 2 13:06:53 2020 -0500
http2_inspect: add transfer encoding chunked at end of decoded http1 header block
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 21:22:26 +0000 (21:22 +0000)]
Merge pull request #1930 in SNORT/snort3 from ~THOPETER/snort3:nhttp130 to master
Squashed commit of the following:
commit
2bb46538d39eb8ffdb2e1a2a0b1e2370972b5ff8
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jan 9 13:12:08 2020 -0500
http_inspect: no duplicate built-in events for a flow
Mike Stepanek (mstepane) [Mon, 13 Jan 2020 14:27:15 +0000 (14:27 +0000)]
Merge pull request #1919 in SNORT/snort3 from ~MDAGON/snort3:integration to master
Squashed commit of the following:
commit
5135fa3bf40d3e6ae2e8e12ff92f4ed79d264fb6
Author: Mike Stepanek (mstepane) <mstepane@cisco.com>
Date: Mon Dec 9 17:08:40 2019 +0000
http2_inspect: integration with NHI
Shravan Rangarajuvenkata (shrarang) [Fri, 10 Jan 2020 15:43:06 +0000 (15:43 +0000)]
Merge pull request #1923 in SNORT/snort3 from ~SATHIRKA/snort3:static_host_cache_wildcard to master
Squashed commit of the following:
commit
be3ab6abccce12eb3bf39f71929778ed596527d1
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Tue Jan 7 11:21:36 2020 -0500
appid: Adding support for wildcard ports in static host port cache
Shravan Rangarajuvenkata (shrarang) [Thu, 9 Jan 2020 20:06:08 +0000 (20:06 +0000)]
Merge pull request #1924 in SNORT/snort3 from ~SHRARANG/snort3:appid_terminology to master
Squashed commit of the following:
commit
d6d663b8816f18fa38d8adc0ad753fe548b51079
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Jan 8 05:47:53 2020 -0500
appid: cleanup terminology
Mike Stepanek (mstepane) [Thu, 9 Jan 2020 16:41:20 +0000 (16:41 +0000)]
Merge pull request #1905 in SNORT/snort3 from ~KATHARVE/snort3:http_file to master
Squashed commit of the following:
commit
fb5585357bd605ecaf77b59b6afa1b7dbf1237e9
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Dec 4 10:36:52 2019 -0500
http_inspect: process multiple files simultaneously over HTTP/1.1
George Koikara (gkoikara) [Thu, 9 Jan 2020 14:24:03 +0000 (14:24 +0000)]
Merge pull request #1893 in SNORT/snort3 from ~SUNIMUKH/snort3:sgt to master
Squashed commit of the following:
commit
a6367694b7def585aa6471749d916301b6f24ee3
Author: Sunirmal Mukherjee <sunimukh@cisco.com>
Date: Tue Dec 3 03:53:33 2019 -0500
sgt-detection: API support to accessing SGT from CiscoMetaData
Michael Altizer (mialtize) [Wed, 8 Jan 2020 23:55:09 +0000 (23:55 +0000)]
Merge pull request #1925 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master
Squashed commit of the following:
commit
f267210213b61f6beaf8c11ee14975da410db3bc
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 8 16:29:57 2020 -0500
catch: Update to Catch v2.11.1
commit
12eb31c6584eb73e3b473ae65034f40d04367166
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 8 14:40:16 2020 -0500
build: Fix more Clang 9 compiler warnings
Mike Stepanek (mstepane) [Tue, 7 Jan 2020 15:18:41 +0000 (15:18 +0000)]
Merge pull request #1917 in SNORT/snort3 from ~MASHASAN/snort3:port_scan_rrt to master
Squashed commit of the following:
commit
3c72a2cc66a715b931ad2a07dea63d50503acd70
Author: Masud Hasan <mashasan@cisco.com>
Date: Sat Jan 4 18:40:53 2020 -0500
port_scan: Supporting reload config when memcap changes
Shravan Rangarajuvenkata (shrarang) [Fri, 3 Jan 2020 14:46:22 +0000 (14:46 +0000)]
Merge pull request #1901 in SNORT/snort3 from ~SHRARANG/snort3:appid_tp_reload_1_thread to master
Squashed commit of the following:
commit
cf334063cb9963471a4d3b87267f0e3e72966613
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Tue Dec 17 06:27:06 2019 -0500
appid: support third party reload when snort is running with single packet thread
Michael Altizer (mialtize) [Wed, 25 Dec 2019 14:35:11 +0000 (14:35 +0000)]
Merge pull request #1906 in SNORT/snort3 from ~MIALTIZE/snort3:f31_warnings to master
Squashed commit of the following:
commit
a5cd61e97b73d70e9f38b136405c1a55238b0b87
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 20 13:36:37 2019 -0500
codecs: Use unions for checksum pseudoheaders
This helps clear up static analysis confusion.
commit
ddcefc137ecd5229e1eca815a245346c8b539879
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 16:01:52 2019 -0500
build: Clean up accumulated tabs and trailing whitespace in the code
commit
0c3a7f4f53af3bcee1b56962d06c61a039f69990
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 15:28:51 2019 -0500
build: Rename parameters that shadow class members (compiler warnings)
commit
9f8664ec859c10ee2668a5cdb4a289b0c58ca1ed
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Dec 16 14:17:10 2019 -0500
build: Remove some extraneous semicolons (compiler warnings)
Mike Stepanek (mstepane) [Mon, 23 Dec 2019 13:24:22 +0000 (13:24 +0000)]
Merge pull request #1900 in SNORT/snort3 from ~THOPETER/snort3:h2i_remove_file_data to master
Squashed commit of the following:
commit
784c640f93cfb669d2f06112aece95a5d26fe044
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Dec 19 18:10:58 2019 -0500
http2_inspect: frame data no longer in file_data
Michael Altizer (mialtize) [Fri, 20 Dec 2019 19:39:41 +0000 (19:39 +0000)]
Merge pull request #1902 in SNORT/snort3 from ~MIALTIZE/snort3:build_267 to master
Squashed commit of the following:
commit
7e4b25ffb40817f3efb272ea62c94f2db92f905b
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Dec 20 13:09:16 2019 -0500
build: generate and tag build 267
Russ Combs (rucombs) [Thu, 19 Dec 2019 21:43:48 +0000 (21:43 +0000)]
Merge pull request #1879 in SNORT/snort3 from ~RUCOMBS/snort3:offload_count to master
Squashed commit of the following:
commit
1212fbdff4d8b7afb71ec9b8ce26256806b4ae29
Author: russ <rucombs@cisco.com>
Date: Thu Dec 5 07:58:10 2019 -0500
search_engine: fix expected count of MPSEs when offloading
George Koikara (gkoikara) [Thu, 19 Dec 2019 12:24:01 +0000 (12:24 +0000)]
Merge pull request #1896 in SNORT/snort3 from ~RJAVALI/snort3:GRE_issu to master
Squashed commit of the following:
commit
a50900239a95fe36fb81a608a4e13068a42a0be5
Author: Raghavendra Javali <rjavali@cisco.com>
Date: Thu Dec 12 05:23:19 2019 -0500
codec: Header files alphabetically re-ordered and addition of unit test case for code coverage.
Mike Stepanek (mstepane) [Wed, 18 Dec 2019 16:39:00 +0000 (16:39 +0000)]
Merge pull request #1881 in SNORT/snort3 from ~MDAGON/snort3:assitant_gadget to master
Squashed commit of the following:
commit
f7fbbb6f69f2b80e8be8bb0bbdab36d72cca33ac
Author: mdagon <mdagon@cisco.com>
Date: Wed Dec 4 13:59:02 2019 -0500
binder: assitant gadget support.
Currently used by Http2 to setup Http as assistant gadget.
Flow was updated as well to support assistant gadget.
Mike Stepanek (mstepane) [Tue, 17 Dec 2019 13:48:33 +0000 (13:48 +0000)]
Merge pull request #1891 in SNORT/snort3 from ~KATHARVE/snort3:multiple_file_contexts_fix to master
Squashed commit of the following:
commit
7c77f290e40591555e152bb286838efc08054758
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Dec 6 14:00:17 2019 -0500
file_api: When multiple files are processed simultaneously per flow, store the files on the flow, not in the cache. Don't cache files until the signature has been computed
Michael Altizer (mialtize) [Tue, 17 Dec 2019 05:22:56 +0000 (05:22 +0000)]
Merge pull request #1826 in SNORT/snort3 from ~SHASLAD/snort3:dont_capture_rebuilt to master
Squashed commit of the following:
commit
05efc9aebf8450c5b946142ec832c272c2f46366
Author: Shashi Lad <shaslad@cisco.com>
Date: Wed Oct 30 00:44:41 2019 -0400
packet_capture: ignore PDUs and defragged packets, include non-IP packets
Mike Stepanek (mstepane) [Mon, 16 Dec 2019 20:39:58 +0000 (20:39 +0000)]
Merge pull request #1873 in SNORT/snort3 from ~MMATIRKO/snort3:perfmon_reload_tune to master
Squashed commit of the following:
commit
1330041efbc4410e003415c46d96dfff98929d60
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Nov 25 15:01:39 2019 -0500
perf_monitor: tuning for flow_ip_memcap on reload
Shravan Rangarajuvenkata (shrarang) [Mon, 16 Dec 2019 16:09:58 +0000 (16:09 +0000)]
Merge pull request #1898 in SNORT/snort3 from ~SHRARANG/snort3:appid_cleanup to master
Squashed commit of the following:
commit
868f316b3e1642a3cc1045b1bd4351d298f195ed
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Dec 11 15:52:40 2019 -0500
appid: cleanup unused code
Mike Stepanek (mstepane) [Mon, 16 Dec 2019 13:09:10 +0000 (13:09 +0000)]
Merge pull request #1880 in SNORT/snort3 from ~NIHDESAI/snort3:limit_detained_ins to master
Squashed commit of the following:
commit
de16cdefb4d6587f116b42a8b992154e059f387b
Author: Nihal Desai <nihdesai@cisco.com>
Date: Thu Dec 5 03:51:54 2019 -0500
http_inspect: support limited response depth
projects / thirdparty / snort3.git / log
