]>
git.ipfire.org Git - thirdparty/snort3.git/log
Mike Stepanek (mstepane) [Wed, 19 Jun 2019 17:26:39 +0000 (13:26 -0400)]
Merge pull request #1651 in SNORT/snort3 from ~MSTEPANE/snort3:build_257 to master
Squashed commit of the following:
commit
60a75f5d4889e6c193971c7652469265789073f2
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 19 10:55:04 2019 -0400
doc: Update docs for build 257
commit
a82da3a50629a33ba8a6e94e4c8bda0bce461dac
Author: Mike Stepanek <mstepane@cisco.com>
Date: Wed Jun 19 09:10:13 2019 -0400
build: 257
Russ Combs (rucombs) [Tue, 18 Jun 2019 23:26:17 +0000 (19:26 -0400)]
Merge pull request #1645 in SNORT/snort3 from ~RUCOMBS/snort3:regex_fix to master
Squashed commit of the following:
commit
f71a95925c043dba6f2fca7dc36480794618ea36
Author: russ <rucombs@cisco.com>
Date: Sat Jun 15 20:39:34 2019 -0400
regex: fix repeated search offset
Mike Stepanek (mstepane) [Tue, 18 Jun 2019 19:14:30 +0000 (15:14 -0400)]
Merge pull request #1646 in SNORT/snort3 from ~MASHASAN/snort3:rna_pub_sub to master
Squashed commit of the following:
commit
02d777186b7b42185154fa7d5d149ee17a2ce59a
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 14:41:32 2019 -0400
rna: Renaming peg counts and adding a warning when config changes
commit
d0a8a2c0fd70edf12a1e59bbd0b39bb71dffb7d3
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 04:09:05 2019 -0400
rna: Implementing event-driven RNA inspections
Michael Altizer (mialtize) [Tue, 18 Jun 2019 14:16:29 +0000 (10:16 -0400)]
Merge pull request #1647 in SNORT/snort3 from ~MIALTIZE/snort3:doc_daq to master
Squashed commit of the following:
commit
f30be1a8530d4f0df06b7f3a2b7e1aa997b24260
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 17 12:02:53 2019 -0400
doc: Update documentation to reflect post-DAQng reality
commit
6257bc3094a93d5015bacca04534e3e3c2f47a5e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 17 09:35:40 2019 -0400
doc: Remove perpetually out-of-date copy of LibDAQ's README
Mike Stepanek (mstepane) [Mon, 17 Jun 2019 19:15:06 +0000 (15:15 -0400)]
Merge pull request #1644 in SNORT/snort3 from ~KATHARVE/snort3:ips_policies_bug to master
Squashed commit of the following:
commit
6153c7a79d13ab80939e7763d083c966029bccfd
Author: Katura Harvey <katharve@cisco.com>
Date: Wed Jun 12 12:04:54 2019 -0400
detection: fix creation of service map to use ips policy id
Mike Stepanek (mstepane) [Mon, 17 Jun 2019 17:25:59 +0000 (13:25 -0400)]
Merge pull request #1648 in SNORT/snort3 from ~MASHASAN/snort3:doc_rna to master
Squashed commit of the following:
commit
708062a3468c2b54e7fa7c25da1727c507159db8
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 17 12:59:25 2019 -0400
rna: Fixing doc build failure due to asciidoc format issue
Russ Combs (rucombs) [Mon, 17 Jun 2019 00:49:06 +0000 (20:49 -0400)]
Merge pull request #1603 in SNORT/snort3 from ~BRASTULT/snort3:fp_detect_fix to master
Squashed commit of the following:
commit
4ab32a7ec9d864cf0f2874a40df203b256434769
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri May 10 01:18:44 2019 -0400
detection: on PDUs search TCP/UDP portgroups even when user_mode services exist
Russ Combs (rucombs) [Sun, 16 Jun 2019 14:59:35 +0000 (10:59 -0400)]
Merge pull request #1628 in SNORT/snort3 from ~BBANTWAL/snort3:pegcounts to master
Squashed commit of the following:
commit
46120f09f1374a79a945dcf8c14bcdaf70a16c8c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 11 10:15:18 2019 -0400
adding stats for offloader busy
commit
98821ce7200c8f1fd72476e264bc4f782a74dfd6
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 4 12:41:48 2019 -0400
adding pegcounts for context chain suspends
commit
b71215b8870e26706d2a93336dcb2be03f4012a7
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Jun 4 09:53:47 2019 -0400
detection: adding pegcounts for fallback, offload failures
commit
1ad6aa682e0d3f6faf9fb91256f322c089f754d9
Author: russ <rucombs@cisco.com>
Date: Sat Jun 1 15:54:10 2019 -0400
detection: add peg for onload wait conditions
Russ Combs (rucombs) [Sun, 16 Jun 2019 14:57:58 +0000 (10:57 -0400)]
Merge pull request #1636 in SNORT/snort3 from ~BRASTULT/snort3:relative_so to master
Squashed commit of the following:
commit
578047fa73a2e1485920e81061f7f0aeb229a592
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri Jun 7 14:22:06 2019 -0400
ips_options: add relative parameter to so option
Russ Combs (rucombs) [Wed, 12 Jun 2019 15:57:38 +0000 (11:57 -0400)]
Merge pull request #1616 in SNORT/snort3 from ~STECHEW/snort3:finalize_packet to master
Squashed commit of the following:
commit
04aeec5d6e2c2285419a5a9e7eff8d1ed0a2787f
Author: Steve Chew <stechew@cisco.com>
Date: Mon May 20 21:19:33 2019 -0400
analyzer: publish finalize packet event before calling finalize_message.
Mike Stepanek (mstepane) [Wed, 12 Jun 2019 12:48:03 +0000 (08:48 -0400)]
Merge pull request #1643 in SNORT/snort3 from ~MIREDDEN/snort3:smtp_fix to master
Squashed commit of the following:
commit
6cbb3b865482a90da05f150f584a457e37209f39
Author: Mike Redden <miredden@cisco.com>
Date: Wed Jun 12 07:53:18 2019 -0400
smtp: Fix handle_header_line and normalize_data unit tests
Michael Altizer (mialtize) [Wed, 12 Jun 2019 03:31:44 +0000 (23:31 -0400)]
Merge pull request #1619 in SNORT/snort3 from ~MIALTIZE/snort3:ha_daq to master
Squashed commit of the following:
commit
5aacc37644226329a02dc2637093c457614b351d
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jun 10 17:43:32 2019 -0400
flow: Implement storing and importing HA data via DAQ IOCTLs
This involved significant refactoring of the Flow HA code and added many
peg counts to the module. Export FlowHAClient, HighAvailabilityManager,
and FlowHAState in flow/ha.h. Specify that HA time parameters are in
seconds. The useless HA module unit tests were removed in the process.
commit
9fec6bc1993d35969c9aca4198ec0865ef7597e5
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Jun 7 14:32:18 2019 -0400
check: Fix missing semicolons on CHECK calls
commit
fb6e8988fd3790f54c790110150b965a3abb456b
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue May 28 12:30:33 2019 -0400
build: Fix unused parameter warnings in unit tests
Steve Chew (stechew) [Tue, 11 Jun 2019 18:45:06 +0000 (14:45 -0400)]
Merge pull request #1635 in SNORT/snort3 from ~SBAIGAL/snort3:icmp_u2log_fix to master
Squashed commit of the following:
commit
4aadd43f4a78c1e78ef2c1847098f090b6502108
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Jun 7 15:51:43 2019 -0400
icmp4: verify checksum before the type validation
Mike Stepanek (mstepane) [Tue, 11 Jun 2019 16:31:36 +0000 (12:31 -0400)]
Merge pull request #1641 in SNORT/snort3 from ~MASHASAN/snort3:inspector_null_check to master
Squashed commit of the following:
commit
7104df70e6370eb212c787186011ebd6148594d8
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Jun 10 22:41:19 2019 -0400
stream_ip: Checking null inspector while updating session
Mike Stepanek (mstepane) [Tue, 11 Jun 2019 14:58:04 +0000 (10:58 -0400)]
Merge pull request #1640 in SNORT/snort3 from ~MDAGON/snort3:smtp_fix to master
Squashed commit of the following:
commit
5aae8d1c8a125cc53a58efcee29035739a666d7a
Author: mdagon <mdagon@cisco.com>
Date: Wed Jun 5 11:36:13 2019 -0400
smtp: pass packet pointer instead of nullptr to SMTP_CopyToAltBuffer
Mike Stepanek (mstepane) [Thu, 6 Jun 2019 20:12:26 +0000 (16:12 -0400)]
Merge pull request #1629 in SNORT/snort3 from ~THOPETER/snort3:nhttp121 to master
Squashed commit of the following:
commit
1d76e71bc035d419559cdb56b39eee2c3309f39b
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Jun 4 16:49:41 2019 -0400
http_inspect: test tool enhancement
Michael Altizer (mialtize) [Tue, 4 Jun 2019 15:12:44 +0000 (11:12 -0400)]
Merge pull request #1618 in SNORT/snort3 from ~SBAIGAL/snort3:perf_mon_analyzer_fix to master
Squashed commit of the following:
commit
ad4244beb09c4a56e10c6751c0ae51bd81fdeaa2
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue May 28 09:29:19 2019 -0400
perf_mon: removed flow_ip_handler from PerfMonitor
Keep the ip event handler at databus, disable ip tracker from a thread will not lead to delete ip data handler from databus
Mike Stepanek (mstepane) [Tue, 4 Jun 2019 14:31:39 +0000 (10:31 -0400)]
Merge pull request #1621 in SNORT/snort3 from ~THOPETER/snort3:merge4 to master
Squashed commit of the following:
commit
67ff9e50695a75b8fe2e9505620b091f624aef16
Author: Tom Peters <thopeter@cisco.com>
Date: Mon May 13 16:28:57 2019 -0400
http_inspect/stream: accelerated blocking
Mike Stepanek (mstepane) [Mon, 3 Jun 2019 20:38:59 +0000 (16:38 -0400)]
Merge pull request #1622 in SNORT/snort3 from ~MASHASAN/snort3:rna_framework to master
Squashed commit of the following:
commit
d49a2affbec8e24f642ce811c10141cf19435dda
Author: Masud Hasan <mashasan@cisco.com>
Date: Wed May 29 12:37:25 2019 -0400
rna: Introducing barebone RNA module and inspector
Shravan Rangarajuvenkata (shrarang) [Mon, 3 Jun 2019 20:06:02 +0000 (16:06 -0400)]
Merge pull request #1620 in SNORT/snort3 from ~SATHIRKA/snort3:icmp_bruteforce to master
Squashed commit of the following:
commit
d6298c44470c752ccdbd2abd098814e7b36a27e5
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu May 23 14:24:42 2019 -0400
appid: Protocol based detection for non-TCP non-UDP traffic.
Mike Stepanek (mstepane) [Mon, 3 Jun 2019 20:02:00 +0000 (16:02 -0400)]
Merge pull request #1627 in SNORT/snort3 from ~MIREDDEN/snort3:stream_tcp_timestamp to master
Squashed commit of the following:
commit
7770b59dee8e8b3d7b93b8dfadbe21a33c746eb5
Author: Mike Redden <miredden@cisco.com>
Date: Wed May 29 15:57:18 2019 -0400
stream: Do not validate timestamp until peer timestamp is set
Michael Altizer (mialtize) [Mon, 3 Jun 2019 18:05:33 +0000 (14:05 -0400)]
Merge pull request #1624 in SNORT/snort3 from ~BBANTWAL/snort3:fix_async_http to master
Squashed commit of the following:
commit
84367e7e76a1f3bea145a3520fe729e099e0ac1a
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue May 28 12:24:11 2019 -0400
http_inspect: stop clearing http data snapshots from ips contexts on flow deletion
Michael Altizer (mialtize) [Fri, 31 May 2019 15:20:34 +0000 (11:20 -0400)]
Merge pull request #1617 in SNORT/snort3 from ~BBANTWAL/snort3:offload_memstats_fix to master
Squashed commit of the following:
commit
f10682ce0c9e034bef3d3a42a3e2fcebe0c94691
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Fri May 24 17:06:38 2019 -0400
flow: check if flow is actually deleted before updating memstats
Mike Stepanek (mstepane) [Fri, 24 May 2019 12:49:45 +0000 (08:49 -0400)]
Merge pull request #1614 in SNORT/snort3 from ~KATHARVE/snort3:disable_builtin to master
Squashed commit of the following:
commit
7f281ab48cb16fbc99f619c1ae72841c0886bb85
Author: Katura Harvey <katharve@cisco.com>
Date: Mon May 20 17:49:40 2019 -0400
detection: fix check for disabled rules
Shravan Rangarajuvenkata (shrarang) [Thu, 23 May 2019 14:59:25 +0000 (10:59 -0400)]
Merge pull request #1608 in SNORT/snort3 from ~KAMURTHI/snort3:BitTorrent-Fix to master
Squashed commit of the following:
commit
4adad8bc5649000bb5d8ca10f933389d441ad20a
Author: Kanimozhi Murthi <kamurthi@cisco.com>
Date: Thu May 9 16:16:46 2019 -0400
appid: support for dynamic host cache lookup-based app detection.
Mike Stepanek (mstepane) [Wed, 22 May 2019 20:41:32 +0000 (16:41 -0400)]
Merge pull request #1615 in SNORT/snort3 from ~NIHDESAI/snort3:build_256 to master
Squashed commit of the following:
commit
68d6c61b35320abc1301d55a0bac95d57e25ec3c
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed May 22 13:42:31 2019 -0400
build: generate build 256
Mike Stepanek (mstepane) [Mon, 20 May 2019 17:30:52 +0000 (13:30 -0400)]
Merge pull request #1607 in SNORT/snort3 from ~SMINUT/snort3:filters_xhash_peg to master
Squashed commit of the following:
commit
6182a08ddbac76285aad2bd3194282f5402075da
Author: Silviu Minut <sminut@cisco.com>
Date: Wed May 15 09:40:34 2019 -0400
filters: add peg count for when the thd_runtime XHash table gets full.
Tom Peters (thopeter) [Fri, 17 May 2019 14:42:51 +0000 (10:42 -0400)]
Merge pull request #1610 in SNORT/snort3 from ~SBAIGAL/snort3:perfmon_event_fix to master
Squashed commit of the following:
commit
a3fcf0a70b39bf05ed8ed9f204fd88a42fd8ea81
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Wed May 15 13:51:26 2019 -0400
perf_mon: add real timestamp to empty perf_stats data; updated dbus default subscription code and perf_mon event subscirption code to resolve memory leak and invalid event subscription from reloading; moved flow_ip_tracker to thread local
Tom Peters (thopeter) [Wed, 15 May 2019 18:39:44 +0000 (14:39 -0400)]
Merge pull request #1604 in SNORT/snort3 from ~KATHARVE/snort3:disable_inspection_in_drop_flow to master
Squashed commit of the following:
commit
991d611b02b5bb0ad494b29e6914ac649cca581c
Author: Katura Harvey <katharve@cisco.com>
Date: Tue May 7 18:53:02 2019 -0400
stream: disable inspection of flow on reset
Tom Peters (thopeter) [Wed, 15 May 2019 18:34:52 +0000 (14:34 -0400)]
Merge pull request #1602 in SNORT/snort3 from ~SMINUT/snort3:appid_fuzz to master
Squashed commit of the following:
commit
dd95d711880a5401e8486fd2d59ad8a85a5fa5c5
Author: Silviu Minut <sminut@cisco.com>
Date: Fri May 10 15:58:53 2019 -0400
http_inspect: fix status_code_num bug in HttpMsgHeader::update_flow() that leads to assert on input.length()>0 in norm_decimal_integer.
Tom Peters (thopeter) [Tue, 14 May 2019 16:34:32 +0000 (12:34 -0400)]
Merge pull request #1601 in SNORT/snort3 from ~MIREDDEN/snort3:remove_sticky_buffer_duplicates to master
Squashed commit of the following:
commit
3d998ed0f4e1faab5372d33decc333d666b6fa57
Author: Mike Redden <miredden@cisco.com>
Date: Wed May 8 14:27:34 2019 -0400
snort2lua: Remove sticky buffer duplicates
Mike Stepanek (mstepane) [Thu, 9 May 2019 16:53:50 +0000 (12:53 -0400)]
Merge pull request #1592 in SNORT/snort3 from ~SMINUT/snort3:event_filter_memcap to master
Squashed commit of the following:
commit
2da9b2b60b98cf6c2bb901d6cfab0871fed0ce7f
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Apr 30 13:23:35 2019 -0400
filters: make thd_runtime and rf_hash thread local and allocate them from thread init rather than from Module::end().
Mike Stepanek (mstepane) [Tue, 7 May 2019 17:25:19 +0000 (13:25 -0400)]
Merge pull request #1600 in SNORT/snort3 from ~DDAHIPHA/snort3:fd_leak_fixes to master
Squashed commit of the following:
commit
f6c664bc51a374308a82e13395cfb87f12621ef6
Author: Devendra Dahiphale <ddahipha@cisco.com>
Date: Tue May 7 13:23:18 2019 -0400
main: Fix File Descriptor leaks
Mike Stepanek (mstepane) [Tue, 7 May 2019 15:28:03 +0000 (11:28 -0400)]
Merge pull request #1594 in SNORT/snort3 from ~MASHASAN/snort3:per_mon_leak to master
Squashed commit of the following:
commit
f7d0fe1dab2a07f15a87177844c79419c72ca8b1
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri May 3 11:23:59 2019 -0400
perf_monitor: Fixing heap-use-after-free after reload failure
Tom Peters (thopeter) [Mon, 6 May 2019 21:01:49 +0000 (17:01 -0400)]
Merge pull request #1599 in SNORT/snort3 from ~KATHARVE/snort3:uniformity_rule_state to master
Squashed commit of the following:
commit
b5dbbf67ffbef7a7f0afcf0fa68083339bea3c2b
Author: Katura Harvey <katharve@cisco.com>
Date: Wed May 1 09:52:43 2019 -0400
Uniformity: Update the rule_state value to yes or no
Tom Peters (thopeter) [Mon, 6 May 2019 20:54:33 +0000 (16:54 -0400)]
Merge pull request #1598 in SNORT/snort3 from ~MIREDDEN/snort3:port_scan_memcap to master
Squashed commit of the following:
commit
300ad4844bc61bfacbb746ce036018ae211b7777
Author: Mike Redden <miredden@cisco.com>
Date: Mon May 6 13:46:13 2019 -0400
port_scan: Change minimum memcap value to 1024 to avoid divide by zero crash
Michael Altizer [Mon, 6 May 2019 17:32:37 +0000 (13:32 -0400)]
main: Include analyzer.h in snort.cc
Michael Altizer [Fri, 31 Aug 2018 18:40:41 +0000 (14:40 -0400)]
DAQng: Port Snort and its DAQ modules to DAQ3
Michael Altizer [Sat, 16 Mar 2019 23:31:44 +0000 (19:31 -0400)]
Revert "Merge pull request #1535 in SNORT/snort3 from ~SHRARANG/snort3:set_priv_ptr_for_pdu to master"
This reverts commit
cdae58b2fde31057795c04185d22d2b7e9e916ef .
Michael Altizer [Sun, 5 May 2019 16:00:15 +0000 (12:00 -0400)]
packet_io: Refactor the Trough a bit
Russ Combs (rucombs) [Sat, 4 May 2019 16:23:41 +0000 (12:23 -0400)]
Merge pull request #1595 in SNORT/snort3 from ~RUCOMBS/snort3:build_255 to master
Squashed commit of the following:
commit
5dc88fa07e26e6332fcc681e8d6e7ff0321e712e
Author: Russ Combs <rucombs@cisco.com>
Date: Fri May 3 18:34:44 2019 -0400
build: generate and tag build 255
Russ Combs (rucombs) [Sat, 4 May 2019 16:23:08 +0000 (12:23 -0400)]
Merge pull request #1589 in SNORT/snort3 from ~RUCOMBS/snort3:doc_include to master
Squashed commit of the following:
commit
c2a60f4a03b15a9c423d50ca27f9b645c65afb18
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Apr 29 18:07:24 2019 -0400
doc: explain include logic
Michael Altizer (mialtize) [Tue, 30 Apr 2019 15:40:05 +0000 (11:40 -0400)]
Merge pull request #1591 in SNORT/snort3 from ~MIALTIZE/snort3:static_analysis to master
Squashed commit of the following:
commit
b1dd6db8cc79cc8b0881f508f1c1679165aa92b1
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Apr 24 15:39:22 2019 -0400
piglet_plugins: Don't try to memset SigInfo
commit
846cd74233e2e6de40528e364bb10b5be8421848
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 13:02:37 2019 -0400
tcp_connector: Fix memory leak in receive overrun scenario
commit
f168872f04abdc26d1ebcb7bc43977b0ecd8bc4e
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 12:49:41 2019 -0400
appid: Add assertion to pop3 detector to quiet the static analyzer
commit
7d190cd75022d2cc4e0400e10406c7a182504566
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Apr 22 12:36:37 2019 -0400
module_manager: Fix potential null deref in module parameter dumping
Russ Combs (rucombs) [Mon, 29 Apr 2019 21:42:31 +0000 (17:42 -0400)]
Merge pull request #1588 in SNORT/snort3 from ~RUCOMBS/snort3:includer to master
Squashed commit of the following:
commit
62464559e2ebd8b9739db1ea8c10907bc6830aeb
Author: russ <rucombs@cisco.com>
Date: Sat Apr 27 16:03:45 2019 -0400
ips: add includer for better relative path support
Michael Altizer [Fri, 26 Apr 2019 20:45:18 +0000 (16:45 -0400)]
build: generate and tag build 254
russ [Thu, 25 Apr 2019 03:32:11 +0000 (23:32 -0400)]
Squashed commit of the following:
commit
552e1aa03b669531521d01ce40fa8fbb0a1215ae
Author: russ <rucombs@cisco.com>
Date: Wed Apr 24 11:14:17 2019 -0400
build: remove unused cruft; clean up KMap
commit
f69abdece93f196911a01ea7cae502cea2d49874
Author: russ <rucombs@cisco.com>
Date: Mon Apr 22 13:02:28 2019 -0400
file_type: remove redundant error message
commit
cae5d0ddbe8b94bace3de56929e2ff14834f3a29
Author: russ <rucombs@cisco.com>
Date: Fri Apr 19 21:33:03 2019 -0400
config: replace working dir overrides with --include-path
Tom Peters (thopeter) [Wed, 24 Apr 2019 21:44:11 +0000 (17:44 -0400)]
Merge pull request #1586 in SNORT/snort3 from ~KATHARVE/snort3:remove_histogram_comment to master
Squashed commit of the following:
commit
3e8b8b74d24b518199b988c5ff21ccbfb995336d
Author: Katura Harvey <katharve@cisco.com>
Date: Fri Apr 19 19:40:34 2019 -0400
snort2lua: fix histogram option change comment
Mike Stepanek (mstepane) [Wed, 24 Apr 2019 19:10:45 +0000 (15:10 -0400)]
Merge pull request #1572 in SNORT/snort3 from ~DDAHIPHA/snort3:dev_large_fd_segfault to master
Squashed commit of the following:
commit
bcc34f2893948bf0ed49d563d576e4abf0e45626
Author: Devendra Dahiphale <ddahipha@cisco.com>
Date: Tue Apr 23 15:00:15 2019 -0400
main: Use epoll(for linux systems) instead of select to get rid of limit on fd-set-size and for time efficiency
Tom Peters (thopeter) [Mon, 22 Apr 2019 20:19:24 +0000 (16:19 -0400)]
Merge pull request #1583 in SNORT/snort3 from ~MIREDDEN/snort3:int_range_check to master
Squashed commit of the following:
commit
389a46587625947d2f6a771e06739513c342b655
Author: Mike Redden <miredden@cisco.com>
Date: Thu Apr 18 07:35:11 2019 -0400
snort2lua: Integer parameter range check
Russ Combs (rucombs) [Fri, 19 Apr 2019 18:36:03 +0000 (14:36 -0400)]
Merge pull request #1585 in SNORT/snort3 from ~RUCOMBS/snort3:mainz to master
Squashed commit of the following:
commit
908ec9dc090b12b4d788385fe82c3d866d5c4f50
Author: russ <rucombs@cisco.com>
Date: Fri Apr 19 11:51:28 2019 -0400
test: remove cruft
Tom Peters (thopeter) [Fri, 19 Apr 2019 18:24:18 +0000 (14:24 -0400)]
Merge pull request #1582 in SNORT/snort3 from ~MDAGON/snort3:rm_inspector_ptr to master
Squashed commit of the following:
commit
08accc17ea648f31d2f1972af76508ea5465aaf2
Author: Maya Dagon <mdagon@cisco.com>
Date: Thu Apr 4 09:25:01 2019 -0400
appid: remove inspector reference from detectors
Russ Combs (rucombs) [Fri, 19 Apr 2019 16:50:21 +0000 (12:50 -0400)]
Merge pull request #1584 in SNORT/snort3 from ~RUCOMBS/snort3:context to master
Squashed commit of the following:
commit
a62c0c1e09e2dd640ac8c3511c5c4ea416baaa78
Author: russ <rucombs@cisco.com>
Date: Thu Apr 18 15:02:09 2019 -0400
context: only clear ids_in_use in dtor
Russ Combs (rucombs) [Thu, 18 Apr 2019 14:30:01 +0000 (10:30 -0400)]
Merge pull request #1581 in SNORT/snort3 from ~RUCOMBS/snort3:tweakz to master
Squashed commit of the following:
commit
743a8e8c10cac70fd9cde12da4fb4bb09f76b6d2
Author: russ <rucombs@cisco.com>
Date: Wed Apr 17 20:50:13 2019 -0400
Lua: update tweaks per latest include changes
Russ Combs (rucombs) [Thu, 18 Apr 2019 00:12:37 +0000 (20:12 -0400)]
Merge pull request #1579 in SNORT/snort3 from ~MIALTIZE/snort3:misc_fixes to master
Squashed commit of the following:
commit
d7a95b1ffbc9d5624eec6487b4190aca2eb870ab
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Apr 17 16:17:41 2019 -0400
build: Remove perpetually stale reference to lua_plugffi.h
commit
57d3b9bbec7694a892616c81221f4733e6592114
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Oct 16 01:35:50 2018 -0400
log_pcap, packet_capture: Don't try to use a DAQ pkthdr as a PCAP pkthdr
This is not forward-compatible and generally bad practice. Build the
PCAP pkthdr manually instead.
commit
bae93a9ced6e132a0c4bbd8eb078ef39d7dc40cf
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Apr 16 18:31:03 2019 -0400
analyzer: Print pause indicator from analyzer threads
commit
a82a42d59d9058be8202f1b567e2174073e9ef6e
Author: Michael Altizer <mialtize@cisco.com>
Date: Tue Apr 9 14:56:27 2019 -0400
stream_tcp: Try to work with a cleaner Packet when purging at shutdown
Russ Combs (rucombs) [Wed, 17 Apr 2019 19:30:27 +0000 (15:30 -0400)]
Merge pull request #1580 in SNORT/snort3 from ~RUCOMBS/snort3:build_253 to master
Squashed commit of the following:
commit
9aaeea54ba6a8d1d0f43ba62fd8d5b5b38301ee3
Author: russ <rucombs@cisco.com>
Date: Wed Apr 17 15:01:30 2019 -0400
build: generate and tag build 253
commit
ea566c80783dd1f43b4dbee6a08c142a26d5aa3b
Author: russ <rucombs@cisco.com>
Date: Wed Apr 17 15:02:14 2019 -0400
cppcheck: remove unused code and related cruft
Tom Peters (thopeter) [Wed, 17 Apr 2019 18:54:21 +0000 (14:54 -0400)]
Merge pull request #1575 in SNORT/snort3 from ~BRASTULT/snort3:mime_decomp_multi to master
Squashed commit of the following:
commit
ed039047233cce49a43669e8e17d10920b4bec05
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Apr 11 11:39:54 2019 -0400
mime: fix decompression for multiple files
russ [Wed, 17 Apr 2019 01:29:44 +0000 (21:29 -0400)]
Squashed commit of the following:
commit
a7e771a2fafea7cb9d184b9ab08d0d436de91819
Author: russ <rucombs@cisco.com>
Date: Tue Apr 16 09:27:28 2019 -0400
build: fix lua_plugffi.h make error
commit
561738d9ffc7b6491b618187affe51b379389681
Author: russ <rucombs@cisco.com>
Date: Mon Apr 15 10:02:53 2019 -0400
Lua: remove dependency on SNORT_LUA_PATH
commit
6e0cb4c41a389ef6f084ef82c0155acc888f1786
Author: russ <rucombs@cisco.com>
Date: Wed Apr 10 15:54:43 2019 -0400
parser: update include file handling
Unify Lua and rule include handling of relative paths to search in this order:
relative to working directory, relative to the including file, and if that
fails relative to the -c conf. The precedence allows overrides and supports
processing non-local configurations.
Mike Stepanek (mstepane) [Tue, 16 Apr 2019 20:11:06 +0000 (16:11 -0400)]
Merge pull request #1578 in SNORT/snort3 from ~MASHASAN/snort3:excess_max_sessions to master
Squashed commit of the following:
commit
0f8c59bf66e5fb22a20a884d86a069deaf79f715
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Apr 15 22:08:16 2019 -0400
flow_cache: Pruning one stream when excess pruning skips even if max_sessions is reached
Russ Combs (rucombs) [Sat, 13 Apr 2019 15:58:34 +0000 (11:58 -0400)]
Merge pull request #1577 in SNORT/snort3 from ~RUCOMBS/snort3:optionz to master
Squashed commit of the following:
commit
bdef92d85c5ca745f34b013e3b970db41db95122
Author: russ <rucombs@cisco.com>
Date: Sat Apr 13 01:11:35 2019 -0400
doc: remove mention of obsolete LUA_PATH and required snort_config library
commit
fd6e7aab7c852c82fc5247d864e54e6c852c174b
Author: russ <rucombs@cisco.com>
Date: Sat Apr 13 00:20:47 2019 -0400
Lua: build-time stringify Lua files for use as C++ variables
commit
0a54f6e497855af5cf3e8abcf26e13471618ecbf
Author: russ <rucombs@cisco.com>
Date: Fri Apr 12 21:19:01 2019 -0400
Lua: internalize snort_config.lua dependency
This change eliminates the need to require('snort_config') in snort.lua.
Instead, the file is built into Snort and directly injected into the
Lua states before loading chunks. Similarly, internal defaults are
handled the same for the top-level (eg -c) config file. Handling
defaults in this way ensures that automatically activated builtin
modules don't rely on separate C++ initializations and doesn't require
additional code.
commit
33b4714afee826843edac5e78accf04a4ec9a520
Author: russ <rucombs@cisco.com>
Date: Thu Apr 11 13:02:39 2019 -0400
Lua: apply the necessary builtin defaults from one place
commit
a61926cd22264fc13f1afd598158c770c3df1f54
Author: russ <rucombs@cisco.com>
Date: Thu Apr 11 13:01:52 2019 -0400
parser: fix defaults for alerts.order and network.checksum_eval
Russ Combs (rucombs) [Fri, 12 Apr 2019 02:04:06 +0000 (22:04 -0400)]
Merge pull request #1576 in SNORT/snort3 from ~BRASTULT/snort3:readdir_fix to master
Squashed commit of the following:
commit
4a75e6c93019765a716eb97e8e9d270f4f4b66dc
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Apr 11 21:11:07 2019 -0400
helpers: directory: use readdir instead of readdir_r
Michael Altizer (mialtize) [Thu, 11 Apr 2019 14:34:42 +0000 (10:34 -0400)]
Merge pull request #1554 in SNORT/snort3 from ~BBANTWAL/snort3:ftp_telnet_fix to master
Squashed commit of the following:
commit
f58bec4438aa335dd6141a62b1409c5d3eda171f
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Mar 18 23:51:50 2019 -0400
ftptelnet: use the normalized telnet buffer to alert telnet on ftp command channel, flush on ftp encrypted data boundaries, check for telnet at the start of the ftp packet
Tom Peters (thopeter) [Wed, 10 Apr 2019 20:51:55 +0000 (16:51 -0400)]
Merge pull request #1574 in SNORT/snort3 from ~NIHDESAI/snort3:build_252 to master
Squashed commit of the following:
commit
514ffa6b2c65173321e8548a1924100a7b62fd80
Author: Nihal Desai <nihdesai@cisco.com>
Date: Wed Apr 10 04:05:50 2019 -0400
build: generate and tag build 252
Michael Altizer (mialtize) [Tue, 9 Apr 2019 23:23:55 +0000 (19:23 -0400)]
Merge pull request #1573 in SNORT/snort3 from ~MIALTIZE/snort3:cppcheck_cleanup to master
Squashed commit of the following:
commit
fdbec61b49b670ce9b989b6b48aba844f6c557b2
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 12:52:13 2019 -0400
stream_ip: Fix some sign comparison and val-never-used issues in defrag
commit
e9b23a5a11f182bd39b965387f0c89dbc9d2f525
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 12:45:39 2019 -0400
sfip: Switch test debug flag to a cpp macro
commit
c007faf4cc92dd726643c0db25d80595e7ea52b7
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 12:43:14 2019 -0400
stream_tcp: Fix shadowed variable when profiling deeply
commit
157b86050f92c9b8e2c5b8a15d648b98f269f234
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 12:40:57 2019 -0400
sip: Give SipSplitterUT a proper copy constructor
commit
136f8e27e2e7c64a9ce69f863485accb5e155201
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 01:01:34 2019 -0400
http_inspect: Give HttpTestInput a destructor to clean up its file handle
commit
05042d60a741ef58aa29164ccd164740d7fb92e3
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 00:53:41 2019 -0400
dce_rpc: Fix const cast warnings in dce_smb2
commit
96b0d5fa47ec75ecd1633fc791620efa0053f445
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 00:46:48 2019 -0400
sfrt: Reduce variable scope in _dir_remove_less_specific()
commit
97349bea2c2feaa8720c1f4ae7c188c42c50ebec
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 00:05:53 2019 -0400
sfip: Reduce variable scopes in sf_ipvar
commit
e845b11895234406ca49f05691f16aa59cb1f2e3
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 00:03:12 2019 -0400
http_inspect: Fix val-never-used warning in check_oversize_dir()
commit
0da57f68b476ffc7e21dde50c23b3fb2ef735b23
Author: Michael Altizer <mialtize@cisco.com>
Date: Fri Apr 5 00:02:36 2019 -0400
ftp_telnet: Fix potential NULL pointer arithmetic in check_ftp()
commit
2e031f385815f68eb4593fcd70c0195d1cce9c60
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:50:24 2019 -0400
ftp_telnet: Fix val-never-used warning in DoNextFormat()
commit
2109923caab495d186439e2ef90a92d87f247da2
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:43:39 2019 -0400
port_scan: Reduce variable scope in configuration
commit
23479a1b23a7437517ba6869c5e2c95ca48c49ef
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:42:22 2019 -0400
packet_tracer: Pass filename string parameter by reference
commit
b568c8ac6dcca0265eac8e7e030929700080a82e
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:40:10 2019 -0400
normalize: Remove redundant check during configuration
commit
ffb8b99771b023d476f77fb62baf63e967ad3206
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:36:52 2019 -0400
perf_monitor: Pass ModuleConfig string parameter by reference
commit
85c0f251a0a48dfcfffaf1916842f3ed8758b82e
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:33:45 2019 -0400
appid: Reduce variable scope in service_rpc
commit
3703dd34e882a2f5f2e4f08b960574db97d75e98
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:31:38 2019 -0400
appid: Reduce variable scope in service_mdns
commit
7e812350757fed73046dfb503ec1b1853572ce45
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:27:12 2019 -0400
appid: Fix NetworkSet compilation on big-endian systems
commit
0822e9772599bfb271874d7ff4c3f4a019cad8ce
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:17:48 2019 -0400
log: Fix potential NULL pointer arithmetic warning in log_text
commit
8b91170713267d0bbcf69267400a6b99830adaa4
Author: Michael Altizer <mialtize@cisco.com>
Date: Thu Apr 4 23:09:53 2019 -0400
codecs/ipv4: Use struct in_addr when calling inet_ntop()
... and 4 more commits
Michael Altizer (mialtize) [Tue, 9 Apr 2019 21:42:34 +0000 (17:42 -0400)]
Merge pull request #1531 in SNORT/snort3 from ~STECHEW/snort3:daq_retry3 to master
Squashed commit of the following:
commit
f33b4040c35afc9809a0b7902764d61d9b56a3c2
Author: Steve Chew <stechew@cisco.com>
Date: Wed Mar 27 02:02:59 2019 +0530
stream: set retransmit flag.
commit
7de134a1caac546342abd0ed928a5b18ca9a6df4
Author: Steve Chew <stechew@cisco.com>
Date: Thu Mar 21 03:22:23 2019 +0530
u2spewfoo: update due to re-ording of retry action.
commit
32361ffa3a697e41cbfae701d4ae11afc0a49ca0
Author: Steve Chew <stechew@cisco.com>
Date: Wed Mar 20 21:28:35 2019 +0530
packet_io: Due to re-ordering, need to add entry for retry in act_str.
commit
8618472dadc2f160d801b12f80b3646e69354404
Author: Steve Chew <stechew@cisco.com>
Date: Tue Mar 19 06:37:12 2019 +0530
file_api: use timersub_ms, updates to packettracer logs.
commit
01b6e4f2ace3a78568612e76784484a209320d89
Author: Steve Chew <stechew@cisco.com>
Date: Thu Mar 14 01:06:37 2019 +0530
packet_io: re-order ACT_RETRY to be before ACT_DROP.
commit
092a415aa0ee3a4531341f3636586c7c9dd6435d
Author: Steve Chew <stechew@cisco.com>
Date: Wed Mar 13 18:16:13 2019 +0530
file_api: use more generic form of timercmp and fix timersub call.
commit
6a63b7f0b19dbe65106ae216fcd9bfdfbde4db93
Author: Steve Chew <stechew@cisco.com>
Date: Sat Mar 9 02:43:47 2019 +0530
file_api: If configured, reset session when lookup times out.
commit
4d00d8ee8a082d8f72df12ca2d0d20c36c7d9cd1
Author: Steve Chew <stechew@cisco.com>
Date: Fri Mar 8 23:46:19 2019 +0530
file_api: Make expiration timers more granular.
commit
67b047bcc5318c927472cd37384a06363f115c28
Author: Steve Chew <stechew@cisco.com>
Date: Wed Mar 6 22:39:51 2019 +0530
file_api: Add timer to limit how long we want for pending file lookup.
commit
8580f1e4b427c58525de7dd2803e4bdaebe6c5a1
Author: Steve Chew <stechew@cisco.com>
Date: Fri Mar 1 06:56:57 2019 +0530
packet_io: Changes to allow daq retries to work properly.
Mike Stepanek (mstepane) [Tue, 9 Apr 2019 17:33:56 +0000 (13:33 -0400)]
Merge pull request #1569 in SNORT/snort3 from ~MASHASAN/snort3:tp_config_path to master
Squashed commit of the following:
commit
da74dfd4ea9c7b2bfe51156c83cb0e4cf77ac987
Author: Masud Hasan <mashasan@cisco.com>
Date: Tue Apr 2 09:18:00 2019 -0400
snort2lua: Adding support for appid tp_config_path conversion
Russ Combs (rucombs) [Tue, 9 Apr 2019 13:33:49 +0000 (09:33 -0400)]
Merge pull request #1571 in SNORT/snort3 from ~RUCOMBS/snort3:wcochran53 to master
Squashed commit of the following:
commit
4c3045b03aaafc429c017dbffd3887c7031773b4
Author: russ <rucombs@cisco.com>
Date: Sun Apr 7 22:09:02 2019 -0400
offload: simplify zero byte bypass
commit
4b038913ceb7598ec61f6bef1b0b5b156ab013f6
Author: William Cochrane <w.cochrane@titan-ic.com>
Date: Tue Mar 26 12:14:29 2019 +0000
offload: Framework changes to support polling for completed
batch searches
When a batch search is issued, currently we poll to
determine if that batch has completed its search.
This change facilitates polling to return any batch
that has completed its search.
commit
65a967dd7731286ba101a144d428554e9ad75cc0
Author: William Cochrane <w.cochrane@titan-ic.com>
Date: Fri Mar 22 16:25:36 2019 +0000
mpse: Adding performance profiling stats to Mpse batch search
The Mpse batch search function does not have any
performance profiling so this function is now wrapped
to facilitate the addition of performance stats
commit
9140669833d97bd5f8e9ada4e2868576e82e5622
Author: William Cochrane <w.cochrane@titan-ic.com>
Date: Thu Mar 21 18:00:34 2019 +0000
detection: Don't send zero size searches to the regex offloader
If a batch search request had nothing in it to be
searched for there is no purpose in sending it to
the offloader
commit
6f1b0ad1baa1a784d70403ef9786ca396d9ba850
Author: William Cochrane <w.cochrane@titan-ic.com>
Date: Thu Mar 21 17:23:27 2019 +0000
detection: Ensure offload search engine started with appropriate regex offloader
If the offload_search_method is not specified then by
default it will be the same as the normal search_method.
If this search method is an async mpse it needs started
using the MpseRegexOffload offloader otherwise it needs
started using the ThreadRegexOffload offloader
Russ Combs (rucombs) [Mon, 8 Apr 2019 22:15:17 +0000 (18:15 -0400)]
Merge pull request #1570 in SNORT/snort3 from ~RUCOMBS/snort3:rule_state to master
Squashed commit of the following:
commit
8af3fc4d5d0e7d1a6ac213cf92635b4dba74b500
Author: russ <rucombs@cisco.com>
Date: Sat Apr 6 11:32:27 2019 -0400
rules: remove cruft from tree nodes
commit
f1190a2475f7b560c3016b4a0d8801c276846e6f
Author: russ <rucombs@cisco.com>
Date: Fri Apr 5 11:30:40 2019 -0400
rule_state: rule_state: do not require rules in all policies
Tom Peters (thopeter) [Thu, 4 Apr 2019 19:46:52 +0000 (15:46 -0400)]
Merge pull request #1568 in SNORT/snort3 from ~SBAIGAL/snort3:mime_filename to master
Squashed commit of the following:
commit
c8ba2e41d3bbf7c8a7664ca65539026e1cc1510b
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Fri Mar 29 14:46:32 2019 -0400
file_api: add extract filename to FileFlow from mime header
Tom Peters (thopeter) [Thu, 4 Apr 2019 17:55:46 +0000 (13:55 -0400)]
Merge pull request #1560 in SNORT/snort3 from ~MIREDDEN/snort3:raw_data_conversion to master
Squashed commit of the following:
commit
e79c9266e5324907de4d5cd730cc4934331b706e
Author: Mike Redden <miredden@cisco.com>
Date: Tue Mar 26 15:58:55 2019 -0400
snort2lua: Convert rawbytes to raw_data sticky buffer
Mike Stepanek (mstepane) [Thu, 4 Apr 2019 15:28:52 +0000 (11:28 -0400)]
Merge pull request #1567 in SNORT/snort3 from ~SMINUT/snort3:stash_publish to master
Squashed commit of the following:
commit
85edf32e438e758638f26c854eb0b81edfdbc0d6
Author: Silviu Minut <sminut@cisco.com>
Date: Fri Mar 29 16:06:09 2019 -0400
flow: stash publish event.
flow: unit test for stash publish.
flow: address reviewers comments and add one more test to check that a handler is not getting stash events that it's not listening to.
flow: add the override keyword to some member function to keep cppcheck happy.
Russ Combs (rucombs) [Tue, 2 Apr 2019 02:08:25 +0000 (22:08 -0400)]
Merge pull request #1520 in SNORT/snort3 from ~RUCOMBS/snort3:so_rulez to master
Squashed commit of the following:
commit
f07cb92074a0874b6f64008dcafd3ba716de877a
Author: russ <rucombs@cisco.com>
Date: Sat Mar 30 14:03:48 2019 -0400
so rules: fixup shutdown sequencing
commit
01db8beda055da0ac1f936d4252670cd185a6ec3
Author: russ <rucombs@cisco.com>
Date: Sun Feb 17 13:06:34 2019 -0500
so rules: use stub strictly as a key
commit
498dec668e51bdeaf9ddcb91767099f2e79b3ff8
Author: russ <rucombs@cisco.com>
Date: Sat Feb 16 11:53:51 2019 -0500
so rules: make plain stubs same as protected
Russ Combs (rucombs) [Mon, 1 Apr 2019 03:53:48 +0000 (23:53 -0400)]
Merge pull request #1561 in SNORT/snort3 from ~RUCOMBS/snort3:build_251 to master
Squashed commit of the following:
commit
fee3b901d26c6e60bf00d7e205b2d819c40bea78
Author: Russ Combs <rucombs@cisco.com>
Date: Sun Mar 31 02:00:29 2019 -0400
doc: update default manuals
commit
ccde7e61569f60e8b0216e9a0252ad9f1ff2dffd
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Mar 29 17:18:25 2019 -0400
build: generate and tag build 251
commit
aab8ef499785065115554f39b284ab1808cb3d1e
Author: russ <rucombs@cisco.com>
Date: Sun Mar 31 00:34:55 2019 -0400
doc: fixup markup escapes
Russ Combs (rucombs) [Mon, 1 Apr 2019 00:36:56 +0000 (20:36 -0400)]
Merge pull request #1501 in SNORT/snort3 from ~VIROEMER/snort3:ssl_count_disabled to master
Squashed commit of the following:
commit
feadce72ee24492a12455f0bd2c765554e339d65
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date: Wed Jan 30 14:53:31 2019 -0500
ssl: Count calls to disable_content for ssl sessions
Russ Combs (rucombs) [Sun, 31 Mar 2019 23:57:09 +0000 (19:57 -0400)]
Merge pull request #1562 in SNORT/snort3 from ~NIHDESAI/snort3:flow_fix to master
Squashed commit of the following:
commit
64a3be8975133ead29b22aa49ca3598c9e6077ed
Author: Nihal Desai <nihdesai@cisco.com>
Date: Fri Mar 29 12:08:23 2019 -0400
file: Infinite loop in FileFlows::get_file_policy
Michael Altizer (mialtize) [Sun, 31 Mar 2019 05:23:43 +0000 (01:23 -0400)]
Merge pull request #1563 in SNORT/snort3 from ~MIALTIZE/snort3:safec to master
Squashed commit of the following:
commit
e71b6d78753ce9d363c87fd451bea6bb23e6a07d
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Mar 30 15:50:25 2019 -0400
safec: Update to work with modern versions of LibSafeC
Tested with LibSafeC v30122018 3.4.
LibSafeC is currently incompatible with Clang.
- See: https://github.com/rurban/safeclib/issues/58
Michael Altizer (mialtize) [Sun, 31 Mar 2019 02:24:27 +0000 (22:24 -0400)]
Merge pull request #1564 in SNORT/snort3 from ~MIALTIZE/snort3:catch_update to master
Squashed commit of the following:
commit
9ac51566888dbb7463947b9b802974d02f75724f
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 11 02:11:20 2019 -0400
catch: Update to Catch v2.7.0
Michael Altizer (mialtize) [Sat, 30 Mar 2019 22:25:36 +0000 (18:25 -0400)]
Merge pull request #1565 in SNORT/snort3 from ~MIALTIZE/snort3:policy_true_false to master
Squashed commit of the following:
commit
4bd25a96d51859bfb7cda72561fce93869f82dcd
Author: Michael Altizer <mialtize@cisco.com>
Date: Sat Mar 30 16:39:30 2019 -0400
policy: Rename TRUE/FALSE to ENABLE/DISABLED
Works around awkward C-style usage situations where TRUE/FALSE are
defined and used.
Michael Altizer (mialtize) [Fri, 29 Mar 2019 15:32:49 +0000 (11:32 -0400)]
Merge pull request #1545 in SNORT/snort3 from ~CWAXMAN/snort3:rule_state to master
Squashed commit of the following:
commit
323e859c920a3edbb522200a408a47aaabb74e34
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Mar 12 15:21:40 2019 -0400
detection, snort2lua: added global rule state options for legacy conversions
commit
b5cb6f3f9a17fb2df26c86475e305946edaaef5c
Author: Carter Waxman <cwaxman@cisco.com>
Date: Fri Mar 8 15:36:25 2019 -0500
detection: fixed incorrect log messages
commit
eb438448160d41867d5e68a890cea627a04c88fb
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Feb 26 08:28:52 2019 -0500
rule_state: added default rule state to ips policy
commit
6eec505eb1af7357584eb7a18a49fde409b5e1a3
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Feb 25 15:41:08 2019 -0500
rule_state: add rtn but disable if block is set on non-inline deployment
commit
52b20be073639ba0f1b75a0943c6b595f81b7318
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Feb 18 12:27:48 2019 -0500
rule_state: added per-ips-policy rule states
Tom Peters (thopeter) [Wed, 27 Mar 2019 17:21:20 +0000 (13:21 -0400)]
Merge pull request #1550 in SNORT/snort3 from ~BRASTULT/snort3:mime_decomp to master
Squashed commit of the following:
commit
8c90afe003ccdf8367cfdc75bb10b9bac6d0d396
Author: Brandon Stultz <brastult@cisco.com>
Date: Mon Mar 4 19:59:41 2019 -0500
mime: add file decompression
Tom Peters (thopeter) [Tue, 26 Mar 2019 14:56:12 +0000 (10:56 -0400)]
Merge pull request #1532 in SNORT/snort3 from ~NIHDESAI/snort3:snort2lua_zones to master
Squashed commit of the following:
commit
ab76f0b0b651553f40675e5d33511a968ec35a16
Author: Nihal Desai <nihdesai@cisco.com>
Date: Fri Mar 1 07:22:06 2019 -0500
snort2lua: combining multiple zone in one binder rule
Russ Combs (rucombs) [Tue, 26 Mar 2019 14:26:14 +0000 (10:26 -0400)]
Merge pull request #1559 in SNORT/snort3 from ~RUCOMBS/snort3:memory_tuning to master
Squashed commit of the following:
commit
2874195e426137dc9386085c2383cdd0cde0042c
Author: russ <rucombs@cisco.com>
Date: Mon Mar 25 16:26:26 2019 -0400
memory: increase default tcp cache cap weight; fix default values
Mike Stepanek (mstepane) [Tue, 26 Mar 2019 13:33:37 +0000 (09:33 -0400)]
Merge pull request #1555 in SNORT/snort3 from ~PSHINDE2/snort3:stash_generic_object to master
Squashed commit of the following:
commit
2d8ecbc8af7f804f5825fb3110e6b247524f7221
Author: Pratik Shinde <pshinde2@cisco.com>
Date: Tue Mar 19 14:52:32 2019 -0400
flow: Added a support to store generic objects in a stash
Russ Combs (rucombs) [Mon, 25 Mar 2019 16:55:42 +0000 (12:55 -0400)]
Merge pull request #1557 in SNORT/snort3 from ~RUCOMBS/snort3:various to master
Squashed commit of the following:
commit
b953cc05bab4496ade6f9db8a31cc9e25c965740
Author: russ <rucombs@cisco.com>
Date: Sun Mar 24 12:09:49 2019 -0400
stream_tcp: fix up stream order flags
-- use trivial fsm for proper flagging
-- remove useless checks from smtp
-- reorder tracker data members to save 48 bytes / flow
commit
2a04335c17f174bb575e9179a91cb9dc81c20f4e
Author: russ <rucombs@cisco.com>
Date: Sat Mar 23 00:35:36 2019 -0400
stream_tcp: add track_only to disable reassembly
commit
bdfb917a0a350477b7d02a0acf073931e1926f81
Author: russ <rucombs@cisco.com>
Date: Fri Mar 22 14:39:32 2019 -0400
conf: remove obscure and slow automatic iface var assignments; use Lua instead
commit
9173b5a8862e22b2a8d2d3b86f09045d0d5a26de
Author: russ <rucombs@cisco.com>
Date: Thu Mar 21 20:23:06 2019 -0400
profiler: add quick exit if not configured to minimize overhead (rule times)
commit
97804d99baafb7b60785f198758ba7e9d1c472cd
Author: russ <rucombs@cisco.com>
Date: Thu Mar 21 17:46:56 2019 -0400
appid: fixup profiling
-- use generic DeepProfile instead of APPID_DEEP_PERF_PROFILING
-- change tp_library to deep profile consistent with subprofiles
Tom Peters (thopeter) [Mon, 25 Mar 2019 15:54:52 +0000 (11:54 -0400)]
Merge pull request #1558 in SNORT/snort3 from ~MDAGON/snort3:pkttracer_fix to master
Squashed commit of the following:
commit
80b532ad323a5114f1dc705e4fca5b2407aa2d57
Author: Maya Dagon <mdagon@cisco.com>
Date: Fri Mar 22 15:49:48 2019 -0400
packet tracer: initialize sf_ip structs
Russ Combs (rucombs) [Mon, 25 Mar 2019 15:06:19 +0000 (11:06 -0400)]
Merge pull request #1538 in SNORT/snort3 from ~BRASTULT/snort3:rtf_file_magic to master
Squashed commit of the following:
commit
c12998cc3682442282ae2725a8922603fc16f65e
Author: Brandon Stultz <brastult@cisco.com>
Date: Thu Mar 7 13:50:48 2019 -0500
lua: make RTF file magic more generic
Russ Combs (rucombs) [Thu, 21 Mar 2019 23:33:46 +0000 (19:33 -0400)]
Merge pull request #1553 in SNORT/snort3 from ~BBANTWAL/snort3:offload_stats to master
Squashed commit of the following:
commit
a94be253698a7f9a43a4f59f51c21e030254e68c
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Mon Mar 18 21:02:50 2019 -0400
fix stats for thread
Russ Combs (rucombs) [Wed, 20 Mar 2019 21:01:18 +0000 (17:01 -0400)]
Merge pull request #1556 in SNORT/snort3 from ~RUCOMBS/snort3:profile_short_circuit to master
Squashed commit of the following:
commit
d2741170286a40b9455cbf3933938c6b05215e42
Author: russ <rucombs@cisco.com>
Date: Tue Mar 19 19:24:05 2019 -0400
profiler: add quick exit if not configured to minimize overhead
Mike Stepanek (mstepane) [Mon, 18 Mar 2019 13:03:05 +0000 (09:03 -0400)]
Merge pull request #1547 in SNORT/snort3 from ~SHRARANG/snort3:cppcheck_unified2_warning to master
Squashed commit of the following:
commit
5dd20b0132607f4e6d597a3ac467de25671c32b7
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Wed Mar 13 13:27:29 2019 -0400
loggers: workaround for cppcheck's false warning
Russ Combs (rucombs) [Fri, 15 Mar 2019 19:44:03 +0000 (15:44 -0400)]
Merge pull request #1552 in SNORT/snort3 from ~RUCOMBS/snort3:mem_fix to master
Squashed commit of the following:
commit
da79c2660cc86ccefbca374de8eb79a4d3bb00e6
Author: russ <rucombs@cisco.com>
Date: Fri Mar 15 15:46:26 2019 -0400
memory: fix re-entry check
Russ Combs (rucombs) [Fri, 15 Mar 2019 01:05:36 +0000 (21:05 -0400)]
Merge pull request #1551 in SNORT/snort3 from ~RUCOMBS/snort3:mem_patch to master
Squashed commit of the following:
commit
26fa24b06bd1cb55b6aef483acb5be9f09f72d39
Author: russ <rucombs@cisco.com>
Date: Thu Mar 14 18:53:23 2019 -0400
memory: remove useless thread local
commit
5e3460332ef06117b951ed7173d052afc68fe48a
Author: russ <rucombs@cisco.com>
Date: Thu Mar 14 17:56:15 2019 -0400
memory: do not re-enter the pruner
-- prevent allocations when pruning flow for memory
-- detect re-entrancy and exit as a failsafe
Russ Combs (rucombs) [Thu, 14 Mar 2019 15:33:12 +0000 (11:33 -0400)]
Merge pull request #1548 in SNORT/snort3 from ~RUCOMBS/snort3:paf_patch to master
Squashed commit of the following:
commit
d1f14a7c72073ae035240923469ca9f9e2802740
Author: russ <rucombs@cisco.com>
Date: Wed Mar 13 17:10:20 2019 -0400
stream_tcp: reset paf segment when switching splitters
Mike Stepanek (mstepane) [Wed, 13 Mar 2019 16:58:55 +0000 (12:58 -0400)]
Merge pull request #1546 in SNORT/snort3 from ~SMINUT/snort3:appid_cppcheck_fix to master
Squashed commit of the following:
commit
3bc591783eec49228ab734db71c0dc84e9e9d208
Author: Silviu Minut <sminut@cisco.com>
Date: Wed Mar 13 11:46:32 2019 -0400
appid: keep cppcheck happy.
appid: rename some global variables in http_url_patterns_test.cc to suppress cppcheck messages.
appid: more cppcheck clean-up.
Mike Stepanek (mstepane) [Wed, 13 Mar 2019 14:20:03 +0000 (10:20 -0400)]
Merge pull request #1544 in SNORT/snort3 from ~SMINUT/snort3:snort2lua_max_sessions to master
Squashed commit of the following:
commit
e04a522a4798c2700eb137ab9f245b5ae2fb444e
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Mar 12 15:48:24 2019 -0400
snort2lua: change the -l short option to --dont-convert-max-sessions.
Mike Stepanek (mstepane) [Wed, 13 Mar 2019 13:30:22 +0000 (09:30 -0400)]
Merge pull request #1542 in SNORT/snort3 from ~MASHASAN/snort3:cloud_lookup_retry to master
Squashed commit of the following:
commit
3b07962e785332f7426f06d65bbb8a780ad3aeeb
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Mar 11 14:52:05 2019 -0400
time: Adding timersub_ms function to return timersub in milliseconds
Mike Stepanek (mstepane) [Tue, 12 Mar 2019 17:07:33 +0000 (13:07 -0400)]
Merge pull request #1536 in SNORT/snort3 from ~SMINUT/snort3:snort2lua_max_sessions to master
Squashed commit of the following:
commit
1209c74f20a4b0356b1a6f5e972c437716a5ed2d
Author: Silviu Minut <sminut@cisco.com>
Date: Tue Mar 5 10:17:39 2019 -0500
snort2lua: do not translate max_sessions from snort.conf to snort.lua.
snort2lua: introduce command line option -l to suppress conversion of max_tcp, max_udp, max_icmp and max_ip to max_sessions.
stream: log StreamBase::config in StreamBase::show().
snort2lua: do generate the tcp_cache instance even when we don't convert tcp_max to max_sessions.
Mike Stepanek (mstepane) [Tue, 12 Mar 2019 16:37:43 +0000 (12:37 -0400)]
Merge pull request #1541 in SNORT/snort3 from ~SHRARANG/snort3:session_stash to master
Squashed commit of the following:
commit
2d5082c967e200a4e0199e40813d5a4a1844438a
Author: Shravan Rangaraju <shrarang@cisco.com>
Date: Mon Mar 11 11:11:21 2019 -0400
flow: support for flow stash - allows storage of integers and strings
Russ Combs (rucombs) [Tue, 12 Mar 2019 13:26:47 +0000 (09:26 -0400)]
Merge pull request #1543 in SNORT/snort3 from ~RUCOMBS/snort3:udp_clear to master
Squashed commit of the following:
commit
76dbdbba197517b1cc39f2cb5eb76b4782a48aa7
Author: russ <rucombs@cisco.com>
Date: Mon Mar 11 21:34:38 2019 -0400
stream_udp: ensure all flows are cleared fully
Russ Combs (rucombs) [Sun, 10 Mar 2019 22:26:02 +0000 (18:26 -0400)]
Merge pull request #1540 in SNORT/snort3 from ~RUCOMBS/snort3:fixups to master
Squashed commit of the following:
commit
9dfe7aef3ff54dac76c31b0d37d5ee73620a6bd8
Author: russ <rucombs@cisco.com>
Date: Sun Mar 10 18:30:23 2019 -0400
memory: beware the perf_monitor, for she stealeth your numbers
commit
7f761152dbe6372064cc82b0281e5b3f0b1f7a33
Author: russ <rucombs@cisco.com>
Date: Sun Mar 10 18:29:50 2019 -0400
http_inspect: patch around buffer ownership confusion
commit
477697e8a464eaee0749780d283c2d0057561341
Author: russ <rucombs@cisco.com>
Date: Sun Mar 10 18:29:19 2019 -0400
build: fix constness warnings
commit
95a5d10e1455fda40b6f297946d648b935a1d20a
Author: russ <rucombs@cisco.com>
Date: Sun Mar 10 18:28:52 2019 -0400
build: fix always true warning
Russ Combs (rucombs) [Sun, 10 Mar 2019 00:47:51 +0000 (19:47 -0500)]
Merge pull request #1539 in SNORT/snort3 from ~RUCOMBS/snort3:memory_misery to master
Squashed commit of the following:
commit
29f8a2c133f0aa5726c2d7a53f164bc840c069a5
Author: russ <rucombs@cisco.com>
Date: Sat Mar 9 19:45:19 2019 -0500
build: fix override warning
commit
322dac9242dc6b1a0c1c1cfd0289899fdca9e158
Author: russ <rucombs@cisco.com>
Date: Sat Mar 9 12:52:28 2019 -0500
memory: add configurable L3/L4 specific weights for better estimation against cap
commit
30826c6c6d425a24aedd49d7b1375580a449b027
Author: russ <rucombs@cisco.com>
Date: Fri Mar 8 21:26:05 2019 -0500
stream_tcp: patch around premature application of delayed actions that yoink the seglist
commit
a6b3a0f313ad2f6911cc0167cca0e0179aedba4f
Author: russ <rucombs@cisco.com>
Date: Thu Mar 7 03:37:08 2019 -0500
stream: purge remaining flows before shutdown counts
commit
a22cb207099c52b9bb0b3af7c2b2c45798f15213
Author: russ <rucombs@cisco.com>
Date: Thu Mar 7 03:12:09 2019 -0500
stream_tcp: implement reserve seglist
commit
fcad14fd2875f9b5f3c6c792882617529dea67f3
Author: russ <rucombs@cisco.com>
Date: Thu Mar 7 01:53:07 2019 -0500
stream_tcp: consolidate segment node and data
commit
38d2075e51809c564057dde52b9ea47913b29f9d
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 16:28:26 2019 -0500
memory: require subclass implementation of FlowData::size_of()
commit
5cd42d4fa5a3f30d1e2f1a0008134403998e8779
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 16:05:38 2019 -0500
memory: add size_of to various FlowData subclasses
commit
3b82fc157d789d993eb8d7d1c77c05898956da6c
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 16:04:45 2019 -0500
memory: apply fudge factor to tracking to better align with RSS
commit
2deb67a92ddc1f8143d3e3768d74f3d99f7ba137
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 18:44:56 2019 -0500
stream_tcp: fixup allocation tracking for overlapped segmenets
commit
a9539d086d3956f2346b2bb04137b71b427464c6
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 13:17:42 2019 -0500
memory: track session allocations
commit
e18575a5e608ea598b41175f10923b1061ea65ad
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 10:53:10 2019 -0500
memory: basic flow pruning
commit
5da1c556989cd267c2718a4068b0e12edb7aea20
Author: russ <rucombs@cisco.com>
Date: Wed Mar 6 10:52:38 2019 -0500
memory: refactor stats
commit
e6bfcd81fe52f018148b7c53ca3ce0520eadf532
Author: russ <rucombs@cisco.com>
Date: Tue Mar 5 20:04:48 2019 -0500
memory: basic flow data allocation tracking
commit
77f6ae93f8c5eb8f19df3b9d17736bb2655dcebc
Author: russ <rucombs@cisco.com>
Date: Tue Mar 5 10:20:02 2019 -0500
Revert "Merge pull request #1524 in SNORT/snort3 from ~PSHINDE2/snort3:memory_tracker_simplified to master"
This reverts commit
0bb8323f6aae61501aaaaa6a9e904448ddf35ceb .
Done to restore tracking of total allocations.
Will fix differently.
commit
feb9b3707d1fc8c9b13fe236eb55433944704c7c
Author: russ <rucombs@cisco.com>
Date: Tue Mar 5 10:19:04 2019 -0500
memory: initial preemptive pruning based on flow data
commit
118e0b21c8d2f4bc42d287bba7867d0ede1e728e
Author: russ <rucombs@cisco.com>
Date: Mon Mar 4 18:01:42 2019 -0500
memory: remove overloading manager to make way for new implementation
Mike Stepanek (mstepane) [Thu, 7 Mar 2019 16:10:21 +0000 (11:10 -0500)]
Merge pull request #1534 in SNORT/snort3 from ~SMINUT/snort3:appid_service_cache to master
Squashed commit of the following:
commit
534af2b020c63e959f728167b5a984b00029de03
Author: Silviu Minut <sminut@cisco.com>
Date: Mon Mar 4 16:55:38 2019 -0500
appid: fix AppIdServiceStateKey::operator<().
appid: replace the custom AppIdServiceCacheKey::operator< with memcmp in both service_state.h and host_port_app_cache.cc.
appid: get rid of the map::find() in MapList::add(), just try to emplace directly.
appid: pass HostPortKey by reference in HostPortKey::operator<().
appid: add unit test to make sure the AppIdServiceStateKey::operator<() is OK and modify existing service cache memcap test to alternate ipv4 and ipv6 addresses.
sfip: add a FIXIT for checking that the current implementation of _is_lesser(), which only compares same-family ips is OK.
projects / thirdparty / snort3.git / log
