git.ipfire.org Git - thirdparty/snort3.git/log

Merge pull request #1168 in SNORT/snort3 from email1 to master

Squashed commit of the following:

commit ffcfd89514fbc2d2bddfec4a4777829bcc1ef790
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Mar 15 17:33:35 2018 -0400

pop, imap, and smtp: changes to MIME configuration parameters

Merge pull request #1176 in SNORT/snort3 from nhttp100 to master

Squashed commit of the following:

commit c8d2432a201502c7c477b3106ce617a0a5d2f4c3
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Apr 3 13:58:03 2018 -0400

http_inspect: know more Content-Encodings by name

Merge pull request #1154 in SNORT/snort3 from ftp_file_malware to master

Squashed commit of the following:

commit 4bbf6bee5c063d0747721f3af9da651814749d08
Author: Steve Chew <stechew@cisco.com>
Date:   Wed Mar 28 13:14:08 2018 -0400

    Added accessors to Stream so TcpStreamSession can be private.

commit 5efb3d5a8684fd0060062205a35c82a9c86dbde5
Author: Steve Chew <stechew@cisco.com>
Date:   Tue Mar 27 18:53:55 2018 -0400

    Added Flow::set_service and fixed FtpDataFlowData::handled_expected.

commit abd6f5bf2090b128d7fc2d1545971dcb721dca1c
Author: Steve Chew <stechew@cisco.com>
Date:   Mon Mar 26 16:30:49 2018 -0400

    Provide FLOW_SERVICE_CHANGE pub/sub event.

commit 41440f6c32995de40700f89ada68b6e6ea2b22e0
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Mar 22 13:34:25 2018 -0400

    FtpDataSplitter: Added ability get TCP options length from TcpStreamSession.

commit beb656a5266ff7603a218aef177f78c5ffffb7fa
Author: Steve Chew <stechew@cisco.com>
Date:   Wed Mar 21 17:25:10 2018 -0400

    FtpDataSplitter: Base last_seg_size off of MSS.

Merge pull request #1173 in SNORT/snort3 from goodbye_sfbpf to master

Squashed commit of the following:

commit 2035f870bb488b62736f1ebfde1121f018baff81
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 2 12:38:48 2018 -0400

    packet_tracer: Fix compiler warning when compiling with NDEBUG

commit ddb9bc841c1bad6106f2df43f164703b832528aa
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 2 12:35:57 2018 -0400

    daq_hext: Make IpAddr() static to fix compiler warning

commit 2186276c5ceff4fc7011f70b232ee60cfb8762f9
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 2 12:21:24 2018 -0400

    file_connector: Fix address-of-packed-member compiler warnings

commit 74b692aa80c0d15f9344a2424eb7ff4da25be9bc
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 2 11:54:04 2018 -0400

    build: Clean up CMake string APPENDing for configure options

commit 2fde019218be0b10182a7c1815a5d0e8f91a46b2
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Apr 2 11:25:30 2018 -0400

    build: Define NDEBUG if debugging is not enabled

commit b21625c8676af54d47bf4033c551b5ebb5d7d557
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Mar 11 20:14:04 2018 -0400

    packet_capture, cmake: Remove SFBPF dependencies

commit 8e7e552aba8f6584ab8836eed38b4bccd9e11167
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Mar 11 20:12:20 2018 -0400

    cmake: Rework FindPCAP logic and ignore SFBPF

Merge pull request #1172 in SNORT/snort3 from nhttp99 to master

Squashed commit of the following:

commit c368a000d0bc4b4844c9b4716675d00dee49bd77
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Mar 30 15:12:07 2018 -0400

http_inspect: bugfix and new alert for gzip underrun

Merge pull request #1171 in SNORT/snort3 from byte_ops to master

Squashed commit of the following:

commit 1a3f22486d2e1d4c1fad38cab4b0fdbf3f785248
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Wed Mar 28 19:43:03 2018 -0400

    byte_math: allow rvalue == 0 except for division

commit 9767e7c269510c7be9bd57a1c87fecdbbc7a8cda
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Wed Mar 28 19:42:34 2018 -0400

    byte_jump: fix from_beginning

commit 355e31af2644bc060a2b4734e7138f5a61f8c704
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Wed Mar 28 19:42:03 2018 -0400

    byte_extract: fix cursor update

Merge pull request #1170 in SNORT/snort3 from debug_network_inspectors to master

Squashed commit of the following:

commit 3ef1153be9fa332495bdb63df8146b2a77d77dc0
Author: Nihal Desai <nihdesai@cisco.com>
Date: Thu Mar 29 12:46:00 2018 -0400

Removing debug messages from reputation

Merge pull request #1167 in SNORT/snort3 from daq_pegs_2 to master

Squashed commit of the following:

commit 8cb952da7685672423ebd4744b5a7a49e6d10706
Author: Carter Waxman <cwaxman@cisco.com>
Date: Tue Mar 27 10:35:41 2018 -0400

SFDAQModule: moved daq stats here. fixed stats not being output from perfmon.

Merge pull request #1162 in SNORT/snort3 from osx_compatible_sfip to master

Squashed commit of the following:

commit f4beb63e9c398bde7cff48899db6522e6457deea
Author: Masud Hasan <mashasan@cisco.com>
Date: Fri Mar 23 21:28:03 2018 -0400

appid: Refactor debug command, use SfIp, and fix non-Linux compilation

Merge pull request #1169 in SNORT/snort3 from memrchr to master

Squashed commit of the following:

commit 10832f0a0ead6f9ca20012ece2322bc8f6087905
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Mar 28 14:10:39 2018 -0400

cmake: fixed checks for functions

Merge pull request #1166 in SNORT/snort3 from thread_local_move to master

Squashed commit of the following:

commit 4c20483a6cdab22db78fcca39f7778edbeef9f70
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Tue Mar 27 00:01:10 2018 -0400

detect: moving thread locals identified to ips context

Merge pull request #1144 in SNORT/snort3 from metapacket to master

Squashed commit of the following:

commit e6660bd853546dd1de7a708a9bc84f2bf922765d
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Tue Mar 27 16:29:28 2018 -0400

    fix

commit 2dc5713408cb250ba89e74298e99437063b1509d
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Fri Mar 16 14:44:14 2018 -0400

    sfip: A version of set() which automatically determines the family

commit 2386b17110b3ae536cde1f9481414510a3e7173d
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Tue Mar 13 15:59:27 2018 -0400

    flow: SO_PUBLIC FlowKey

Merge pull request #1152 in SNORT/snort3 from thread_locals to master

Squashed commit of the following:

commit 6fd127316644edddab9f03949a49a0e88ecde837
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Mar 19 14:26:22 2018 -0400

    sfip: removed ntoa. use ntop(SfIpString) instead.

commit bd42f67b12a43aea0793c75c4ac0ee38b36fb33a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Mar 19 13:18:12 2018 -0400

    stream ip: refactored to use MemoryManager allocators

commit 818c7a25505ae6e151790db3e76027252cb854e0
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 16 14:06:08 2018 -0400

    jsnorm: moved decode buffer to stack

commit 7c91b75afa0ab2a95791c93b0e3e59a55b332f04
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Mar 20 15:53:32 2018 -0400

    Buffer: fixed off-by-one error in underlying buffer handling

commit dc54e219cc30033dac1cb93915508a7a945695e2
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 16 13:14:29 2018 -0400

    PacketManager: moved encode storage to heap

commit 7604a81d30a022ff3b50f4116fddd38246057f54
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 16 12:57:37 2018 -0400

    CodecManager: removed unused code

commit 18b6d223d5bba03483b5ea02563328b784990009
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 16 12:47:50 2018 -0400

    Snort: moved s_data to heap

commit c04fd730a33ed86cd68e4a1e2739157d5eaf73a0
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 16 09:48:26 2018 -0400

    appid sip: moved pattern thread local to class instance

commit 46c886725f8b69cfeb36c9b5580970dfbeabc703
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Mar 15 14:47:22 2018 -0400

    Base64DecodeOption: moved buffer storage to regular heap

Merge pull request #1161 in SNORT/snort3 from nhttp98 to master

Squashed commit of the following:

commit 8327dad829a8c31f1c61c319480fb4498cd54c10
Author: Tom Peters <thopeter@cisco.com>
Date: Fri Mar 23 16:11:55 2018 -0400

http_inspect: embedded white space in Content-Length

Merge pull request #1164 in SNORT/snort3 from dbg_cleanup2 to master

Squashed commit of the following:

commit e256a082394c1977bb24f33d843c5993539efb44
Author: snorty <mdagon@cisco.com>
Date: Tue Mar 20 10:38:42 2018 -0400

service inspectors: debug cleanup

Merge pull request #1157 in SNORT/snort3 from stream_tcp_bad_ack to master

Squashed commit of the following:

commit 2265c3ef6dca3e1cc6584effb29dae447d7f41d0
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Mar 22 14:30:59 2018 -0400

tcp: allow data handlding for packet with invalid ack

Merge pull request #1163 in SNORT/snort3 from tidy_catch to master

Squashed commit of the following:

commit e17dedf666af4553655d0d08dc83ef679b6f3f1c
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Mar 26 00:07:00 2018 -0400

    build: Clean up HAVE_* definition checks

commit aa8ee8f3c9aa4ed7736bad8692d5ac5767073326
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Mar 25 14:22:18 2018 -0400

    build: Modernize code with =default for special member functions

    Generated automatically with run-clang-tidy.py -header-filter=$(realpath ..)
    -checks='-*,modernize-use-equals-default' -fix.

commit 8efb3c0b04500b685b02d950ef26b69420794ab2
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Mar 25 14:17:23 2018 -0400

    build: Modernize code with virtual/override/final cleanups

    Generated automatically with run-clang-tidy.py -header-filter=$(realpath ..)
    -checks='-*,modernize-use-override' -fix.

commit adc85e1b6040f9d22fb230270de172420084487b
Author: Michael Altizer <mialtize@cisco.com>
Date:   Sun Mar 25 14:14:24 2018 -0400

    catch: Update to Catch v2.2.1

Merge pull request #1160 in SNORT/snort3 from active_response to master

Squashed commit of the following:

commit 5b5c6a1211f482e2b2db490e1a88e937be1a9240
Author: huica <huica@cisco.com>
Date: Fri Mar 23 16:38:06 2018 -0400

Disable the check for max_response

Merge pull request #1158 in SNORT/snort3 from const_cast to master

Squashed commit of the following:

commit 14b0e97fa6060bf9dd88db1f3e10aa59aeea4523
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Mar 23 10:25:16 2018 -0400

build: fix various drops const qualifier cases

Merge pull request #1151 in SNORT/snort3 from appid_debug_command to master

Squashed commit of the following:

commit 94ab5291fa5240c58116e0614e826204ee78bb88
Author: Masud Hasan <mashasan@cisco.com>
Date:   Fri Mar 16 11:17:58 2018 -0400

    appid: Refactor debug command

commit ae917cc0c9194d3b538c008017bbfa6f1bcb30b7
Author: Mike Stepanek <mstepane@cisco.com>
Date:   Wed Mar 7 16:28:41 2018 -0500

    appid: Add AppID debug command

Fixing fast_pattern syntax in doc/differences.txt (#43)

Note that fast_pattern_offset and/or fast_pattern_length imply fast_pattern.

Allow use of ARM64 CNTVCT_EL0 register for timing (#46)

snort supports the use of rdtsc to get fast, accurate-enough timing on
x86 platforms. The CNTVCT_EL0 register on ARM64 provides a usable
equivalent to userspace code on that platform. It's not the actual
processor clock rate but can vary in accuracy from 1-50Mhz. Its use
gives a ~10% performance improvement on an A53 based platform.

Merge pull request #1156 in SNORT/snort3 from active_reset to master

Squashed commit of the following:

commit 65428423fd6ccd4a67493276437fb780b4f3c55f
Author: huica <huica@cisco.com>
Date:   Thu Mar 22 13:04:15 2018 -0400

    Add reject action when active responses is enabled

commit ac060b64caec2597930f7197b8a39a59f24d4151
Author: huica <huica@cisco.com>
Date:   Thu Mar 22 10:58:40 2018 -0400

    Enable active when max_responses is enabled

Merge pull request #1147 in SNORT/snort3 from dbg_cleanup to master

Squashed commit of the following:

commit e21086ce7aef8b7324ca12cc32aea20a94b60b59
Author: snorty <mdagon@cisco.com>
Date:   Mon Mar 19 11:15:09 2018 -0400

    Debug messages: cleanup for service inspectors.
    Removal of Debug messages from imap, pop, ssl, rpc_decode and dce_tcp.
    Conversion to trace for some of the dce_smb and dce_udp debugs.
    New traces for detection, stream.

Merge pull request #1153 in SNORT/snort3 from ubsan to master

Squashed commit of the following:

commit 1c7cfc051275c991b96878fdfde0b8851be789eb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 18:16:47 2018 -0400

    ips_byte_math: Fix UBSAN left shift of negative value runtime error

commit 849a83586f85a85c8192e7e48aac07cf09e330b5
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 18:16:26 2018 -0400

    ips_byte_jump: Fix UBSAN left shift of negative value runtime error

commit 51f5501044cd978079c4e41d45cce5e522e3063e
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 17:49:14 2018 -0400

    hashfcn: Fix UBSAN left shift of negative value runtime error

commit a5cbf457bcdfcdbb532bc36aa353c6baea8241bb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 17:07:20 2018 -0400

    parameter: Fix UBSAN shift exponent is too large for 32-bit type runtime error

commit 015abe650696b0be1e18a429e62efc096d228976
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 16:49:10 2018 -0400

    binder: Fix UBSAN invalid value type runtime error

commit e80d3ffca94a8b508a4e608bc2d90df7a18258cb
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 16:34:34 2018 -0400

    wizard: Fix UBSAN out-of-bounds access runtime error

commit 540a3cd4973db76f08e12e316727ea2d63d71aad
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 16:33:35 2018 -0400

    hashfcn: Fix UBSAN integer overflow runtime error

commit 470dc447d63533a784dbfa85e64a39227faffaba
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 19:22:16 2018 -0400

    extra: Port some CMake options from Snort prime

commit 2dbd95924b68d78104302ec6b62d8ee3e0178760
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Mar 20 15:13:50 2018 -0400

    build: Add --enable-ub-sanitizer option for undefined behavior sanitizer

Merge pull request #1139 in SNORT/snort3 from thread_local_ipv4 to master

Squashed commit of the following:

commit a5b3cee7caa0d4ff30db8f68c0bca4d959ee2dd4
Author: Carter Waxman <cwaxman@cisco.com>
Date: Thu Mar 15 13:10:40 2018 -0400

Ipv4Codec: removed random ip id pool and replaced randoms on demand

Merge pull request #1150 in SNORT/snort3 from bashisms to master

Squashed commit of the following:

commit d6c0de7817c1fcded62d9edeb3843a6050fe0068
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Mar 12 13:33:31 2018 -0400

    build: Add some header includes for FreeBSD

commit 6e04230b31d4a8ab6c79c2e8db24c02a6dbb72c8
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Mar 19 21:18:12 2018 -0400

    build: Remove bashisms from most shell scripts

Merge pull request #1149 in SNORT/snort3 from smtp_pending to master

Squashed commit of the following:

commit 64ee34a53ba68281c11c6728fa5ba15160080610
Author: Michael Altizer (mialtize) <mialtize@cisco.com>
Date: Tue Mar 13 18:30:44 2018 -0400

file_api: combine file cache for file resume and partial file processing

Merge pull request #1138 in SNORT/snort3 from offload_crash to master

Squashed commit of the following:

commit 391fafa2b7a5e3678d582bea4223d887ba96f4e8
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Mar 14 15:27:42 2018 -0400

detection: fixed uninitialized MpseStash

Merge pull request #1148 in SNORT/snort3 from data_bus_leak to master

Squashed commit of the following:

commit 52d96033fbb424ba968de16a4628f5974d4d5d73
Author: Carter Waxman <cwaxman@cisco.com>
Date: Mon Mar 19 15:09:18 2018 -0400

DataBus: fixed creating DataHandler when one doesn't exist

Merge pull request #1146 in SNORT/snort3 from appid_pegcounts_gone_wild to master

Squashed commit of the following:

commit 177c974fc84fbd32e4119767cdb62400fc6c46ba
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Mar 19 11:26:38 2018 -0400

appid: Only import dynamic detector pegcounts once

Merge pull request #1145 in SNORT/snort3 from nhttp97 to master

Squashed commit of the following:

commit 65e2d678acbf482c66abb5e869a40478c9696c33
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Mar 12 17:32:30 2018 -0400

http_inspect: handling of run-to-connection-close bodies beyond depth

Merge pull request #1140 in SNORT/snort3 from proto_ref2 to master

Squashed commit of the following:

commit eac8b70f9a764d9834c66603f0ea818284c531eb
Author: Steve Chew <stechew@cisco.com>
Date: Thu Mar 15 14:17:33 2018 -0400

ProtoRef: Converge on single name for SnortProtocolId. Fix threading problems.

Merge pull request #1137 in SNORT/snort3 from flow_ip_dbus to master

Squashed commit of the following:

commit b5e1c30b818ac76d56f7242cb908d844b33d3feb
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Mar 14 13:21:00 2018 -0400

PerfMonitor: fixed subscribing to flow events multiple times

Squashed commit of the following:

commit e0280a2f1db56d28b522ec82309d43636eb1ff46
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Mar 15 19:19:15 2018 -0400

build: 244

Merge pull request #1131 in SNORT/snort3 from perf_files to master

Squashed commit of the following:

commit e6f3785c7af8aa67856fce0c9618165352fbda01
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Mar 13 10:26:08 2018 -0400

    PluginManager: enforce all IT_PROBE Inspectors present GLOBAL Modules

commit e7470a81c44ecb506f8cb89cc77a72e95d3b65ba
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Mar 13 09:50:15 2018 -0400

    ModuleManager: globals only load on default policy

commit 50edf8306b1127f1ff150ee9fb699ddbe65a4b6a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Mar 9 08:24:31 2018 -0500

    DataBus: added ability to unsubscribe to prevent dangling references

commit d60232178001c911176ed0272181f80a913bbe62
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Mar 8 12:05:21 2018 -0500

    perf_monitor: fixed flow_ip outputting erroneous values

commit e003750bf325ed99a6b1186b839f1f40e569d21c
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 19 16:08:54 2018 -0500

    InspectorManager: probes run regardless of active policy

commit 3749d1380583fb2d3b475b76c741fd63bb28f061
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 19 15:30:12 2018 -0500

    perf_monitor: query modules for stats only after they have all loaded

commit dddb7fdd814513d4f195f501d6cff2f6b6dd6760
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Feb 14 16:17:08 2018 -0500

    perf_monitor: decoupled from other modules. now builds dynamically.

Merge pull request #1136 in SNORT/snort3 from union_break to master

Squashed commit of the following:

commit 672c117af90d935d65248f2b648b8d955afbc885
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Mar 13 17:49:01 2018 -0400

libtcp: build error fix

Merge pull request #1110 in SNORT/snort3 from packet_trace to master

Squashed commit of the following:

commit 63889018db28b62c15e7376e4f278e3275d59fa4
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Mar 13 16:15:16 2018 -0400

    PacketTracer: added to the snort namespace

commit d0d916320e7b59b09ff3c776fb2347ccd4ba9995
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Mar 8 14:33:41 2018 -0500

    packet trace: made verdict reasons registerable

commit dc5d48340c610b40e7ab8f9194b84d05ec5a9a8a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Feb 13 16:27:13 2018 -0500

    packet tracer: added ability to direct logging to file

commit b8ae23501922734b0d54a87cde0488165ed7e98a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Feb 13 11:09:11 2018 -0500

    packet tracer: fixed function visibility in dynamic modules

commit e4314fc0f8e7f2d5736da7d1c942d86df8063e09
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 12 17:28:25 2018 -0500

    appid: added mute to packet trace

commit df249f0c5650fb138fd9f764f81beafe03160b79
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 12 17:19:26 2018 -0500

    packet tracer: unit tested verbosity

commit c23843038f4c92f066ffc16b56f4f57895f68e4e
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 12 16:41:28 2018 -0500

    sfdaq, packet tracer: implemented verdict reason delivery

commit 82e78ff2b189a3463282b7441766c71c7317f9b1
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 5 15:39:17 2018 -0500

    packet tracer: refactored for clarity and simpler use. added pause/unpause.

commit 4049ab28c459b1a9f43eddad2227e806832b5c0b
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 5 14:42:42 2018 -0500

    packet tracer: refactored unit tests to keep config.h dependencies out of headers

commit 98f2b9e9d3e1488c8c07b75b9838bd18e626e309
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Mon Feb 5 13:04:48 2018 -0500

    packet tracer: removed unnecessary macro. write logs via LogMessage instead of printf.

commit 4ec381cfaa1f537e413a0a07d74b570cdaaa20bc
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Feb 2 12:20:59 2018 -0500

    packet tracer: added mute groups to prevent spamming

commit 3a64876c904c04febbfc2eaa614a582d500b8d40
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Feb 1 14:49:07 2018 -0500

    packet tracer: refactored for better integration with external plugins

commit 6e9ee483a6f99dc8d00520aabe481f52074c1dff
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Fri Feb 2 13:14:19 2018 -0500

    packet tracer: fixed CMakeLists.txt not installing header

Merge pull request #1133 in SNORT/snort3 from snort_namespace to master

Squashed commit of the following:

commit 4ec0021598a62a6aa193ea9d1d7159e62a5123a6
Author: davis mcpherson <davmcphe.cisco.com>
Date: Mon Mar 5 14:53:32 2018 -0500

snort: wrap snort SO_PUBLIC APIs (classes, functions exported public from snort) in the 'snort' namespace

Merge pull request #1130 in SNORT/snort3 from post_offset_var to master

Squashed commit of the following:

commit b42ac1bc7c328de387da92b93889613156ad988f
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Mar 6 13:03:15 2018 -0500

byte_jump: updated byte_jump post_offset option to support variable

Merge pull request #1135 in SNORT/snort3 from doc_fix_link to master

Squashed commit of the following:

commit dc396e2d1bf0d175a1c9babf61e2fa9022d5652d
Author: snorty <mdagon@cisco.com>
Date: Mon Mar 12 22:06:00 2018 -0400

doc: update ftp time format link

Merge pull request #1132 in SNORT/snort3 from reload_hosts_fix to master

Squashed commit of the following:

commit 16f4f9ca6b73b5bee41ff8700001c4bece5ec880
Author: Bhagya Tholpady <bbantwal@cisco.com>
Date: Wed Mar 7 13:43:16 2018 -0500

main: reload hosts while reloading config

Merge pull request #1121 in SNORT/snort3 from metapacket to master

Squashed commit of the following:

commit 17ed457318ec49f4651facab5fe1e011e4cb2537
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Wed Mar 7 17:07:55 2018 -0500

    build: Address compiler warnings, spell check and static analyzer
    issues.

commit bd12628fa806d57c47808c0f0881072124c7ede8
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Tue Mar 6 15:58:03 2018 -0500

    snort: allow colon separated directories for --daq-dir

commit eebe151789c381d8628d3fa409cd1752fbee3715
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Fri Feb 23 09:08:24 2018 -0500

    DataBus: Pump DAQ Meta Packets through DataBus
    daqs: Hext DAQ can generate Start of Flow and End of Flow meta events.
    loggers: Update Hext Logger to subscribe and log DAQ Meta Packets

Merge pull request #1129 in SNORT/snort3 from goodbye_autotools to master

Squashed commit of the following:

commit 82659ae2d7864dda3cb124ad16f3fbc6e23fb069
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 8 20:34:20 2018 -0500

    build: Fix few const-related compiler warnings

commit 9e6059c85793c13d4127cf1a9a2d26c0cecabd5d
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 8 18:18:53 2018 -0500

    build: Extirpate autotools usage

commit a5d3096b0ffa828a749ca55ca6245357e71fc923
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 8 17:25:43 2018 -0500

    doc: Fix including config_changes.txt when ruby is not present

Merge pull request #1126 in SNORT/snort3 from doc_ftp_telnet to master

Squashed commit of the following:

commit 167988558ab1b3dd5da4fbfb4439b819194a9779
Author: snorty <mdagon@cisco.com>
Date: Thu Mar 1 16:41:03 2018 -0500

Doc: add documentation for ftp telnet

Merge pull request #1127 in SNORT/snort3 from cmake to master

Squashed commit of the following:

commit c508ba610a5c649f9316d89441a4df464f56ca99
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 8 14:25:25 2018 -0500

    build: Remove obsolete forced symbol inclusion logic

commit 17dfa88eb02e3838b5a106d0133cac0ff82e3199
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 1 14:13:37 2018 -0500

    cmake: First pass at revamping CMake build system

commit b63bb80600ef2ccbfbd20784219aa1b9adfa26f6
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 8 10:33:14 2018 -0500

    memory: Override C++14 delete operators as well

commit 896296632a043b112d731b97ab7b8a763ec5fc3f
Author: Michael Altizer <mialtize@cisco.com>
Date:   Wed Mar 7 12:28:58 2018 -0500

    extra: Fix const cast compiler warnings

commit a2c65aefc52007d04902b5fe6e17a49247f7c64e
Author: Jonathan McDowell <j.mcdowell@titan-ic.com>
Date:   Tue Feb 27 18:03:16 2018 +0000

    Update CMake config to use GNUInstallDirs and match automake

    There is a disparity between the automake + CMake build systems in
    terms of install directories which are used, causing problems when
    building for distributions like Debian with multiarch'd library
    directories. Include the GNUInstallDirs module in the CMake config
    and update install paths as appropriate to correct this.

commit dcaea24c8a7f4a9b8d80d83812218439a3745f84
Author: Michael Altizer <mialtize@cisco.com>
Date:   Thu Mar 1 14:29:35 2018 -0500

    file_api: Fix compiler warning about not overriding destructor in FilePolicy

Merge pull request #1128 in SNORT/snort3 from nhttp97 to master

Squashed commit of the following:

commit 295c1ac54f224cfa3b9bfe42469ff04c7dace68a
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Mar 8 10:44:11 2018 -0500

http_inspect: bug fix to empty reassemble()

Merge pull request #1124 in SNORT/snort3 from doc_http2 to master

Squashed commit of the following:

commit 1a0b7f8ae9abfa40457c821ebc05921c83f91b47
Author: Tom Peters <thopeter@cisco.com>
Date: Mon Mar 5 11:55:14 2018 -0500

Manual updates for HTTP/2

Merge pull request #1123 in SNORT/snort3 from nhttp95 to master

Squashed commit of the following:

commit 83b52927abd49f59d40d54966f789960fb7b4ec1
Author: Tom Peters <thopeter@cisco.com>
Date: Sat Mar 3 13:08:08 2018 -0500

http_inspect: white space before chunk length

Merge pull request #1120 in SNORT/snort3 from http2 to master

Squashed commit of the following:

commit a832c050c010f1f2ab728751a4779cc231c72137
Author: Tom Peters <thopeter@cisco.com>
Date: Thu Jan 25 11:46:22 2018 -0500

http2_inspect: initial prototype

Merge pull request #1119 in SNORT/snort3 from appid_http_ut to master

Squashed commit of the following:

commit 90db53493af707c95856912e46f0e7a31494dd7f
Author: Masud Hasan <mashasan@cisco.com>
Date: Mon Feb 26 01:09:12 2018 -0500

appid: unit-tests for http detector plugins

Merge pull request #1115 in SNORT/snort3 from ftp_malware2 to master

Squashed commit of the following:

commit 0c1bdd2dc928df0777623a93027cf12fb4c3d84b
Author: Steve Chew <stechew@cisco.com>
Date: Mon Feb 19 11:44:10 2018 -0500

FtpInspector: Do not set flush flag after two packets.

Merge pull request #1118 in SNORT/snort3 from file_instance to master

Squashed commit of the following:

commit 26550d4f1bc7f35fdf153cd46a9466820c7620c7
Author: huica <huica@cisco.com>
Date: Wed Feb 21 14:39:57 2018 -0500

File api: make sure file instance is unique accross sessions

Merge pull request #1113 in SNORT/snort3 from policy_header_fixit to master

Squashed commit of the following:

commit 90066d0aa44d28a111024f7a7af11d6cc800e2c9
Author: Deepak Ramadass <deramada@cisco.com>
Date: Sun Feb 18 18:30:10 2018 -0500

policy: refactored public methods

Merge pull request #1109 in SNORT/snort3 from action_header_fix to master

Squashed commit of the following:

commit d36f4b59bdbffd7dc89ec484f9dc95400f6edb07
Author: Micheal Okutubo <mokutubo@cisco.com>
Date:   Tue Feb 13 13:51:37 2018 -0500

    actions: refactor actions.h into a class with static methods

    actions: remove redundant identifiers and macros

    actions: change redundant identifiers

    actions: refactor actions.h into a class

Merge pull request #1116 in SNORT/snort3 from freebsd_compile_fix to master

Squashed commit of the following:

commit f61009bb723e3db85985f1042faa55105a8bbb9c
Author: shaslad <shaslad@cisco.com>
Date: Tue Feb 20 12:10:34 2018 -0500

Fixing compilation issue on FreeBSD with Extra

Fix snort2lua linking (#38)

Add STATIC to all add_library calls of snort2lua libraries to build them
statically otherwise link will fail (Makefile.am already builds only the
static version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Merge pull request #1114 in SNORT/snort3 from appid_api_ut_segfault_fix to master

Squashed commit of the following:

commit ea830078554788661ca56621885664cf9921226f
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Feb 19 11:44:19 2018 -0500

appid: refactor netbios name handling to maintain ownership of the name string with the AppIdSession object

Merge pull request #1112 in SNORT/snort3 from so_rules to master

Squashed commit of the following:

commit 2dd79a720e7d9bc1fa3b891fec68b217a8d30df6
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date: Sat Feb 17 21:54:59 2018 -0500

snort: --rule-to-text [<delim>] raw string output

Merge pull request #1105 in SNORT/snort3 from appid_navl_prep to master

Squashed commit of the following:

commit 80e237d5b9feffc5dfe30cf4ddfce218d2c05905
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Wed Sep 13 16:14:53 2017 -0400

    appid: refactor to pass AppIdSession objects around as a reference instead of a pointer
    appid: refactor to use std::string for member vars for http elements in AppIdHttpSession
    appid: refactor appid_api to move dns api calls to a new AppId DNS session object
    appid: refactor appid_api to use Flow object instead of AppIdSession object on the api methods
    appid: refactor third party appid components to get them to compile and work with latest appid classes and apis

Merge pull request #1107 in SNORT/snort3 from ftp_expected3 to master

Squashed commit of the following:

commit 76d550728ee51f8a5eff2121811024143175b43d
Author: Steve Chew <stechew@cisco.com>
Date: Fri Feb 9 16:44:41 2018 -0500

ExpectFlow::get_expect_flows(): Return ptr to packet_expect_flows since it may be nullptr if we do not initialize stream. Caller must check for nullptr.

Merge pull request #1106 in SNORT/snort3 from 2018 to master

Squashed commit of the following:

commit fb589a8e3289fa64ee274234d0fd06b654c01940
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Feb 12 13:29:28 2018 -0500

    build 243

commit 572c45a9ba8442686cccdc47dab4ba9593a180df
Author: Russ Combs <rucombs@cisco.com>
Date:   Mon Feb 12 13:16:46 2018 -0500

    rules: fix path variable expansion

commit f5ed5b8dbd5d688490eb61420beb2d36dd860f6a
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Feb 11 08:00:56 2018 -0500

    doc: update default manuals

commit 9b0a0d075018f1061302fc6bf7259c42ea60ade7
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Feb 11 07:56:40 2018 -0500

    copyright: update year to 2018

commit e87ddd2df2b2a3e49e8d25aefb4fbe40eae19422
Author: Russ Combs <rucombs@cisco.com>
Date:   Sun Feb 11 07:49:24 2018 -0500

    comments: fix 6isco typos

Merge pull request #1104 in SNORT/snort3 from flow_depth to master

Squashed commit of the following:

commit 82eba08d04656950da60a337658e0c6688eb98c3
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Feb 6 10:24:07 2018 -0500

    help: upper case proto acronyms etc.

commit 77c0190b0ad815a2c8d2ad0a310b8941149b7be5
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Feb 6 09:00:06 2018 -0500

    build: fix static analysis issues

commit 2cf991a279505c6e9827080796c5c9db1f7ca826
Author: Tom Peters <thopeter@cisco.com>
Date:   Thu Feb 1 17:31:44 2018 -0500

    http_inspect: apply request/response depth to packet data

commit a9bad28e8feb80bc3b896ceda4e807c67691ad78
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Feb 5 09:48:17 2018 -0500

    wizard: count user scans and hits separate from tcp

commit 0721de15f359cdd29e1e3a7f8901638af0ba3cac
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Feb 4 13:15:30 2018 -0500

    build: fix cppcheck warnings

commit 615b82752fbec18837b71e986a67c834eff7b643
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Feb 3 22:08:44 2018 -0500

    detection: refactor alt_dsize

commit 644ccb2c07a562a19e94c6d38125cfa3c5b555f3
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Feb 3 14:22:18 2018 -0500

    detection: use detection limit (alt_dsize)

commit 192fe396cf8360996ce24d47255e6eeabb337f64
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Feb 3 08:56:37 2018 -0500

    search_engine: rename inspect_stream_inserts to detect_raw_tcp for clarity; default to true for 2.X rule sets

commit 50082d488fc84a0764bcd60c7521d1e9d0fe9892
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Feb 3 08:54:24 2018 -0500

    detection: do not change search_engine.inspect_stream_inserts configuration

Merge pull request #1103 in SNORT/snort3 from fwdebug to master

Squashed commit of the following:

commit 1fa46239e14a4d34dbd140f777e62e58c67da229
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Feb 2 14:31:25 2018 -0500

    build: Enable gdb debugging info by default

commit 3ded2f2f760725d8dd72b17fb43e48e088a2fa04
Author: Michael Altizer <mialtize@cisco.com>
Date:   Fri Feb 2 14:26:46 2018 -0500

    main: Export AnalyzerCommand and main_broadcast_command()

Merge pull request #1102 in SNORT/snort3 from nhi_perf to master

Squashed commit of the following:

commit fb74224d1fa1541ca576104bca12e43ffe3976fa
Author: Tom Peters <thopeter@cisco.com>
Date:   Mon Jan 29 15:57:50 2018 -0500

    http_inspect: suppress raw packet inspection beyond request/response depth

    flow: support episodic detection

Merge pull request #1101 in SNORT/snort3 from fp_select to master

Squashed commit of the following:

commit 6a2533921c36f5e481c42f22106686880e540536
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Jan 29 10:52:43 2018 -0500

    detection: trace fast pattern searches with 0x20

commit ce128ff0b0c8c91423dfaba45e473eecbc4a78bd
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Jan 28 12:08:18 2018 -0500

    rules: update fast pattern selection to exclude redundant port groups when service groups are present

Squashed commit of the following:

commit 536ac3db2daba502b1ec64a5f0f62a32b8d8ebad
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Jan 29 08:38:34 2018 -0500

build 242

Merge pull request #1099 in SNORT/snort3 from for_talos to master

Squashed commit of the following:

commit f0c88ec35bfa9f588b05cff38d4e16df7ad33c58
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Jan 26 08:58:37 2018 -0500

    doc: update snort2lua for .rules files

commit c50a3ace93f4eb825330ec8d74a2c4a2dbaad762
Author: Russ Combs <rucombs@cisco.com>
Date:   Wed Jan 24 17:57:12 2018 -0500

    snort2lua: convert *.rules files line-by-line

Merge pull request #1097 in SNORT/snort3 from bsd_endian to master

Squashed commit of the following:

commit 47862dd9599f468e6d4fd0294ee2d1fdc653ff43
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Jan 24 09:02:31 2018 -0500

    (squash) fixed header order

commit fcc6f9a9de8e3b1d95905eed50df36206cac04aa
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Tue Jan 23 12:02:20 2018 -0500

    utils, flatbuffers: Added a uniform interface for 64-bit endian swaps

Merge pull request #1098 in SNORT/snort3 from doc_neha to master

Squashed commit of the following:

commit 29ff8f5718262dcae5a28501f15104824cb5553e
Author: snorty <snorty@localhost.localdomain>
Date: Tue Jan 23 14:10:47 2018 -0500

doc: fixed CIDR in portscan

Fix snort linking

Add STATIC to add_library call of port_scan to build it statically
otherwise link will fail (Makefile.am already build only the static
version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Merge pull request #1096 in SNORT/snort3 from dynamic_catch to master

Squashed commit of the following:

commit 9ebb959350c6faebee49afeb7d38f7968f1428a5
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Jan 18 15:45:56 2018 -0500

    profiler: fixed missing include

commit 155b400c75d4483af3a93df148b5e2678747d36a
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Jan 18 15:33:01 2018 -0500

    unit tests: updated Catch

commit 9c24a2ec2652e31c3e707318b9d4b2969abb6321
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Wed Jan 10 09:46:10 2018 -0500

    unit tests: added ability to run Catch tests from dynamic modules

Merge pull request #1094 in SNORT/snort3 from snort2lua_process_comment_rules to master

Squashed commit of the following:

commit b308d23efc41e03cbc1070bd3e1e8a75da554e5a
Author: davis mcpherson <davmcphe.cisco.com>
Date: Tue Jan 16 08:51:49 2018 -0500

snort2lua: detect commented 'alert' rules and convert them from snort to snort3 format. Leave the rules commented out in the snort3 rules file

Merge pull request #1095 in SNORT/snort3 from multiple_expected to master

Squashed commit of the following:

commit 98688dcd9ad5ffd954eb0b972fc893005b071c99
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Jan 16 15:07:12 2018 -0500

removed a single-element structure ExpectFlows

Merge pull request #1092 in SNORT/snort3 from multiple_expected to master

Squashed commit of the following:

commit 2b58fb2eaa0c9e04dba7e9edd822ae237fddb7a5
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Jan 3 15:00:49 2018 -0500

flow: provided access to all expected flows created by a packet

Merge pull request #1093 in SNORT/snort3 from fw_snort2lua to master

Squashed commit of the following:

commit e704fe74be41ce241be1142637eae884aaeb70f8
Author: Michael Altizer <mialtize@cisco.com>
Date: Mon Jan 8 16:46:24 2018 -0500

snort2lua: Fix file_rule_path and fw_log_size handling in firewall preprocessor

Merge pull request #1091 in SNORT/snort3 from mtfw2 to master

Squashed commit of the following:

commit b202b0b1041a490986030875191bcd3d438eed43
Author: Michael Altizer <mialtize@cisco.com>
Date: Wed Jan 3 12:52:21 2018 -0500

file_api: Give FilePolicyBase a default virtual destructor

Merge pull request #1090 in SNORT/snort3 from mtfw2 to master

Squashed commit of the following:

commit 8329330304223bc7fa3b495b24ab1fb881e633ce
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jan 2 13:16:16 2018 -0500

    sfdaq: Export can_whitelist() and modify_flow_opaque()

commit 38fe764e2c29b02da1c97033fd8ccd5e31bf07b1
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Jan 2 13:15:45 2018 -0500

    file_api: Move VerdictName array out of file_api.h

Merge pull request #1089 in SNORT/snort3 from expected_flow to master

Squashed commit of the following:

commit 6e8633ad778c9c23e56bc1986c634b8fce084ce4
Author: Steven Baigal <sbaigal@cisco.com>
Date: Thu Dec 14 16:24:30 2017 -0500

Added mandatory expected flow pub sub support

Merge pull request #1087 in SNORT/snort3 from snort2lua_file_magic2 to master

Squashed commit of the following:

commit 646ffb7976b2d690a1607d65136dc5e8f7198fd1
Author: Steve Chew <stechew@cisco.com>
Date:   Fri Dec 15 11:29:07 2017 -0500

    Gracefully handle not having file policy configured in dce_smb

commit 02e783b82c2121687c3655a6d45e3ae5481b5c82
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Dec 14 14:04:23 2017 -0500

    Snort2lua: Make sure file_magic table comes before file_id table.

Merge pull request #1085 in SNORT/snort3 from fw_file to master

Squashed commit of the following:

commit 5f3bce069300fe60a281e7251fc5b200305b6caf
Author: Victor Roemer <viroemer@cisco.com>
Date:   Thu Dec 14 14:00:05 2017 -0500

    inspector_manager: Fix acquire

commit 25ff14c2f924b9699279cab6dd70d06d63ac37ac
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Thu Dec 14 10:50:20 2017 -0500

    inspector_manager: dflt only

Merge pull request #1088 in SNORT/snort3 from 241 to master

Squashed commit of the following:

commit 1f7ece85eb3ec05805490ed1e929d7e40cf6aa83
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 14 10:32:15 2017 -0500

    build 241

commit 922a74e6eef8aef64df290da43bb0a857c9a6591
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 14 13:13:49 2017 -0500

    doc: update default manuals

commit f0ed802e05f056aa018bf511920899abd80053ae
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 14 09:39:24 2017 -0500

    cmake: add --define to configure_cmake.sh for arbitrary defines

Merge pull request #1086 in SNORT/snort3 from rusage to master

Squashed commit of the following:

commit 833250653e7df0242f9ae239445c76576a4220ad
Author: Russ Combs <rucombs@cisco.com>
Date:   Thu Dec 14 11:49:48 2017 -0500

    cpu_tracker: fall back to RUSAGE_SELF if RUSAGE_THREAD is not defined

    thanks to Fabrice Fontaine fontaine.fabrice@gmail.com

Merge pull request #1084 in SNORT/snort3 from file_pending to master

Squashed commit of the following:

commit d469965dd4064a5a3d96154e9e60ddd7819c0c97
Author: huica <huica@cisco.com>
Date: Thu Dec 7 12:56:00 2017 -0500

File api: support file verdict delay during signature lookup

Merge pull request #1083 in SNORT/snort3 from appid_foo to master

Squashed commit of the following:

commit cfeb653e4d5bc599cd5ccf11f5935f1f21dee1a5
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Dec 8 13:11:31 2017 -0500

    reputation: tweak warning message

commit 8f8d56020559c0c388f932bf8886ea31f1bcad44
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Dec 8 10:15:51 2017 -0500

    appid: tweak warnings and errors

commit fccbb5a85c09a1bd817834b59c2c77a53f8fadab
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Dec 8 09:54:51 2017 -0500

    appid: close all Lua states when thread exits

Merge pull request #1081 in SNORT/snort3 from fw_file to master

Squashed commit of the following:

commit 4c6479b2146dbb65db38bf6ff90365ea54cfc0c8
Author: huica <huica@cisco.com>
Date:   Wed Dec 6 11:40:38 2017 -0500

    File API: move file verdict enforcement out of file policy

commit f872a9dddf17ea051baa445af34f49e0d095cb1b
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date:   Tue Dec 5 14:37:15 2017 -0500

    file_api: Set the FileContext verdict, not a local verdict

Merge pull request #1082 in SNORT/snort3 from resume_crash to master

Squashed commit of the following:

commit 57d317a56fe910cffdf95db9c60fcc57f9a1e109
Author: Carter Waxman <cwaxman@cisco.com>
Date: Wed Dec 6 11:42:37 2017 -0500

shell: fixed crash when issuing control commands

Merge pull request #1080 in SNORT/snort3 from perf_updates to master

Squashed commit of the following:

commit 65669627dff6ccb90b538b1c5e07d2925581913c
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Dec 4 10:33:17 2017 -0500

    appid: gracefully handle failed Lua state instantiation

    Thanks to Noah Dietrich <noah_dietrich@86penny.org> for reporting the issue.

commit a3d48e52104443ce59f3fde68cbc3f8a78e0d81d
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Dec 3 07:56:48 2017 -0500

    stream_tcp: instantiate wizard only when needed

commit 4f6233016b11867d891442aa64f225b141e73e89
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Dec 3 07:44:18 2017 -0500

    wizard: activate profiler support

commit c519ec8dcec66895cde5cb94f2e7b8a1a3ed2c2e
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 09:30:19 2017 -0500

    stream_tcp: remove empty default state action

commit 7f01a87a79af851e094d31bea354bec07947ca74
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 07:35:28 2017 -0500

    stream_tcp: delete superfluous memsets to zero

commit 61cb33c86c0f17fc7557ab2f5fac875305feee57
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 07:21:43 2017 -0500

    binder: fix ingress / egress test

commit a0977edf046daf0f81c089d7b947026e1be1f0af
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 07:19:48 2017 -0500

    binder: minor perf and readability tweaks

commit 900a384a1f717c3462c4fb501f3ff936d2457a2f
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 06:19:11 2017 -0500

    doc: fix type in style section

commit d2cf8344480c920640d8ed7d9f1e5130130dffc8
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 06:17:37 2017 -0500

    stream_*: separate session profiler data from flow cache profiler data

commit 442ff33c4404a72316581191afdbc1f1dae4eb70
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 06:16:23 2017 -0500

    http_inspect: add profiler support

commit 9f7a09de65d87f1cc729a4ab8b953b42478c2453
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 06:14:20 2017 -0500

    binder: activate profiler support

commit 59cb28ad5c312799c870617cf59e553667ca4569
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Dec 2 06:13:25 2017 -0500

    profiler: fix focus of eventq

Merge pull request #1078 in SNORT/snort3 from file_magic1 to master

Squashed commit of the following:

commit 547c1f71af8b4e377dcc494d4788822d9f919715
Author: Steve Chew <stechew@cisco.com>
Date:   Thu Nov 30 12:01:21 2017 -0500

    Handle groups. Fix warning.

commit ab4332ab35b2d6526c99a2716f856c53f428f9d0
Author: Steve Chew <stechew@cisco.com>
Date:   Wed Nov 29 21:51:39 2017 -0500

    Snort2Lua: Convert file_magic.conf to Lua format.

Merge pull request #1079 in SNORT/snort3 from wlan_arp_spoof to master

Squashed commit of the following:

commit 5af6f5d36aba1867e9176c837dd0248a3b64dfd8
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Nov 21 16:30:42 2017 -0500

codec: added wlan support for arp_spoof

Merge pull request #1077 in SNORT/snort3 from file_log to master

Squashed commit of the following:

commit d63f4e2f48c8dbd92496ccb99e8c0a9a39f9cc56
Author: huica <huica@cisco.com>
Date: Wed Nov 29 15:31:37 2017 -0500

File policy: add support for file event logging

Merge pull request #1075 in SNORT/snort3 from misc_update to master

Squashed commit of the following:

commit f5ec7aa483757573d3f99486a3dbfce9ce39de4a
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Nov 27 13:40:36 2017 -0500

    stream_ip: fix non-frag counting

commit b8712168a7f0bb744ecd46fcbf4b934b3798e770
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Nov 27 08:50:41 2017 -0500

    ips options: error if lookup fails due to bad case, typos, etc.

    thanks to Noah Dietrich <noah_dietrich@86penny.org> for reporting the issue

commit 30ea59db4a0b0e50985e5740f8ff4f0be9dd06ae
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Nov 27 08:14:59 2017 -0500

    alert_json: tcp_ack, tcp_seq, and tcp_win are (base 10) integers

commit ad40486ab8ddfa1584df015792624caeb14dbd63
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Nov 26 08:04:47 2017 -0500

    stream: change tcp idle timeout to 3600 to match 2.X nominal timeout

commit 0436867d413467160d37597f196f8f661d62c885
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 24 16:18:53 2017 -0500

    port_scan: fix flow checks
    port_scan: add alert_all to make alerting on all events in window optional

Merge pull request #1073 in SNORT/snort3 from fw_file to master

Squashed commit of the following:

commit 92fa39b99e9e0726b465fd9656f8f04881a6f7e2
Author: Victor Roemer (viroemer) <viroemer@cisco.com>
Date: Mon Nov 20 14:50:17 2017 -0500

target_based: Install header

Merge pull request #1074 in SNORT/snort3 from json_update to master

Squashed commit of the following:

commit b77eea3ec6a9545d4ca359b1586467cfd4ebcd9f
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Nov 21 08:33:22 2017 -0500

    snort2lua: tweak const name for clarity (internal)

commit 714bb45f048ba47c0ad766edec21ab6813bc78fd
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Nov 21 07:45:22 2017 -0500

    rules: default msg = "no msg in rule"

commit 9eba78b7f2d3bb4e89fba2b2f0fb95beb754857f
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Nov 21 07:44:00 2017 -0500

    alert_csv: various fixes to match alert_json

    eth_len: changed to decimal format
    msg: remove extra quotes
    seconds: new decimal field for unix-style timestamp

commit 2244c7d12ceb18e93aaa7ed449e134a42e1eb3fc
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Tue Nov 21 07:40:30 2017 -0500

    alert_json: various fixes; thanks to Noah Dietrich <noah_dietrich@86penny.org> for reporting the issues

    eth_len: changed to decimal format
    eth_type: changed to string format (hex value)
    msg: remove extra quotes
    seconds: new decimal field for unix-style timestamp

Merge pull request #1072 in SNORT/snort3 from bad_proto to master

Squashed commit of the following:

commit 20af9d0ab77ccb53d6dfad97e9c31a559c0eea4b
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Nov 10 11:22:46 2017 -0500

US265613, updated MIPv6 codec and merged cd_pim.cc, cd_swpie.cc and cd_sun_ud.cc to cd_bad_proto.cc

Merge pull request #1069 in SNORT/snort3 from nss_0 to master

Squashed commit of the following:

commit 83cd94521652ab6349bcbce59f24e4137ff199eb
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Nov 18 08:30:40 2017 -0500

    soid: allow stub to contain any or all options
    --rule-to-*: use whole soid arg as suffix to rule and len identifiers; make static

commit 141d6fb80625a69cd7ab232e7d5a8ef2450b6eeb
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 17 15:46:28 2017 -0500

    snort2lua: future proof --bind-wizard binding order

commit 0cab5c8f91bc553444c52375e18cf1ca6a8a280d
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 17 13:49:34 2017 -0500

    snort: do not dlclose plugins at shutdown during REG_TEST to avoid borked backtraces from LeakSanitizer

commit ee4de247f8944df42539a4ee6bb2bcc210d86de5
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Mon Nov 13 09:00:58 2017 -0500

    snort2lua: no sticky buffer for relative pcre

commit e154eea548013235536b4dd160c915762925bdae
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Nov 12 21:37:45 2017 -0500

    memory: no stats output unless configured

commit 17d93dca22c4770d710cf74926da105dee586d23
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Nov 12 19:36:08 2017 -0500

    inspection: default policy mode depends on adaptor mode

commit 86c5792850916faa149d3ae2407331801e420df2
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sun Nov 12 08:20:07 2017 -0500

    stream_size: fix snort2lua to_client, to_server conversion and eval packet checks

commit d5cc4f29811b090a673a8fe51c3f165a468c645c
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Nov 11 19:37:31 2017 -0500

    snort2lua: urilen:<> --> bufferlen:<=>

commit 03525a245f6ad14da647ba7c8d2266391fb40524
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Nov 11 17:27:20 2017 -0500

    dce: use service names from rules (dce_smb = netbios-ssn; dce_tcp / dce_udp = dcerpc)

commit 3f65c4e31799bd288705dfc6c055a15e5c06871b
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Sat Nov 11 17:25:46 2017 -0500

    http_inspect: use configured max_pdu as base target reassembly size

commit 204f4e7b98e1cc10d0aeb8900efab0bacba43ed1
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 10 22:25:26 2017 -0500

    wizard: abort if no match

commit 1e2a90d557d083ac973ae7327223b9b2dfc026eb
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 10 22:24:40 2017 -0500

    stream_user: clear splitter properly

commit 66e7626080c53090f433bc8fd1ab291974623ae6
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 10 15:34:25 2017 -0500

    normalizer: fix enable checks

commit 4febd24b53d2cb4ce4806072618389ad71b75f63
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 9 08:44:20 2017 -0500

    byte_test: fix string bounds check

commit f4c0bddbfb04a56551a3dd911aa8be3d0d23e849
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 9 08:14:56 2017 -0500

    conf: remove OPTIONS from SIP and HTTP spells to avoid confusion with RTSP
    conf: remove client to server spells for FTP, IMAP, POP, and SMTP to avoid false pickups

commit f4cfb26f69b360743e728268c154a085a20e7980
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 9 08:12:12 2017 -0500

    detection: fix option tree looping issue

Merge pull request #1071 in SNORT/snort3 from appid_http_disco_state to master

Squashed commit of the following:

commit 9e99c3f473209630b888abebfc4910ca2c6b1583
Author: davis mcpherson <davmcphe.cisco.com>
Date:   Fri Nov 17 09:03:29 2017 -0500

    appid: patch to update the appid discovery state when an http event results in setting of the service id for a flow

    suppress warnings for valid case statement fall throughs

    only update session flags and discovery state if service id actually set to http

Merge pull request #1070 in SNORT/snort3 from control to master

Squashed commit of the following:

commit c1710fa94273e1214dc33c6b9f96f58fa3991a99
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 17 11:27:32 2017 -0500

    snort2lua: --bind-wizard will add a trailing binding to the default wizard in each binder

commit ffb30e0afd477b7ad39e5de0a01e05187ac85d81
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 17 06:28:20 2017 -0500

    wizard: usage is inspect

commit 8b205c88d42ccff8ca43c4e04f75c7791816bf9a
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Fri Nov 17 00:25:31 2017 -0500

    binder: add FIXIT re creating default bindings when the wizard is not configured

commit fc5f8fb0b6bc8d2f8901d9ef33cf93ee3b25755c
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 16 20:47:29 2017 -0500

    stream_tcp: ignore flush requests on unitialized sessions (early abort condition)

commit ddcd4ca4e23b1804b17d0f2b493399fd10639e16
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 16 18:39:12 2017 -0500

    snort2lua: remove when udp from binding to support tcp too

commit 2f2f5ce79e11b1f1529ca36dde51a9e20976016c
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 16 16:43:41 2017 -0500

    sip: use log splitter for tcp

commit feb60347c7ea4698a9bf14f1ab4f4df9c1732f7b
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 16 18:44:53 2017 -0500

    control: process flow first

commit 0d9ae3a95a4342a377b49dfc5b8f6d12fab5949b
Author: Russ Combs (rucombs) <rucombs@cisco.com>
Date:   Thu Nov 16 06:34:34 2017 -0500

    control: must execute from default policy only

Merge pull request #1068 in SNORT/snort3 from catch_update to master

Squashed commit of the following:

commit 7f61eca448a3122a298b7fc902410694b6119017
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Nov 14 13:36:20 2017 -0500

    cppcheck: More miscellaneous fixes, mostly for new Catch

commit 5d6a5227484720e246359065cb10550491fcfd63
Author: Michael Altizer <mialtize@cisco.com>
Date:   Tue Nov 14 11:57:51 2017 -0500

    catch: Update to Catch v2.0.1

Merge pull request #1067 in SNORT/snort3 from nhttp94 to master

Squashed commit of the following:

commit 1d481067ff873cfe564548a19ac8c6be02a5705f
Author: Tom Peters <thopeter@cisco.com>
Date: Tue Nov 7 12:56:17 2017 -0500

http_inspect: fix bugs related to stream interaction