]>
git.ipfire.org Git - thirdparty/snort3.git/log
Pull request #4377: src: resolve various warnings
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:thresholds_upd to master
Squashed commit of the following:
commit
6afa4c2bf6b546377f049574704faaa7b10167aa
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu Jul 4 17:35:06 2024 +0300
src: resolve various warnings
Adrian Mamolea (admamole) [Fri, 9 Aug 2024 07:21:32 +0000 (07:21 +0000)]
Pull request #4362: http_inspect: log normalized URI in extra data
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:uri_fix to master
Squashed commit of the following:
commit
a174a87c6815c3735a46322196c670513624aa25
Author: Adrian Mamolea <admamole@cisco.com>
Date: Mon Jun 24 15:55:41 2024 -0400
http_inspect: log normalized URI in extra data
Pull request #4408: control: cleanup code
Merge in SNORT/snort3 from ~OSTEPANO/snort3:cleanup_control to master
Squashed commit of the following:
commit
dcccfa9baccc02c0efa32e7592834457d6e9f1a1
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Aug 2 06:28:22 2024 -0400
control: Code cleanup
Pull request #4413: filters: update dev_notes.txt with details for event_filter
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:doc_upd to master
Squashed commit of the following:
commit
3ee7d1f343c0cf487ed51b7fb10ef1d9d32d36d1
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Aug 6 11:47:52 2024 +0300
filters: update dev_notes.txt with details for event_filter
Ashik Thomas (ashiktho) [Tue, 6 Aug 2024 09:38:32 +0000 (09:38 +0000)]
Pull request #4383: file: removing unused variable in FileFlows destructor
Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master
Squashed commit of the following:
commit
57316a4dcf33c789cd0cf5161b1bba98bb3e0c5a
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Tue Jul 9 09:42:52 2024 +0530
file: remove unused variable in FileFlows destructor
Pull request #4365: extractor: add flow id
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor_flow_id to master
Squashed commit of the following:
commit
295a374f5a2616be85946d029150f3e9faf04447
Author: anorokh <anorokh@cisco.com>
Date: Fri Jun 14 12:01:28 2024 +0300
extractor: add flow hash key
* updated conf parsing logic
* updated Error messages
Adrian Mamolea (admamole) [Mon, 5 Aug 2024 15:58:43 +0000 (15:58 +0000)]
Pull request #4395: ips_options: separate main thread pcre counts from packet threads stats
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:tsan_fix2 to master
Squashed commit of the following:
commit
6d5844717ca216945fb0d4983a0dc8611ef768a1
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Jul 25 10:43:31 2024 -0400
ips_options: separate main thread pcre counts from packet threads stats
Raza Shafiq (rshafiq) [Thu, 1 Aug 2024 19:54:41 +0000 (19:54 +0000)]
Pull request #4406: flow: optimize timeout handling for different packet type
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:flow_timeout to master
Squashed commit of the following:
commit
2fa8150d352ccb02e0039c19be722147957f8a74
Author: rshafiq <rshafiq@cisco.com>
Date: Tue Jul 30 19:48:11 2024 -0400
flow: optimize timeout handling for different packet type
Pull request #4405: control: handle control commands after packet treads are fully initialised
Merge in SNORT/snort3 from ~OSTEPANO/snort3:main_socket_control to master
Squashed commit of the following:
commit
9c08c5d51d32c030eea66946b6e7999a2b9f8d3f
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed Jul 31 07:16:04 2024 -0400
control: handle control commands after packet treads are fully initialised
Unnikrishnan M (umunnikr) [Thu, 1 Aug 2024 17:45:23 +0000 (17:45 +0000)]
Pull request #4294: file_api: set max file depth as part of snort configuration
Merge in SNORT/snort3 from ~UMUNNIKR/snort3:file_race_condition_fix to master
Squashed commit of the following:
commit
181b94d110f4736315a41c66d9979947d46022d1
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Thu Feb 15 09:48:35 2024 +0530
file_api: max depth is set as part of initial config
Akhilesh MY (amuttuva) [Wed, 31 Jul 2024 09:36:32 +0000 (09:36 +0000)]
Pull request #4384: memory: account memory for profiler only when packet thread is involved
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:mp_seg to master
Squashed commit of the following:
commit
57c9c1a52f19347c0b8c85829dbf203e70c52476
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Thu Jul 11 05:12:15 2024 -0400
memory: account memory for profiler only when packet thread is involved
Pull request #4401: http_inspect: add peg counts for gzip, known-not-supported, and unknown
Merge in SNORT/snort3 from ~JAIMEACA/snort3:US-750344-compression_pegs to master
Squashed commit of the following:
commit
a02f4c8ea7dca6fca4fcc1495a0dc4bfdf642406
Author: Jaime Andres Castillo Leon -X (jaimeaca - SOFTSERVE INC at Cisco) <jaimeaca@cisco.com>
Date: Mon Jul 29 10:30:20 2024 -0400
http_inspect: add peg counts for gzip, known-not-supported, and unknown
Priyanka Bangalore Gurudev (prbg) [Tue, 30 Jul 2024 15:07:29 +0000 (15:07 +0000)]
Pull request #4403: build: generate and tag 3.3.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.2.0 to master
Squashed commit of the following:
commit
db1e757989f585f87ad6ab401f3d4a02c1321599
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 29 22:07:12 2024 -0400
build: generate and tag 3.3.2.0
Ron Dempster (rdempste) [Mon, 29 Jul 2024 19:57:59 +0000 (19:57 +0000)]
Pull request #4392: flow: clear deferred trust after the flow is trusted to stop repeated trusting
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:insight_active to master
Squashed commit of the following:
commit
ad008ef09d827ea88c8ab48a1b3607b633f32b17
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Jul 19 16:51:57 2024 -0400
flow: clear deferred trust after the flow is trusted to stop repeated trusting
Rishabh Choudhary (rishacho) [Mon, 29 Jul 2024 05:54:00 +0000 (05:54 +0000)]
Pull request #4396: main: fix coverage for show snort cpu command
Merge in SNORT/snort3 from ~RISHACHO/snort3:cpu_usage_snort to master
Squashed commit of the following:
commit
c8dcd376b5fe4a0e6a53eb31731badfe490885b8
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed Jul 24 13:19:46 2024 +0530
main: fix coverage
Replace an impossible condition with assert statement.
Pull request #4397: Snort ML: fix verbose mode output for unlimited options
Merge in SNORT/snort3 from ~YCHALOV/snort3:snort_ml_verbose_fix to master
Squashed commit of the following:
commit
8f1f5f32107471457d4cfcbe73d1f88054bf953a
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Jul 24 16:52:52 2024 +0200
kaizen: fix verbose mode output for unlimited options
Pull request #4391: daq: added outstanding packets counter
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:outstanding_pkts to master
Squashed commit of the following:
commit
8cbc87c985ef43311fcecfe6574f3655294362e6
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Wed Jul 17 19:44:23 2024 -0400
daq: added outstanding packets counter
Pull request #4240: stream_tcp: Refactor tcp overlap, segment list and reassembly classes to improve class structure and relationships
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:reassembly_rewrite_u2.0 to master
Squashed commit of the following:
commit
6e4456f7895584520a5e6bb2d3eae0458b33d516
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Feb 22 11:44:08 2024 -0500
stream_tcp: initial refactor to move alert functions to their own class
stream_tcp: refactor to move tcp overlap processing out of reassembly class
stream_tcp: merge TcpStreamSession into TcpSession
stream_tcp: refactor segment nodes to implement reassembly cursor and
eliminate tracking variables such as c_seq/c_len, etc. add helper functions
to track state
stream_tcp: improve variable and function names for overlap processing
stream_tcp: refactor TcpReassembler into a virtual base class and subclasses for each mode: ignore, IPS and IDS
stream: refactor paf logic into a c++ class
stream_tcp: integrate and streamline setting of flush policy and splitter
improve tracking of rcv_nxt state
stream_tcp: delete lws_init, it was redundant with tcp_init; delete FIXITs that are no longer relevant
stream_tcp: updates from PR review comments
Jose Cano -X (jcanogom - SOFTSERVE INC at Cisco) [Mon, 22 Jul 2024 18:35:41 +0000 (18:35 +0000)]
Pull request #4386: doc: builtin rule documentation updates
Merge in SNORT/snort3 from ~JCANOGOM/snort3:doc_builtin_updates to master
Squashed commit of the following:
commit
ce3cd8566952053e75d6a4b3481e8e43d72f5545
Author: Jose Cano <jcanogom@cisco.com>
Date: Mon Jul 15 17:14:16 2024 -0400
doc: builtin rule documentation updates
Pull request #4373: js_norm: address pdf tokenizer issues
Merge in SNORT/snort3 from ~ASERBENI/snort3:js_pdf_misses to master
Squashed commit of the following:
commit
44070c0661f54ab9fc8cfdd1bb79e887bd3d9ed3
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jun 17 12:40:40 2024 +0300
js_norm: address pdf tokenizer issues
- implement support for missed types of indirect objects
- allow stream length to be defined with a reference
- improve array nesting checks
Rishabh Choudhary (rishacho) [Mon, 22 Jul 2024 05:15:21 +0000 (05:15 +0000)]
Pull request #4374: sip: fallback functionality for sip inspector
Merge in SNORT/snort3 from ~RISHACHO/snort3:sip_fallback to master
Squashed commit of the following:
commit
99297bb4fd415533b2eb3ca527a165c0f7124510
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Thu Jul 4 22:18:00 2024 +0530
sip: fallback functionality for sip inspector
Raza Shafiq (rshafiq) [Fri, 19 Jul 2024 20:12:00 +0000 (20:12 +0000)]
Pull request #4389: flow: added compile-time option to disable tenant_id
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:notid to master
Squashed commit of the following:
commit
59cd8c9d982ced2cc170b3928c5c2a70eee1c40a
Author: rshafiq <rshafiq@cisco.com>
Date: Mon Jul 1 14:08:38 2024 -0400
flow: added compile-time option to disable tenant_id
Umang Sharma (umasharm) [Thu, 18 Jul 2024 21:41:35 +0000 (21:41 +0000)]
Pull request #4388: appid: fixing cppcheck warnings and cosmetic changes for appid cpu profiler
Merge in SNORT/snort3 from ~UMASHARM/snort3:fix_appid_cpu_profiling to master
Squashed commit of the following:
commit
308fce8ec5298d01be29061c8a83198267160aed
Author: Umang Sharma <umasharm@cisco.com>
Date: Wed Jul 17 13:27:58 2024 -0400
appid: removing trailing whitespaces
commit
83f46dc9249f9ca2a7ff0d84feb5fb14e11494ef
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue Jul 16 10:36:12 2024 -0400
appid: fixing cpp warnings and cosmetic changes for appid cpu profiler
Priyanka Bangalore Gurudev (prbg) [Tue, 16 Jul 2024 16:28:59 +0000 (16:28 +0000)]
Pull request #4385: build: generate and tag 3.3.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.1.0 to master
Squashed commit of the following:
commit
5ff7dd644837a415b4b2abd67aab1666b3e2952e
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jul 15 14:06:27 2024 -0400
build: generate and tag 3.3.1.0
Ashik Thomas (ashiktho) [Mon, 8 Jul 2024 10:14:38 +0000 (10:14 +0000)]
Pull request #4370: file: fixing file context reuse
Merge in SNORT/snort3 from ~ASHIKTHO/snort3:CSCwj63921_tot_2 to master
Squashed commit of the following:
commit
3422d104dac341bf4c7036bd6f4b572c538c169b
Author: Ashik Thomas <ashiktho@cisco.com>
Date: Fri Jun 28 03:12:47 2024 -0700
file: fixing file context reuse
Pull request #4376: detection: include OPT_TREE traces in release build
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fix_traces to master
Squashed commit of the following:
commit
ca98db474d16d2c4cfbdd0a1274bfaa82b20bb4e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jul 5 16:31:31 2024 +0300
detection: include OPT_TREE traces in release build
Pull request #4356: detection: update of fast pattern printing
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fp_print_upd to master
Squashed commit of the following:
commit
a1a3383f6a3b44f28bb9b7168e39c85700c8156e
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:17:36 2024 +0300
detection: make print of fast pattern as a trace module
commit
544f928401ef43c87368026bec5f9e5d392d9b9f
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:19:04 2024 +0300
detection: add opt_tree traces in release build
commit
ec3b9dccd4cb721be8bcace7c699840680a8f193
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Jun 18 15:10:15 2024 +0300
detection: print only fast_pattern part of pattern
Maya Dagon (mdagon) [Wed, 3 Jul 2024 11:54:49 +0000 (11:54 +0000)]
Pull request #4347: extractor: add support for referrer, origin, trans_depth
Merge in SNORT/snort3 from ~MDAGON/snort3:fields to master
Squashed commit of the following:
commit
ffe8836418d5ae42ccf17fd6c2a96893b8ff0709
Author: maya dagon <mdagon@cisco.com>
Date: Thu Jun 6 13:11:10 2024 -0400
extractor: support trans_depth, origin and referrer fields
commit
94b3c973e63f0c6e075b38f5d1d06cd152733c96
Author: maya dagon <mdagon@cisco.com>
Date: Wed Jun 5 13:09:43 2024 -0400
http_inspect: add origin header
commit
16ba900087769c5c5e9b587ed501dfdbdd294c90
Author: maya dagon <mdagon@cisco.com>
Date: Fri May 31 14:43:41 2024 -0400
extractor: support referrer field
Pull request #4364: parser: do not skip symbols while expanding variables
Merge in SNORT/snort3 from ~YCHALOV/snort3:expand_variable_fix to master
Squashed commit of the following:
commit
6950e149cd99270d4a9c467aa102beb3944b257e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Jun 24 13:03:29 2024 +0200
parser: do not skip symbols while expanding variables
Ron Dempster (rdempste) [Thu, 27 Jun 2024 17:57:10 +0000 (17:57 +0000)]
Pull request #4363: flow: handle significant groups with unknown group value as non-group flow keys
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:expected_unknown to master
Squashed commit of the following:
commit
f2ff9af2a7393939742716c535411448fd557c27
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue May 21 17:09:24 2024 -0400
flow: clear flow stash when freeing the flow data
commit
c4282b8aa7ba3743b4413e2bbe6dc94959fb8e49
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Jun 25 11:28:27 2024 -0400
flow: handle significant groups with unknown group value as non-group flow keys
Juweria Ali Imran (jaliimra) [Tue, 25 Jun 2024 14:52:57 +0000 (14:52 +0000)]
Pull request #4360: stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState
Merge in SNORT/snort3 from ~JALIIMRA/snort3:prev_norm_tsan to master
Squashed commit of the following:
commit
ce50d84da43185c12a65649e3e559d54b3c95b07
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri Jun 21 12:46:55 2024 -0400
stream_tcp: move prev_norm object from TcpNormalizer to TcpNormalizerState
Ron Dempster (rdempste) [Mon, 24 Jun 2024 16:26:37 +0000 (16:26 +0000)]
Pull request #4138: appid: restructure the appid code to make it easier to follow and maintain
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:appid to master
Squashed commit of the following:
commit
1195b37a59928477641dc2efbf606eb2eaca857b
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Sep 19 10:42:40 2023 -0400
appid: restructure the appid code to make it easier to follow and maintain
Umang Sharma (umasharm) [Mon, 24 Jun 2024 13:12:41 +0000 (13:12 +0000)]
Pull request #4353: appid: updating appid cpu profiler cli for ims
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_cli to master
Squashed commit of the following:
commit
6ffb9e1039fff58491e408cf2513e40a98143ec8
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Jun 14 15:00:43 2024 -0400
appid: updating appid cpu profiler cli for ims
Unnikrishnan M (umunnikr) [Fri, 21 Jun 2024 06:07:29 +0000 (06:07 +0000)]
Pull request #4320: dce_rpc: correct the session counters post the upgrade to smb v2 from v1
Merge in SNORT/snort3 from ~UMUNNIKR/snort3:smb_session_cnt_fix to master
Squashed commit of the following:
commit
c60b9aa485041567f3094223c9e21c1bdbd10068
Author: Unnikrishnan M <umunnikr@cisco.com>
Date: Fri May 10 12:20:38 2024 +0530
dce_rpc: correct the session counters post the upgrade to smb v2 from v1
Pull request #4352: stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:meta_ack_daq_msg_init to master
Squashed commit of the following:
commit
63151959aaf66c274d277bd394b735f47007837e
Author: davis mcpherson <davmcphe@cisco.com>
Date: Mon Jun 17 13:34:49 2024 -0400
stream_tcp: set daq_msg field in meta-ack pseudo-packet header to the value from the wire packet.
Pull request #4344: stream_tcp: add CDB for stream_tcp
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:cbd_stream_tcp to master
Squashed commit of the following:
commit
42be43a84ccd4c71eb690ea10d691f5c113d8e66
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Fri Jun 7 03:43:30 2024 -0400
stream_tcp: support tracing without compilation flags
Rishabh Duggal (riduggal) [Thu, 20 Jun 2024 13:02:25 +0000 (13:02 +0000)]
Pull request #4298: flow: introducing new parameters for ip flow profiling
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:ip_attributes to master
Squashed commit of the following:
commit
39655047db64c6ccbe46145df1f985a88a982715
Author: riduggal <riduggal@cisco.com>
Date: Wed Apr 24 11:26:16 2024 +0000
perf_monitor: introducing new parameters for ip flow profiling
Jared Rittle (jrittle) [Thu, 20 Jun 2024 07:25:50 +0000 (07:25 +0000)]
Pull request #4334: Mms curse expansion
Merge in SNORT/snort3 from ~JRITTLE/snort3:mms_curse_expansion to master
Squashed commit of the following:
commit
e5e80b73e05b19ecc9ef0b4b954f4504c70de766
Author: Jared Rittle <>
Date: Tue May 28 14:24:39 2024 -0400
wizard: expand MMS curse
Priyanka Bangalore Gurudev (prbg) [Wed, 19 Jun 2024 16:32:52 +0000 (16:32 +0000)]
Pull request #4355: build: generate and tag 3.3.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.3.0.0 to master
Squashed commit of the following:
commit
b23a5cbbf598ec1d039383b223423cea10dfe4fb
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Jun 19 09:53:23 2024 -0400
build: generate and tag 3.3.0.0
Pull request #4342: Sub-selected buffer and fast-pattern options
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fp_sub_buffer to master
Squashed commit of the following:
commit
212506d4e8f65f62cf042585af0e89f8fcbdda4f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 22:05:51 2024 +0300
build: bump version to 3.2.0
IPS option API has changed.
commit
0a1a7e16acc3117f46b3aba467fe552b4de9f256
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 17:38:49 2024 +0300
http_inspect: set CAT_SET_SUB_SECTION for buffer with a sub-selector configured
commit
a036904c1751e21dcd8c75553e4e5e9978b553c8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Tue Jun 4 17:34:29 2024 +0300
framework: add new Cursor Action Type
Buffer-setter IPS option can be of sub-section type, picking just a part of
the targeted IPS buffer. Such buffer setter cannot make a fast-pattern-only option.
Pull request #4351: Prerequisites for FlexLexer includes
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:jsn_flex_naming to master
Squashed commit of the following:
commit
307587f13d592061cfd1bc38f36ab2e9cf5ce73c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Jun 17 15:11:42 2024 +0300
js_norm: fix prerequisites for FlexLexer includes
Pull request #4340: Codec: add new builtin rule
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:codec_update to master
Squashed commit of the following:
commit
ce756eadfbc480164894ec2a7873c3640b61df2d
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 31 19:02:44 2024 +0300
codecs: add handling of NDP types
Added handling for all NDP types of ICMPv6,
as well as added new builtin rule to cover invalid length.
Pull request #4317: extractor: add protocol logging for HTTP
Merge in SNORT/snort3 from ~ANOROKH/snort3:extractor to master
Squashed commit of the following:
commit
2139770ad6bffa4e27f5f1ec4ca76dfcd950588d
Author: Anna Norokh <anorokh@cisco.com>
Date: Fri Apr 5 13:46:28 2024 +0300
extractor: add protocol logging for HTTP
- added module and inspector implementation;
- added logger and writer implementation for csv output to stdout;
- added new pub/sub for end of transaction event;
Pull request #4345: utils: remove duplication of definition
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:compl_fix to master
Squashed commit of the following:
commit
fa8992e8308a8ba6c759ac1ed355285a300923a6
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri Jun 7 12:41:04 2024 +0300
utils: remove duplication of definition
Definition is moved to src/main/process.cc.
Thanks to xxxx81 for reporting the issue.
Umang Sharma (umasharm) [Fri, 7 Jun 2024 14:56:43 +0000 (14:56 +0000)]
Pull request #4339: appid: using different api for picking appids
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_api to master
Squashed commit of the following:
commit
023c07e878b7a4668b99fd464263e022166c2ce6
Author: Umang Sharma <umasharm@cisco.com>
Date: Mon Jun 3 21:52:58 2024 -0400
appid: using different api for picking appids for appid cpu profiler
Michael Matirko (mmatirko) [Thu, 6 Jun 2024 18:52:29 +0000 (18:52 +0000)]
Pull request #4338: stream_tcp: use default size atomsplitter on fallback
Merge in SNORT/snort3 from ~MMATIRKO/snort3:atom-size to master
Squashed commit of the following:
commit
de2b23a4b0b83f060aa8f92797a32bac0d688f84
Author: Michael Matirko <mmatirko@cisco.com>
Date: Mon Apr 22 15:28:50 2024 -0400
stream_tcp: use default size atomsplitter on fallback
Umang Sharma (umasharm) [Thu, 6 Jun 2024 13:04:13 +0000 (13:04 +0000)]
Pull request #4336: appid: appid cpu profiler table rows limit and totals
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_limit_rows to master
Squashed commit of the following:
commit
cd9740e5236d8ab167df5693fd03650a5822d6d0
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu May 30 08:45:47 2024 -0400
appid: display rows limit of table and totals
Rishabh Choudhary (rishacho) [Tue, 4 Jun 2024 09:18:01 +0000 (09:18 +0000)]
Pull request #4331: main: add CLI command to show snort cpu percentage
Merge in SNORT/snort3 from ~RISHACHO/snort3:snort_cpu_usage to master
Squashed commit of the following:
commit
4c09c864dc8627b02231748978457c87920b86cb
Author: Rishabh Choudhary <rishacho@cisco.com>
Date: Wed May 8 23:07:25 2024 +0530
main: add CLI command to show snort cpu percentage
Kaushal Bhandankar (kbhandan) [Tue, 4 Jun 2024 06:39:40 +0000 (06:39 +0000)]
Pull request #4290: dns: Set Flow timeout after getting DNS response
Merge in SNORT/snort3 from ~KBHANDAN/snort3:dns_flow_timeout to master
Squashed commit of the following:
commit
4cd584cdb71f0271d1eabbfade1b38dd8e0f6ac1
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Wed Apr 17 13:58:01 2024 +0530
dns: Set Flow timeout after getting DNS response
Priyanka Bangalore Gurudev (prbg) [Mon, 3 Jun 2024 20:06:04 +0000 (20:06 +0000)]
Pull request #4337: build: generate and tag 3.2.2.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.2.0 to master
Squashed commit of the following:
commit
c3d9f95dccdf26bb944b1a706186c7369d31f9c7
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Jun 3 00:07:05 2024 -0400
build: generate and tag 3.2.2.0
Pull request #4333: Fix dev_notes formatting.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:doc_fixes to master
Squashed commit of the following:
commit
97b7f88a711b55a47ead3f31d4e6aede19b5d95a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 30 13:15:40 2024 +0300
doc: fix formatting in dev_notes.txt
Formatting updated for: dump_config, wizard, trace.
Indention fixed for: perf_monior, http_inspect.
Juweria Ali Imran (jaliimra) [Thu, 30 May 2024 17:46:12 +0000 (17:46 +0000)]
Pull request #4332: stream_tcp: fix infinite recursion cases
Merge in SNORT/snort3 from ~JALIIMRA/snort3:infinite_recursion_patches to master
Squashed commit of the following:
commit
5bafae8c357ce098224ad39f7c7682acf1b04850
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 1 16:43:24 2024 -0400
stream_tcp: fix infinite recursion cases
Umang Sharma (umasharm) [Wed, 29 May 2024 21:46:12 +0000 (21:46 +0000)]
Pull request #4325: appid : appid cpu profiler max columns
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_columns to master
Squashed commit of the following:
commit
27ccc30ed307c0e152794f8d6b3799b2db4ebada
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri May 24 16:51:14 2024 -0400
appid: appid cpu profiler max columns
Pull request #4319: appid: Store and retrieve only SNI in AppIdSession
Merge in SNORT/snort3 from ~OSTEPANO/snort3:tls_sni_event to master
Squashed commit of the following:
commit
6a591a048bc22e8d5fa99d6876613443dabf8352
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri May 3 11:01:52 2024 -0400
appid: Store and retrieve only SNI in AppIdSession
Steven Baigal (sbaigal) [Tue, 28 May 2024 18:13:02 +0000 (18:13 +0000)]
Pull request #4276: packet_capture: make sure packet_capture executed before detection
Merge in SNORT/snort3 from ~SBAIGAL/snort3:capture_first to master
Squashed commit of the following:
commit
641e67652632a504ea81c3b7828dd5486df81251
Author: Steven Baigal <sbaigal@cisco.com>
Date: Fri Apr 5 11:26:37 2024 -0400
packet_capture: make sure packet_capture executed before detection
Pull request #4327: src: udpate to resolve new issues
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:issue_testing to master
Squashed commit of the following:
commit
43607a31ae832f04c0bbb817a4c02521ee251cf0
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon May 27 17:51:24 2024 +0300
utils: add explicit include
commit
01345fc769b93113fcd8b3e601f6aa0dc0d4190c
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon May 27 17:10:09 2024 +0300
src: remove repetitive words
Thanks @gopherorg for finding those typos
commit
18f85f347bf58f774da72063bf7bd07588e80d50
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 17 15:55:00 2024 +0300
src: udpate to resolve new issues
Kumar swamy Nagabhushana (kumhn) [Mon, 27 May 2024 06:03:25 +0000 (06:03 +0000)]
Pull request #4322: dce_smb: Do not prune from LRU cache during file tracker update
Merge in SNORT/snort3 from ~KUMHN/snort3:automation_crash to master
Squashed commit of the following:
commit
858982dde3b99249dac7191f21d08a713fbaa350
Author: kumhn <kumhn@cisco.com>
Date: Wed May 15 11:16:09 2024 +0530
dce_smb: Do not prune from LRU cache during file tracker update
Shijin Bose (shibose) [Sat, 25 May 2024 07:45:46 +0000 (07:45 +0000)]
Pull request #4307: SIP: flow clean-up based on lina configured timeout
Merge in SNORT/snort3 from ~SHIBOSE/snort3:sip_flow_clean_up to master
Squashed commit of the following:
commit
176d9a58cb20c48a968a66997df3375c73f6049a
Author: shibose <shibose@cisco.com>
Date: Tue Mar 26 13:05:17 2024 +0000
SIP: flow clean-up based on lina configured timeout
Umang Sharma (umasharm) [Fri, 24 May 2024 18:50:44 +0000 (18:50 +0000)]
Pull request #4318: appid: re-enabling appid cpu profiler and crash fix
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_profiler_fix to master
Squashed commit of the following:
commit
61e74d2982ec6495087652300c2afc33ff1a3945
Author: Umang Sharma <umasharm@cisco.com>
Date: Thu May 9 08:39:00 2024 -0400
appid : re-enabling appid cpu profiler making it thread safe
Pull request #4304: js_norm: abort PDF norm on syntax failure
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:pdf_no_inf_tokens to master
Squashed commit of the following:
commit
abc86c1343f5f3b7ce2675b2742306e3c29289e9
Author: dkyrylov <dkyrylov@cisco.com>
Date: Tue Apr 30 18:02:22 2024 +0300
js_norm: stop PDF processing on syntax error
Stop processing if buffer size is extended
to fit a token over 16k in length;
Abort further normalization after PDF
tokenizer failure;
Process last remaining JavaScript in
PDU up to normalization failure.
Juweria Ali Imran (jaliimra) [Thu, 23 May 2024 22:28:20 +0000 (22:28 +0000)]
Pull request #4330: stream_tcp: don't attempt to verify or process keep-alive probes with data
Merge in SNORT/snort3 from ~JALIIMRA/snort3:keep_alive to master
Squashed commit of the following:
commit
4282d9a3268fb8facfdb5cd20842980ee2fc6dd4
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 22 09:23:57 2024 -0400
stream_tcp: don't attempt to verify or process keep-alive probes with data
Cliff Judge (cljudge) [Wed, 22 May 2024 18:29:05 +0000 (18:29 +0000)]
Pull request #4244: appid: Updating file_magic.rules with some new file types added to the VDB.
Merge in SNORT/snort3 from ~CLJUDGE/snort3:snort3_sts_file_types to master
Squashed commit of the following:
commit
827cdb73b832c4788dc43657dde62e661dad3f59
Author: Cliff Judge <cljudge@cisco.com>
Date: Thu Mar 14 11:07:29 2024 -0400
appid: Updating file_magic.rules with some new file types added to the VDB.
Michael Matirko (mmatirko) [Tue, 21 May 2024 15:22:42 +0000 (15:22 +0000)]
Pull request #4328: flow: add the newly-created flow to p->flow to avoid segv
Merge in SNORT/snort3 from ~MMATIRKO/snort3:flowip_segv to master
Squashed commit of the following:
commit
a24e308afb9eaef51ccad16a2a269918fdf607c0
Author: Michael Matirko <mmatirko@cisco.com>
Date: Wed May 8 20:05:48 2024 -0400
flow: add the newly-created flow to p->flow to avoid segv
Pull request #4308: main: apply loaded configuration only once
Merge in SNORT/snort3 from ~YCHALOV/snort3:reload_config_fix to master
Squashed commit of the following:
commit
48cb1070b58345b33c2bdca7c3c20ea38164ad3e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Wed Apr 24 23:17:02 2024 +0200
main: apply loaded configuration only once
Adrian Mamolea (admamole) [Mon, 20 May 2024 08:07:31 +0000 (08:07 +0000)]
Pull request #4286: service_inspectors: fix get_buf handling
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:get_buf_2 to master
Squashed commit of the following:
commit
e243f646716bfa8f66330a2a059983274cc59f82
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Apr 4 08:11:09 2024 -0400
service_inspectors: fix get_buf handling
Priyanka Bangalore Gurudev (prbg) [Fri, 17 May 2024 14:59:20 +0000 (14:59 +0000)]
Pull request #4326: build: generate and tag 3.2.1.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.1.0 to master
Squashed commit of the following:
commit
2ac0a91f635d06bfbc6f29e50a4a7fed1ec63feb
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu May 16 22:54:07 2024 -0400
build: generate and tag 3.2.1.0
Steve Chew (stechew) [Thu, 16 May 2024 17:38:03 +0000 (17:38 +0000)]
Pull request #4323: Os updates
Merge in SNORT/snort3 from ~STECHEW/snort3:os_updates to master
Squashed commit of the following:
commit
982c9d0057a1eaec7f4f484c24b8746981296d5a
Author: Steve Chew <stechew@cisco.com>
Date: Thu May 16 00:51:25 2024 -0400
main: updates for types used by Alpine.
Pull request #4324: Build fixes.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:platform_fixes to master
Squashed commit of the following:
commit
56f5a122452e06f4c19d36c7bdd002603a2c0b53
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 16 14:37:41 2024 +0300
framework: supply directories to system headers to plug_gen.sh
Some GCC verifies actual includes even in '-MM' mode.
commit
d401dacba1752ba0a85ef9c468b1116fc0a761fa
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 15 17:26:57 2024 +0300
memory: fix unit test
Provide a stub for non-regression-test build.
Priyanka Bangalore Gurudev (prbg) [Thu, 9 May 2024 02:50:02 +0000 (02:50 +0000)]
Pull request #4316: build: generate and tag 3.2.0.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.2.0.0 to master
Squashed commit of the following:
commit
b545ff8294b855bdd63a5b14303da3d56f9cb1bc
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed May 8 20:58:45 2024 -0400
build: generate and tag 3.2.0.0
Russ Combs (rucombs) [Wed, 8 May 2024 21:55:15 +0000 (21:55 +0000)]
Pull request #4263: Public enemy 1
Merge in SNORT/snort3 from ~RUCOMBS/snort3:public_enemy_1 to master
Squashed commit of the following:
commit
7f8f2135c33fd2de3495a8edcfd22b5f60de89fd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 8 14:22:49 2024 -0400
build: fix coverity warnings
commit
2c700829076b77e7d2773d102a2a62d4d3b531b1
Author: Russ Combs <rucombs@cisco.com>
Date: Wed May 8 13:42:06 2024 -0400
build: fix bogus cppcheck warnings
commit
eb7b28eea14ea6e8c5152945c6204cc37bad8196
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Apr 12 10:06:47 2024 -0400
framework: bump api version to 20
commit
c9a5baeeb2e3a7954b492179faac32b2696876ab
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Apr 8 13:37:48 2024 -0400
snort: remove deprecated features:
Config:
string binder[].when.zones: deprecated alias for groups
string binder[].when.src_zone: deprecated alias for src_groups
string binder[].when.dst_zone: deprecated alias for dst_groups
enum dce_smb.smb_file_inspection: deprecated (not used): file inspection controlled by smb_file_depth { 'off' | 'on' | 'only' }
int sip.max_requestName_len = 20: deprecated - use max_request_name_len instead { 0:65535 }
Builtins:
129:5 (stream_tcp) bad segment, adjusted size <= 0 (deprecated)
commit
641cad2638d6eb1bd0a57982d1354b829ee08147
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Apr 4 10:11:54 2024 -0400
pig_pen: use Module::usage directly
commit
0a6d7eccebac6e1d0d2b478094f31f296103371e
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Mar 19 10:21:58 2024 -0400
mpse: add modules for pegs and perf profiling; remove _search
commit
818d4709d70430595e73ee6301f35a376f5e8d78
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Mar 14 11:20:49 2024 -0400
framework: improve exported header comments
commit
a53c0249b7047c26328a5bbd14e0bc706df88214
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Mar 11 08:39:57 2024 -0400
plugins: add missing error messages when an so fails to load
commit
1c7fd7e717d06231565cff00a73e4a5937749638
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 6 10:44:29 2024 -0500
flow: move StreamFlowIntf to stream_flow.h
commit
b4f969f4072a45b12acd3a36808746414af707c0
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 6 09:03:10 2024 -0500
framework: generate preprocessor output for validation
commit
14e9886e9018a11a8f98ec95d88c127aed2e6f6e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Mar 4 09:56:53 2024 -0500
doc: add versioning information to the developer guide
commit
f1074aaa9c79b9e1a91616f9e0da533e872c8f2b
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Feb 28 08:46:20 2024 -0500
host_cache: do not install private header
commit
c8d50a4ba02f527efe6ca89e5ad07991c9bd18c9
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Feb 26 09:26:31 2024 -0500
api: refactor base API
commit
1c9fe59accaf77c84ba6a627be66072d02f0d87f
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Feb 15 12:08:06 2024 -0500
inspector: eval override is optional for passive inspectors
commit
48859035f007a5bcdc17b2e9be05da11742338d6
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Feb 13 16:22:08 2024 -0500
plugins: add warning for invalid plugin types
commit
ef2b94f2ba3a46efdd3455359bfeba51a4fcd87f
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Jan 24 04:26:46 2024 -0500
plugins: bump base API and all plugin API version numbers
commit
4636922ef31cdf8544ee5a62bba313f9577bfd19
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Nov 30 09:47:40 2023 -0500
detection: refactor headers
commit
b70ee339aa490d7562bab85418a4e2ab89ec6129
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Dec 12 12:37:39 2023 -0500
ips: tweak check for offload enable
commit
047ec75da346b7d1199ef9122147ad89921468da
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 27 14:56:29 2023 -0500
build: fix LTO ODR issues with anonymous namespaces
commit
eb975151c97018a8ede37115df312aa4ac29d66d
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Nov 13 12:04:34 2023 -0500
inspector: use thread local slot for best perf on Linux
commit
0565783cbf6e2ffd65aeb0934040ec57464ce60a
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Nov 8 14:29:34 2023 -0500
extract: move extract methods to detection/
commit
eaae3dc988df37c0312a218259ccdbb1d86a165d
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Nov 7 11:36:20 2023 -0500
stats: change shutdown Mbits/sec from mebibits to megabits
commit
ade482affc30c629dac43626d21d92b0488cd4dc
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Oct 9 11:12:14 2023 -0400
appid: remove cruft left behind by
f49fbbef
commit
1d36b3fe208ffdee2dd997746f9b6b3c251d3305
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Oct 4 10:00:28 2023 -0400
tag: tweak enable toggle
commit
eebe7edb5f6947b81fc89604c1bf0261a0e070d1
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 26 14:09:23 2023 -0400
packet_tracer: eliminate SO_PUBLIC THREAD_LOCALs
commit
9ffcfdbebae661f6fc2c8c655996a9f37634cc26
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 5 11:43:26 2023 -0400
profiler: eliminate SO_PUBLIC THREAD_LOCALs for _WIN64
This degrades performance so it is done only for Windows where SO_PUBLIC
THREAD_LOCALs are not supported.
commit
eac23069203da078d6deab67e13bad052c8f6731
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 8 09:31:33 2023 -0400
style: remove trailing spaces
commit
2d6882a33443d50c5f66495a1b62bb75bf4b6bb6
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 20 14:45:16 2023 -0400
ssl: support dynamic build of inspector and ips options
commit
e3dcb79941b03815867bd439885850270f754616
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 19 16:16:24 2023 -0400
ips_options: fix dynamic build of some options
commit
6991df8ab3e4c8d0d07b23436fa06695c244ca17
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:50:57 2023 -0400
profiler: move implementation class to profiler_impl.h
commit
c67e74c070809c9eb9571c73637b40b71572ea62
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:50:16 2023 -0400
numa: do not install implementation (private) header
commit
ec030aa7b77ad940ea1056078555dee9499e2098
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 15 12:47:05 2023 -0400
reputation: move private defines out of installed header
commit
e3c5f4653fae5882d333dcbf12b796e3fc6f191c
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 14 09:55:34 2023 -0400
thread: move THREAD_LOCAL definition to snort_types.h
commit
2759519051f3972de590540f75c84b5ac1b5b3de
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 13 10:01:15 2023 -0400
utils: refactor out non-public code
commit
c3145c20f7ea175d046a0f676fa42533f679a469
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 12 14:29:14 2023 -0400
stats: stats.h is for internal use only, do not install
commit
92dbe63fb04b96264cf67feab80bd100370f99a2
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Sep 12 11:47:08 2023 -0400
flow: split ExpectFlow into a separate header
commit
1366ef1571ae0cb9729ec75c3c8b81144f53c4eb
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 11 15:36:59 2023 -0400
src/: relocate packet_tracer, packet_constraints, and file_policy.
commit
7e3263c4db9f1b8dabf3c11014d124eff0a43ae9
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Sep 11 12:44:57 2023 -0400
rna: refactor headers for better encapsulation
commit
39a74682069842d8777720a42be6592d0361aa53
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 8 13:47:01 2023 -0400
file: do not install internal headers
commit
7c532a3410df1a631fa3494360f06b4d3db008bf
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Sep 8 10:50:01 2023 -0400
log: refactor out app implementation stuff into log_errors.h
commit
274d08bb2b2e6a8701d213d089d670345eb5d15f
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Sep 7 15:07:56 2023 -0400
active, host_tracker, profiler, stats, stream: refactor installed headers to exclude implementation like counts and perf stats
commit
52915f8e0fc136fe52ce42570458e523beba36e9
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 6 14:44:07 2023 -0400
detection: refactor detection_util.*
Split detection_util.{h,cc} into detection_buf.h and event_trace.{h,cc}.
commit
76797daae3fcb788c7aa7e2c53a25456916c0522
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Sep 6 11:38:36 2023 -0400
helpers/, utils/: reorganize to meet original intent
helpers/: C++ utility classes
utils/: C-style functions and defines
commit
d648be932b8d4c10cc144c5a597c3c9aab157e96
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 30 11:59:53 2023 -0400
codecs: PacketManager::max_layers is not THREAD_LOCAL
commit
4826653a3bce0fc4043ab0cd4d2e933eae718b06
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Aug 30 11:30:31 2023 -0400
inspectors: remove redundant slot variable
commit
a08cc0edab6893917e3c6d1b2629d5a775ce4086
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Aug 29 15:39:50 2023 -0400
build: eliminate SO_PUBLIC THREAD_LOCALs
commit
4dd23f34df05dfbd40f23016fbd57185079256ed
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 28 13:57:31 2023 -0400
event_filter, suppress: keep antiquated dynamic array support private (use std::vector instead)
commit
8f65203a02be32128af0be21590b7d69b979889e
Author: Russ Combs <rucombs@cisco.com>
Date: Mon Aug 28 12:15:21 2023 -0400
stream: delete obsolete / unused methods
commit
bd5770d0faa26e785180278879105ea05bdee44b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 25 15:07:15 2023 -0400
tcp: move SEQ_* macros to tcp header
commit
511797508566d0d7c5da7c13afbedda531cdd49b
Author: Russ Combs <rucombs@cisco.com>
Date: Fri Aug 25 13:22:13 2023 -0400
style: miscellaneous cleanup
... and 18 more commits
Pull request #4275: SSE: ips content update
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:sse_content_latest to master
Squashed commit of the following:
commit
d5b93ee0683a3bcebd606fc8b3a9bb10b9de5948
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 3 17:05:38 2024 +0300
framework: bump API version
commit
8633039465df577b358687a840f208a29ec15376
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Tue Apr 9 16:19:29 2024 +0300
detection: introduce re-evaluation of ips content in next packet
Maya Dagon (mdagon) [Wed, 8 May 2024 03:39:20 +0000 (03:39 +0000)]
Pull request #4239: Handle gracefully decode error cases
Merge in SNORT/snort3 from ~MDAGON/snort3:defensive to master
Squashed commit of the following:
commit
963134b2cf090fe6bb8811dfdebe5aa590878ffa
Author: maya dagon <mdagon@cisco.com>
Date: Wed May 1 11:00:55 2024 -0400
framework: api version bump
commit
fdbfa6df53a6ad24aa4f25ebcd1a379c7ef320b0
Author: maya dagon <mdagon@cisco.com>
Date: Thu Apr 4 08:35:42 2024 -0400
framework: expand decode flags
commit
7da61b14fdf0114059f7e1a2a9a3a066afdd91b8
Author: PRATEEK MOHAN PRABHU -X (pratepra - XORIANT CORPORATION at Cisco) <pratepra@cisco.com>
Date: Tue Jan 16 16:32:22 2024 +0530
protocols: defensive fix for malformed packets, discard log
Pull request #4201: actions: Add action counters and aggregate them under ips_actions.
Merge in SNORT/snort3 from ~VTRON/snort3:action_counter_logs to master
Squashed commit of the following:
commit
0430f3a6f7250523fdb8029ed1a195a813736de5
Author: Steve Chew <stechew@cisco.com>
Date: Wed Jan 31 13:03:00 2024 -0500
actions: Add action counters and aggregate them under ips_actions.
Priyanka Bangalore Gurudev (prbg) [Wed, 8 May 2024 01:32:13 +0000 (01:32 +0000)]
Pull request #4309: build: generate and tag 3.1.85.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.85.0 to master
Squashed commit of the following:
commit
ab0da173702879f47dacb75432271916a5fb7468
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon May 6 22:52:42 2024 -0400
build: generate and tag 3.1.85.0
Umang Sharma (umasharm) [Wed, 8 May 2024 01:29:42 +0000 (01:29 +0000)]
Pull request #4313: appid : disable appid cpu profiler
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_cpu_profiler_disable to master
Squashed commit of the following:
commit
f523a8fc876ba154d0597274c76a132fd2514192
Author: Umang Sharma <umasharm@cisco.com>
Date: Tue May 7 13:22:20 2024 -0400
appid : disable appid cpu profiler
Juweria Ali Imran (jaliimra) [Mon, 6 May 2024 14:43:25 +0000 (14:43 +0000)]
Pull request #4306: stream_tcp: change drop reason issuer to stream to accommodate asp drop enums
Merge in SNORT/snort3 from ~JALIIMRA/snort3:asp_drop_reason to master
Squashed commit of the following:
commit
aa67776a468a3b60a264c7610cb44a445776609a
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Fri May 3 09:38:05 2024 -0400
stream_tcp: change drop reason issuer to stream to accommodate asp drop enums
Umang Sharma (umasharm) [Fri, 3 May 2024 17:30:45 +0000 (17:30 +0000)]
Pull request #4288: appid : Appid CPU Profiler Table and CLI
Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_cpu_profiling to master
Squashed commit of the following:
commit
9dfca5d8512eb3a899baaa397bab37dae320e004
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Mar 29 15:31:08 2024 -0400
appid : Appid CPU Profiler Table and CLI
Juweria Ali Imran (jaliimra) [Fri, 3 May 2024 00:21:16 +0000 (00:21 +0000)]
Pull request #4305: stream_tcp: add reassembler class for missed_3whs
Merge in SNORT/snort3 from ~JALIIMRA/snort3:asymmetric_option to master
Squashed commit of the following:
commit
2d3af8d9b89b9424974ec9a710e33e9b2d47e87a
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Thu May 2 16:31:16 2024 -0400
stream_tcp: add reassembler class for missed_3whs
Pull request #4297: flow: Connection profiling feature
Merge in SNORT/snort3 from ~OSTEPANO/snort3:connection_profiling to master
Squashed commit of the following:
commit
defdedb08111c9d4358e2a7b8f153d50bf38ad15
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Fri Mar 15 14:51:44 2024 -0400
flow: Connection profiling feature
Juweria Ali Imran (jaliimra) [Tue, 30 Apr 2024 12:45:22 +0000 (12:45 +0000)]
Pull request #4252: stream_tcp: support for asymmetric normalization
Merge in SNORT/snort3 from ~JALIIMRA/snort3:asymmetric_normalization to master
Squashed commit of the following:
commit
4c5c502b823a2f6d832a5fd39ca60bb33189234b
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed Apr 17 21:18:47 2024 +0000
stream_tcp: support for asymmetric normalization
Pull request #4251: stream_tcp: implement an asymmetric flow (one-way traffic) mode for reassembly
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:stream_tcp_asymmetric_traffic to master
Squashed commit of the following:
commit
3a75b500feb3f6546bf2915e71f811764f6be5fe
Author: davis mcpherson <davmcphe@cisco.com>
Date: Tue Mar 19 11:19:22 2024 -0400
stream_tcp: implement an asymmetric flow (one-way traffic) mode for reassembly that purges flushed segments immediately (no waiting for ack that will never come)
Pull request #4299: detection: fix postponed rule evaluation with recall presence
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:sse_last_recall_fix to master
Squashed commit of the following:
commit
620b83fde9df276fe25e9b8968efb01a684ed566
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Apr 29 13:37:04 2024 +0300
detection: fix postponed rule evaluation with recall presence
Proceed to the next rule continuation only after the current one is done.
Pull request #4287: appid: add http url regex patterns
Merge in SNORT/snort3 from ~LCZARNIK/snort3:http_regex to master
Squashed commit of the following:
commit
1eabb9424b2930e9f74a90b473acee322362e8f6
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Mon Apr 15 14:50:37 2024 -0400
appid: add http url regex patterns
Pull request #4293: detection: clear inspector data before removing flow_data
Merge in SNORT/snort3 from ~VHORBATO/snort3:http_assert to master
Squashed commit of the following:
commit
03879b80307fc9c43f31f62cfb94cd88ffbdeb32
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Apr 18 12:36:18 2024 +0300
detection: clear inspector data before flow_data
Pull request #4262: utils: move file specific functions from perfmonitor to utils
Merge in SNORT/snort3 from ~SVLASIUK/snort3:fw_hitcount_stats to master
Squashed commit of the following:
commit
14d0ceb64c2ded61923eeb35be829db4f0e1b906
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Fri Mar 22 13:39:45 2024 +0200
utils: move file specific functions from perfmonitor to utils
Pull request #4277: stream_tcp: Include the overlap offset when calculating index into the data buffer of TcpSegmentNodes for payload rewrites
Merge in SNORT/snort3 from ~DAVMCPHE/snort3:tcp_overlap_offset_patch to master
Squashed commit of the following:
commit
cbd20f0882f754005e7e5c096a65ec7ee7d02bad
Author: davis mcpherson <davmcphe@cisco.com>
Date: Thu Apr 4 22:23:46 2024 -0400
stream_tcp: The offset into the data buffer of TcpSegmentNodes due to overlaps was not being
used with calculating the to/from address for payload rewrites. This patch updates the
overlap rewrite code to properly use this offset.
stream_tcp: track offset into data buffer due to overlaps with state variable on the TCP segment node
use length of data segment of new packet to adjust seglist logical bytes on lastpolicy left overlap
stream_tcp: fix bugs in handling certain OS specific overlay resolutions
fix off by 1 bug with handling payload length for SYN packets with data
Juweria Ali Imran (jaliimra) [Wed, 17 Apr 2024 16:19:49 +0000 (16:19 +0000)]
Pull request #4268: stream_tcp: drop packet with invalid sequence number if NAP policy is inline and fix sequence number comparisons
Merge in SNORT/snort3 from ~JALIIMRA/snort3:invalid_seq_ack to master
Squashed commit of the following:
commit
58ca09ddd93559039948ecc86a6af1ceac868200
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Apr 2 08:49:01 2024 -0400
stream_tcp: drop packet with invalid sequence number if NAP policy is inline and fix sequence number comparisons
Sumit Kumar (sumikum7) [Wed, 17 Apr 2024 07:15:53 +0000 (07:15 +0000)]
Pull request #4274: Porting into 7.7(master) release for CSCwh30257(snort3)
Merge in SNORT/snort3 from ~SUMIKUM7/snort3:77_release to master
Squashed commit of the following:
commit
264970ec565d5ab79d186865b11f59faaed5653c
Author: Sumit Kumar <sumikum7@cisco.com>
Date: Wed Apr 10 12:38:00 2024 +0530
file_api: porting fixes of two crashes in file inspector in master(77 release)
Ron Dempster (rdempste) [Fri, 12 Apr 2024 18:27:27 +0000 (18:27 +0000)]
Pull request #4264: anaylzer, framework: add a data bus method to publish to all network policies and use it for idle
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:idle_event to master
Squashed commit of the following:
commit
bd6b74533e1b6880a21fcdcc70d2464505360d1d
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Fri Mar 29 09:35:52 2024 -0400
anaylzer, framework: add a data bus method to publish to all network policies and use it for idle
Pull request #4280: flow: fix unit test for debian
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:fix_ut_debian to master
Squashed commit of the following:
commit
e1fb3d039f898489414f74b2be59f43e36995b5a
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Thu Apr 11 12:27:06 2024 -0400
flow: fix unit test for debian
Pull request #4273: main: update usage of a deprecated hwloc macro
Merge in SNORT/snort3 from ~ASERBENI/snort3:hwloc_macro_update to master
Squashed commit of the following:
commit
82c0b7a89d3c9fbfcc7d870fe9572df21ae6bb9e
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Tue Apr 9 11:09:37 2024 -0400
main: update usage of a deprecated hwloc macro
Thanks to teicors for reporting the issue!
Priyanka Bangalore Gurudev (prbg) [Tue, 9 Apr 2024 20:42:54 +0000 (20:42 +0000)]
Pull request #4271: build: generate and tag 3.1.84.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.84.0 to master
Squashed commit of the following:
commit
ea6d2d4ce80fe78f27587f110cce3d9aa290dc55
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Mon Apr 8 23:21:03 2024 -0400
build: generate and tag 3.1.84.0
Pull request #4270: packet_capture: include cstdint in a header file
Merge in SNORT/snort3 from ~ASERBENI/snort3:alpine_cstdint to master
Squashed commit of the following:
commit
2a7dfb7b1983eabf06dea5e96c1dd86bc115e60d
Author: Plup <plup@plup.io>
Date: Tue Apr 2 13:55:02 2024 +0200
packet_capture: include cstdint in a header file
This resolves build issues on Alpine 3.19.1.
Thanks to Plup <plup@plup.io> and Hauke Mehrtens <hauke@hauke-m.de> for reporting this!
Pull request #4267: framework: add workaround to support case from double to unsigned
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:fix_parser_on_arm to master
Squashed commit of the following:
commit
3a02dd2f969f3902c8d48885a8a9259614259d10
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Apr 1 17:31:24 2024 +0300
framework: add correct cast from double to unsigned
Standard doesn't not guarantee the conversion of negative double
to unsigned. Meanwhile, cast double to int and int to unsigned
is defined by it.
Pull request #4261: http_inspect: add file_data to buffer list
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:nhi_add_file_data to master
Squashed commit of the following:
commit
4d97b856566e56a3496d3602edf661c6f4ba0c0e
Author: dkyrylov <dkyrylov@cisco.com>
Date: Mon Mar 25 14:31:42 2024 +0200
http_inspect: add file_data to buffer list
Bhumika Sachdeva (bsachdev) [Wed, 27 Mar 2024 13:17:58 +0000 (13:17 +0000)]
Pull request #4257: appid: enhanced appid config parsing
Merge in SNORT/snort3 from ~BSACHDEV/snort3:tp_delimiter_change to master
Squashed commit of the following:
commit
9c063de67b6f2b81d3a2d1d2dfd63b07a8c45e02
Author: bsachdev <bsachdev@cisco.com>
Date: Mon Mar 18 11:10:17 2024 -0400
appid: enhanced appid config parsing
Kumar swamy Nagabhushana (kumhn) [Wed, 27 Mar 2024 07:03:55 +0000 (07:03 +0000)]
Pull request #4256: dce_smb: Fixing an ASAN memory corruption issue
Merge in SNORT/snort3 from ~KUMHN/snort3:smb_asan_crash to master
Squashed commit of the following:
commit
3663fe8d9a6ca005062e195b2c5c3b25d10adbc6
Author: kumhn <kumhn@cisco.com>
Date: Fri Mar 22 17:39:58 2024 +0530
dce_smb: Fixing an ASAN memory corruption issue
Pull request #4253: appid: remove locks from peg counts
Merge in SNORT/snort3 from ~LCZARNIK/snort3:remove_locks to master
Squashed commit of the following:
commit
4d73601f9df627b208115605398b400d8218b1b9
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Thu Mar 21 09:01:14 2024 -0400
appid: remove locks from peg counts
Pull request #4254: appid: separate main thread and packet thread appid_pub_id
Merge in SNORT/snort3 from ~LCZARNIK/snort3:appid_pub_id to master
Squashed commit of the following:
commit
c7e9539db79ad120fdd1c50dd2b1d213378e6aa9
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Fri Mar 22 07:53:34 2024 -0400
appid: separate main thread and packet thread appid_pub_id
Pull request #4260: xhash: fixed typo
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:xhash_typo_fix to master
Squashed commit of the following:
commit
ef656c71459e6f6baeaa91e91a975b38f2f9ad34
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Mon Mar 25 15:55:57 2024 -0400
xhash: fixed typo
projects / thirdparty / snort3.git / log
