]>
git.ipfire.org Git - thirdparty/snort3.git/log
Priyanka Bangalore Gurudev (prbg) [Fri, 14 Jul 2023 19:13:03 +0000 (19:13 +0000)]
Pull request #3914: ftp: remove file_data dependency on file_id
Merge in SNORT/snort3 from ~PRBG/snort3:file_data_for_ftp_traffic to master
Squashed commit of the following:
commit
f10bfb3e8f36f11d6170e85710d97a90b115fe5d
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Jul 12 13:50:40 2023 -0400
ftp: remove file_data dependency on file_id
Juweria Ali Imran (jaliimra) [Fri, 14 Jul 2023 13:12:24 +0000 (13:12 +0000)]
Pull request #3906: stream_tcp: update state appropriately when head of seglist is the right end of a hole
Merge in SNORT/snort3 from ~JALIIMRA/snort3:seglist_hole_infinite_recursion to master
Squashed commit of the following:
commit
d33b0d33a920dfa8331b487a4c666b7f79c10314
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Tue Jun 20 13:02:14 2023 -0400
stream_tcp: validate proper update of stream_tcp state when seglist head follows a hole
Pull request #3902: appid: cache CHP glossary before detectors reload
Merge in SNORT/snort3 from ~OSTEPANO/snort3:chp_heap_fix to master
Squashed commit of the following:
commit
4a19f21de3a022a1b88234f6def378a7a8e0941a
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Jul 6 05:59:00 2023 -0400
appid: cache CHP glossary before detectors reload
Pull request #3905: binder: in case of a service change, remove flags indicating an abort of the direction
Merge in SNORT/snort3 from ~VHORBATO/snort3:http_reasm_crash to master
Squashed commit of the following:
commit
83b52fa0fefd9cdf7d0687ba64804ee519225b6a
Author: vhorbato <vhorbato@cisco.com>
Date: Mon Jul 10 11:37:53 2023 +0300
binder: in case of a service change, remove flags indicating an abort of the direction
Adrian Mamolea (admamole) [Tue, 11 Jul 2023 17:12:41 +0000 (17:12 +0000)]
Pull request #3894: rna: add stats for rna graphs
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:rna_graphs to master
Squashed commit of the following:
commit
92a7848dfd79dfcd809a1501165f7325b42af2d3
Author: Adrian Mamolea <admamole@cisco.com>
Date: Wed Jun 14 08:42:16 2023 -0400
rna: add stats for rna graphs
Pull request #3895: helpers: added additional log in print_backtrace for debugging purpose
Merge in SNORT/snort3 from ~PRATEPRA/snort3:crash_fix to master
Squashed commit of the following:
commit
35814367e25bb035806998c65d27ac8b3e3d1aaf
Author: PRATEEK MOHAN PRABHU -X (pratepra - XORIANT CORPORATION at Cisco) <pratepra@cisco.com>
Date: Wed Jun 28 12:44:25 2023 +0530
helpers: added additional log in print_backtrace for debugging purpose
Pull request #3904: ips_options: add gadget check for vba_data
Merge in SNORT/snort3 from ~ASERBENI/snort3:vba_null_gadget to master
Squashed commit of the following:
commit
c9ec58b0e031465bcd69331fcef82e6dd6f03c5d
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:53:46 2023 +0300
ips_options: update dev_notes about IPS options input values
commit
5f6a0b16d628f524961f56f8ab68b614a39ad390
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:18:38 2023 +0300
ips_options: add unit tests for vba_data
commit
f7e319f06441b476463a2b64e786330c0a24425a
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jul 10 11:17:45 2023 +0300
ips_options: add gadget check for vba_data
Pull request #3859: perf_mon: fix dump_stats collision with perf mon
Merge in SNORT/snort3 from ~AKAYAMBU/snort3:dump_stats_fix to master
Squashed commit of the following:
commit
78bdb137f619179005aebbadf9548e1121f90fce
Author: Arunkumar Kayambu <akayambu@cisco.com>
Date: Tue May 23 10:56:21 2023 -0400
perf_mon: fix dump_stats collision with perf mon
Umang Sharma (umasharm) [Wed, 5 Jul 2023 18:42:52 +0000 (18:42 +0000)]
Pull request #3891: appid: Early detection of ssh and ignoring NAVL detection
Merge in SNORT/snort3 from ~UMASHARM/snort3:ssh to master
Squashed commit of the following:
commit
4e2f347496653738e8aaac683b157664ce24fceb
Author: Umang Sharma <umasharm@cisco.com>
Date: Wed Jun 21 22:14:38 2023 -0400
appid: Early detection of ssh and ignoring NAVL detection
Rishabh Duggal (riduggal) [Wed, 5 Jul 2023 17:11:06 +0000 (17:11 +0000)]
Pull request #3899: flow: changes to support derived classes of parent class Flow
Merge in SNORT/snort3 from ~RIDUGGAL/snort3:rev_cc_support to master
Squashed commit of the following:
commit
01d4ba9884d67f63542a306bc439731142e893fc
Author: riduggal <riduggal@cisco.com>
Date: Tue Jun 20 10:23:20 2023 +0000
flow: changes to support derived classes of parent class Flow
Pull request #3879: appid: fix for opportunistic tls detected as ssl
Merge in SNORT/snort3 from ~LCZARNIK/snort3:appid_imaps to master
Squashed commit of the following:
commit
50fc3462f4f62ad0039e21ff8a103dc80fd65311
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Wed Jun 7 10:53:33 2023 -0400
appid: fix for opportunistic tls detected as ssl
Priyanka Bangalore Gurudev (prbg) [Mon, 3 Jul 2023 12:15:41 +0000 (12:15 +0000)]
Pull request #3897: build: generate and tag 3.1.65.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.65.0 to master
Squashed commit of the following:
commit
e02dc4aaeb2673eb4aca6cc08f978cddb3569f2f
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 29 22:32:25 2023 -0400
build: generate and tag 3.1.65.0
Russ Combs (rucombs) [Thu, 29 Jun 2023 16:27:21 +0000 (16:27 +0000)]
Pull request #3893: regex: clear flags reused by module to construct ips option
Merge in SNORT/snort3 from ~RUCOMBS/snort3:regex_fix to master
Squashed commit of the following:
commit
d1e67464a0945bfaee8f0910cbef4142ff569337
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Jun 22 11:53:25 2023 -0400
regex: clear flags reused by module to construct ips option
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 28 Jun 2023 16:46:23 +0000 (16:46 +0000)]
Pull request #3890: appid: do not use global pointers to service and client detectors for packet processing during reload detectors
Merge in SNORT/snort3 from ~SATHIRKA/snort3:tsan_client_det to master
Squashed commit of the following:
commit
f31c08920afb3e6411a4bce428fa22acc6213423
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed May 10 09:11:40 2023 -0400
appid: do not use global pointers to service and client detectors for packet processing during reload detectors
Pull request #3887: Ips content update
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:ips_content_update to master
Squashed commit of the following:
commit
ce14dda2618aefbab0882a3d7f24523d39d945f9
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 19:12:42 2023 +0300
ips_content: clean-up of function
commit
1614f3d02ef0be1419426a27371fc019adc65042
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 19:00:49 2023 +0300
detection: update condition since the negated stuff can be matched in such cases
commit
bcb15b46360c11748873d33166736662906296f2
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:42:47 2023 +0300
ips_content: make the negated content be opposite to normal content
commit
752e235afd42ad16ba7a38e69b0cad22cc57b2a1
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:35:38 2023 +0300
ips_content: add flag for non-default value of depth
Previously, if the sum of "within", "distance", "current_pos" is zero,
the "within" was counted incorrectly and whole buffer would be searched.
Reference: tests/src/ips_options/content/positive_cases, sid:57
commit
e430068947d1e20544b3938155439143f66ff9e5
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Mon Jun 19 17:29:09 2023 +0300
ips_content: update condition checks
1. Move out of buffer end check to earlier stage in order to avoid repeated checks
2. Move the negative pos check to "retry" section since relates only to "retry" stuff
3. Make the check about pattern length and depth more clear
Pull request #3885: profiler: change date output format in rule profiler from microseconds to seconds
Merge in SNORT/snort3 from ~VHORBATO/snort3:rule_prof_date to master
Squashed commit of the following:
commit
cbcd8133dd4f0d2d61460719414507319fa82c5d
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Jun 16 18:55:11 2023 +0300
profiler: fix date related problems in rule_profiling json output
Steve Chew (stechew) [Wed, 21 Jun 2023 16:00:48 +0000 (16:00 +0000)]
Pull request #3874: file_api: Avoid file cache lookup after creating new file cache entry.
Merge in SNORT/snort3 from ~STECHEW/snort3:file_cache_optimization to master
Squashed commit of the following:
commit
6c08c968d9d0b2de85ffc928916c6c033e7654df
Author: Steve Chew <stechew@cisco.com>
Date: Fri Jun 9 14:40:27 2023 -0400
file_api: Avoid file cache lookup after creating new file cache entry.
Pull request #3848: appid: add support for cip multiple service packet
Merge in SNORT/snort3 from ~SUBALU/snort3:msp to master
Squashed commit of the following:
commit
413d157d7b743f18d98d42f0ca41c58735a31563
Author: suriya <subalu@cisco.com>
Date: Mon May 15 16:55:40 2023 +0530
appid: add support for cip multiple service packet
Pull request #3872: libasan: fix out-of-bounds issues
Merge in SNORT/snort3 from ~ANOROKH/snort3:asan_invest to master
Squashed commit of the following:
commit
10d928de831b99b2fc6063cf5dc640dc83c4f5b6
Author: Anna Norokh <anorokh@cisco.com>
Date: Mon May 29 11:31:43 2023 +0300
analyzer: poison memory segment after msg->data
This will work only for regtests, memory will be poisoned for 16 bytes
to provide libasan possibility to sanitize memory that was allocated in DAQ.
commit
11e64eabf0d8fe3845f8cc3e85d040537ddf9103
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 22:31:03 2023 +0300
log: fix out-of-bounds read access
The source structure is over the packet raw data.
The structure declares an array of maximum possible size.
The default assign/copy operator may go out of bounds if underlying raw data is shorter.
commit
dc558bab687ffc779af2ca285240aa34ceb8c2a2
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 15:39:19 2023 +0300
codecs: fix tcp options parsing
commit
bda86b5636c95909ed151c013adc481edde815f8
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 14:51:25 2023 +0300
codecs: fix ipv6_mobility parsing
Check data availability before accessing the structure.
commit
d3d9b96e273c130e53637246d07ae367912719ff
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 14:39:33 2023 +0300
appid: fix FTP parsing
Prevent offset going beyond the buffer.
commit
6bbb52ff4333c6f0222d6fb05e6ac736d93b5a86
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 13:12:55 2023 +0300
rna: fix icmpv6 decoding
IPv6 payload length may include extenstion headers,
which should be accounted when looking for the end of ICMPv6.
commit
91f70f976963b9229259f11fabd561fcf5c5c269
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 24 09:22:29 2023 +0300
netflow: fix raw data conversion
Netflow dedicates 4 bytes for a time record.
Field size is better to be compared to the type size directly rather than
to an external variable size.
commit
761afb8d664b7314c4225a3699f1b0bfe95bde3f
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri May 19 15:58:56 2023 +0300
utils: fix out-of-bound access
Before the change the function accepted a limit for the destination buffer,
which may cause out-of-bounds reading from the source buffer.
commit
e936d5b47d672e7ac7f6c03afdd55af0d34e04a7
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu May 4 13:54:05 2023 +0300
appid: check size boundaries before header validation
commit
3708040ec8e130a365cff68b25fb2776db3ae98c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Wed May 3 14:56:40 2023 +0300
protocols: remove of unnecessary old_opt check
Raza Shafiq (rshafiq) [Wed, 21 Jun 2023 01:42:26 +0000 (01:42 +0000)]
Pull request #3883: NUMA memory policy
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:numa_memory_policy to master
Squashed commit of the following:
commit
9078d21f8c3e62519dadb794bd72abcf502b033b
Author: rshafiq <rshafiq@cisco.com>
Date: Wed Jun 7 15:18:57 2023 -0400
thread_config: added thread level mempolicy
Brandon Stultz (brastult) [Tue, 20 Jun 2023 07:39:16 +0000 (07:39 +0000)]
Pull request #3869: icmp6: allow rules to match packet data after header
Merge in SNORT/snort3 from ~BRASTULT/snort3:icmp6_codec_fix to master
Squashed commit of the following:
commit
3e505237c534272ed501fac591e8eb53c2224727
Author: Brandon Stultz <brastult@cisco.com>
Date: Tue May 9 17:07:24 2023 -0400
icmp6: allow rules to match packet data after header
Brandon Stultz (brastult) [Sat, 17 Jun 2023 15:40:14 +0000 (15:40 +0000)]
Pull request #3861: parser: base service_only on services not cursor type
Merge in SNORT/snort3 from ~BRASTULT/snort3:pkt_data_b64_fix to master
Squashed commit of the following:
commit
4c0959d1ce906b582268c2c639bf3788d40ff04f
Author: Brandon Stultz <brastult@cisco.com>
Date: Fri May 19 12:51:15 2023 -0400
parser: base service_only on services not cursor type
Priyanka Bangalore Gurudev (prbg) [Fri, 16 Jun 2023 23:08:24 +0000 (23:08 +0000)]
Pull request #3880: build: generate and tag 3.1.64.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.64.0 to master
Squashed commit of the following:
commit
950ce7b6f66736e4cd1ff7d8d89be3b373cba6aa
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 15 21:33:29 2023 -0400
build: generate and tag 3.1.64.0
Steve Chew (stechew) [Fri, 16 Jun 2023 03:10:27 +0000 (03:10 +0000)]
Pull request #3875: main: Update OopsHandler to get private data length to print private data during crash.
Merge in SNORT/snort3 from ~STECHEW/snort3:daq_privptr_len_ioctl to master
Squashed commit of the following:
commit
46ce6c984ace2f8f753ac1f781da4469de259396
Author: Steve Chew <stechew@cisco.com>
Date: Sun Jun 11 23:56:06 2023 -0400
main: Update OopsHandler to get private data length to print private data during crash.
Shanmugam S (shanms) [Wed, 14 Jun 2023 03:51:43 +0000 (03:51 +0000)]
Pull request #3876: http_inspect: remove stream interface abstraction for http/1.1 flows
Merge in SNORT/snort3 from ~ABHPAL/snort3:h3 to master
Squashed commit of the following:
commit
853630ce0e2a0ade2bf425d3382c98a5458a283c
Author: Abhijit Pal(abhpal) <abhpal@cisco.com>
Date: Mon Jun 12 18:05:42 2023 +0530
http_inspect: remove stream interface abstraction for http/1.1 flows
Steven Baigal (sbaigal) [Fri, 9 Jun 2023 15:05:48 +0000 (15:05 +0000)]
Pull request #3867: stream ip: Fix session counters in timeout and cleanup cases
Merge in SNORT/snort3 from ~CHSHERWI/snort3:ip_counters2 to master
Squashed commit of the following:
commit
744d42e3c0424f5b49f76ce9b7e30a136fd1f1ed
Author: Chris Sherwin <chsherwi@cisco.com>
Date: Mon Jun 5 10:54:04 2023 -0400
stream ip: Fix session counters in timeout and cleanup cases
Ron Dempster (rdempste) [Wed, 7 Jun 2023 20:00:47 +0000 (20:00 +0000)]
Pull request #3868: appid: always publish a change message after do not decrypt
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:cert_viz_3 to master
Squashed commit of the following:
commit
bac5cc09c3745ee518d865d3767f73c129ac9a18
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed May 31 12:39:00 2023 -0400
appid: always publish a change message after do not decrypt
Steve Chew (stechew) [Wed, 7 Jun 2023 04:33:44 +0000 (04:33 +0000)]
Pull request #3870: detection: Handle case when no rule tree node is found for a policy ID.
Merge in SNORT/snort3 from ~STECHEW/snort3:detection_fix to master
Squashed commit of the following:
commit
fcfd02235de65ead825b0892946c8f960104e4d6
Author: Steve Chew <stechew@cisco.com>
Date: Tue Jun 6 23:20:28 2023 -0400
detection: Handle case when no rule tree node is found for a policy ID.
Steve Chew (stechew) [Sun, 4 Jun 2023 16:19:50 +0000 (16:19 +0000)]
Pull request #3855: flow: introduced granular counters for idle_prunes
Merge in SNORT/snort3 from ~RCONJEEV/snort3:rconjeev_us824999 to master
Squashed commit of the following:
commit
e0b6f73b0314f204e536403604d48c93355cc0d7
Author: RAGHURAAM CONJEEVARAM UDAYANAN -X (rconjeev - XORIANT CORPORATION at Cisco) <rconjeev@cisco.com>
Date: Fri May 19 15:26:27 2023 +0530
flow: introduced granular counters for idle_prunes
Priyanka Bangalore Gurudev (prbg) [Fri, 2 Jun 2023 19:53:06 +0000 (19:53 +0000)]
Pull request #3866: build: generate and tag 3.1.63.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.63.0 to master
Squashed commit of the following:
commit
a13e97e42f217a66596af5add0744ef034e37d74
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Jun 1 16:10:04 2023 -0400
build: generate and tag 3.1.63.0
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 31 May 2023 17:40:18 +0000 (17:40 +0000)]
Pull request #3810: appid: Changes logic in ssl pattern matching
Merge in SNORT/snort3 from ~LCZARNIK/snort3:wildcard to master
Squashed commit of the following:
commit
6231d29de020c2bcd883429293b9c5fb28775efb
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Mon Apr 17 09:50:20 2023 -0400
appid: Changes logic in ssl pattern matching
Steven Baigal (sbaigal) [Wed, 31 May 2023 14:02:06 +0000 (14:02 +0000)]
Pull request #3862: stream_tcp: account for data from zero window probes
Merge in SNORT/snort3 from ~JALIIMRA/snort3:zero_window_block_master to master
Squashed commit of the following:
commit
494f3504d6db1dae1979aba9032e8f890465c544
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date: Wed May 17 08:51:34 2023 -0400
stream_tcp: account for data from zero window probes
Ron Dempster (rdempste) [Wed, 31 May 2023 13:11:54 +0000 (13:11 +0000)]
Pull request #3864: perf_monitor: fix data bus subscription
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:sse_identity to master
Squashed commit of the following:
commit
1e2e532752bce48867954eeb6ad6a24711f5f910
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue May 30 21:46:37 2023 -0400
perf_monitor: fix data bus subscription
Pull request #3854: Handle return code from daq
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:return_error_daq_handling to master
Squashed commit of the following:
commit
48dbb1120a85078f6eaefbf4ee824d08f684d619
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Wed May 17 15:32:47 2023 +0300
main: add Pig destructor to free dynamic memory
commit
07073ca724c9f6dea8d7d352b3503b157b530c25
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Fri May 5 16:00:32 2023 +0300
main: handling the return code in case of error in creation of daq instance
Steve Chew (stechew) [Thu, 25 May 2023 22:53:12 +0000 (22:53 +0000)]
Pull request #3857: main: Allow network IDs to use up to 32 bits.
Merge in SNORT/snort3 from ~STECHEW/snort3:network_id_update to master
Squashed commit of the following:
commit
f349d2e213663779010377679bf07b9062d89f0a
Author: Steve Chew <stechew@cisco.com>
Date: Fri May 19 18:00:48 2023 -0400
main: Allow network IDs to use up to 32 bits.
Ron Dempster (rdempste) [Wed, 24 May 2023 13:13:18 +0000 (13:13 +0000)]
Pull request #3853: loggers: reuse sensor_id u2 event field for tenant_id value
Merge in SNORT/snort3 from ~SVLASIUK/snort3:events_tenant_id to master
Squashed commit of the following:
commit
967bb1f63af20b3c219a1a190b9b5fbbb995e36f
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu May 11 18:37:03 2023 +0300
loggers: reuse sensor_id u2 event field for tenant_id value
Steven Baigal (sbaigal) [Tue, 23 May 2023 15:23:59 +0000 (15:23 +0000)]
Pull request #3852: http_inspect: rebuild start line
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:fix_pkt_event to master
Squashed commit of the following:
commit
b0461bdcef28d7c669ef1bd38ce11bd5d706f2db
Author: Adrian Mamolea <admamole@cisco.com>
Date: Fri May 5 09:17:25 2023 -0400
http_inspect: rebuild start line
Priyanka Bangalore Gurudev (prbg) [Mon, 22 May 2023 01:30:00 +0000 (01:30 +0000)]
Pull request #3858: build: generate and tag 3.1.62.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.62.0 to master
Squashed commit of the following:
commit
67e8ebf226049ffa7e08ec6f6a74b121794120cd
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Sun May 21 12:12:26 2023 -0400
build: generate and tag 3.1.62.0
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 18 May 2023 15:16:52 +0000 (15:16 +0000)]
Pull request #3844: appid: Added fallback check for encrypted appid before port check in SSL inspection flow
Merge in SNORT/snort3 from ~OSTEPANO/snort3:ssl_fallback_to_encrypted_appid to master
Squashed commit of the following:
commit
32a0e9b13a63fe5ccf2c9b74ca1e264b846b4f6b
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Wed May 10 08:59:16 2023 -0400
appid: Added logic to check for encrypted appid before assigning SSL service based on port
Ron Dempster (rdempste) [Wed, 17 May 2023 20:54:44 +0000 (20:54 +0000)]
Pull request #3804: flow: do not recycle flow cache entries
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:free_flow to master
Squashed commit of the following:
commit
36cc202818b9d2d7eefd918943ee2c2739d2a414
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Apr 25 09:49:46 2023 -0400
decompress, detetion, file_api, framework: cppcheck fixes
commit
281da6ad7f3ad3b8aecfb363fd0895132ff6e301
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Tue Apr 25 09:51:25 2023 -0400
flow: clean up flow termination
commit
dc4f6ee866c7aefab7964eb4e5682c9af9d5d2db
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Mon Apr 10 10:12:23 2023 -0400
flow: do not recycle flow cache entries
Pull request #3843: profiler: add json formatter
Merge in SNORT/snort3 from ~ANOROKH/snort3:add_json_formatter to master
Squashed commit of the following:
commit
94832c6e4e72b9a95e644288b349eacf0560f056
Author: Anna Norokh <anorokh@cisco.com>
Date: Wed May 3 16:55:55 2023 +0300
profiler: add json formatter
* separated table output;
* added json formatter;
* added output argument to rule_dump() command;
* added function to put termination to json output in json_stream class;
Shanmugam S (shanms) [Tue, 16 May 2023 06:31:14 +0000 (06:31 +0000)]
Pull request #3823: main: Disable watchdog when Snort 3 process exits gracefully
Merge in SNORT/snort3 from ~AMUTTUVA/snort3:watchdog_quit_master to master
Squashed commit of the following:
commit
05fbd9ecb7a8225b8c573e90954ed0c343abed91
Author: Akhilesh MY <amuttuva@cisco.com>
Date: Tue Apr 25 02:03:45 2023 -0400
main: Disable watchdog when Snort 3 process exits gracefully
Steven Baigal (sbaigal) [Fri, 12 May 2023 15:19:10 +0000 (15:19 +0000)]
Pull request #3814: Forward-port: (master) add extra jemalloc stats
Merge in SNORT/snort3 from ~MMATIRKO/snort3:mem_counts_master to master
Squashed commit of the following:
commit
9a5d8dabaf88dadbe29cd01b54602b5631b1a9bd
Author: Russ Combs <rucombs@cisco.com>
Date: Wed Mar 15 14:22:22 2023 -0400
memory: add extra jemalloc counts for tracking
commit
1c078c5fa8c4fd0a99469677269d92f7b7837891
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Mar 14 22:24:37 2023 -0400
memory: use jemalloc stats.mapped for process total
Pull request #3838: Snort2lua reference upd
Merge in SNORT/snort3 from ~YVELYKOZ/snort3:snort2lua_reference_upd to master
Squashed commit of the following:
commit
8db269261c14e17be57daa913a5924154541e6c6
Author: Yehor Velykozhon <yvelykoz@cisco.com>
Date: Thu May 4 16:06:25 2023 +0300
snort2lua: remove 'reference' option during conversion
Steve Chew (stechew) [Wed, 10 May 2023 15:42:34 +0000 (15:42 +0000)]
Pull request #3841: Add check for missing Geneve layer in get_geneve_options
Merge in SNORT/snort3 from ~STECHEW/snort3:fix_get_geneve_option to master
Squashed commit of the following:
commit
26ce9e4993fb40e1487e5eb5c466ec61099fd536
Author: Steve Chew <stechew@cisco.com>
Date: Wed May 10 08:33:57 2023 -0400
sfip/test: Fix a miscalculation of the number of codes entries.
commit
2bd6ed3dcc1e64a44fbdad95094d677f9cb00794
Author: Steve Chew <stechew@cisco.com>
Date: Wed May 10 08:31:54 2023 -0400
protocols: Add check for missing Geneve layer in get_geneve_options.
Ron Dempster (rdempste) [Wed, 10 May 2023 14:15:40 +0000 (14:15 +0000)]
Pull request #3835: main, managers: set the network policy using the user id during inspector delete
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:np_during_free to master
Squashed commit of the following:
commit
aa69ac344a8eecf332d56c11d81a3dd97e11e5eb
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Apr 27 18:12:49 2023 -0400
main, managers: set the network policy using the user id during inspector delete
Ron Dempster (rdempste) [Tue, 9 May 2023 11:52:21 +0000 (11:52 +0000)]
Pull request #3836: protocols,codecs: Decode Geneve variable length options.
Merge in SNORT/snort3 from ~STECHEW/snort3:geneve_update to master
Squashed commit of the following:
commit
6cff0abdd48f869abb22d09f80f4846d88ba7673
Author: Steve Chew <stechew@cisco.com>
Date: Tue May 2 08:55:38 2023 -0400
protocols,codecs: Decode Geneve variable length options.
Ron Dempster (rdempste) [Mon, 8 May 2023 13:02:27 +0000 (13:02 +0000)]
Pull request #3834: http_inspect: add support for file transfer using Partial Content
Merge in SNORT/snort3 from ~VHORBATO/snort3:http_206 to master
Squashed commit of the following:
commit
ff945654ffbf658b4c97b051819911db6d3f5fbf
Author: vhorbato <vhorbato@cisco.com>
Date: Thu Apr 27 14:20:03 2023 +0300
http_inspect: add support for file transfer using Partial Content
Priyanka Bangalore Gurudev (prbg) [Sat, 6 May 2023 19:16:24 +0000 (19:16 +0000)]
Pull request #3837: build: generate and tag 3.1.61.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.61.0 to master
Squashed commit of the following:
commit
9f172e7f667828e6ddce5ccd9b26e802a3db4ce6
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu May 4 22:36:42 2023 -0400
build: generate and tag 3.1.61.0
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 4 May 2023 16:11:21 +0000 (16:11 +0000)]
Pull request #3796: appid: Ensure that TP SSL reinspection is not overwriting SMTPS service
Merge in SNORT/snort3 from ~OSTEPANO/snort3:smtps_tp to master
Squashed commit of the following:
commit
f0eb3ab338d9dc0151dcd2a90cad298196c08bd0
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Tue Apr 4 07:24:54 2023 -0400
appid: Ensure that TP SSL detection is not overwrite SMTPS service and client in a starttls session
Sreeja Athirkandathil Narayanan (sathirka) [Fri, 28 Apr 2023 19:17:03 +0000 (19:17 +0000)]
Pull request #3831: appid: validate data size of SSL certificate record before parsing
Merge in SNORT/snort3 from ~SATHIRKA/snort3:ssl_validate_crash to master
Squashed commit of the following:
commit
73c6ffdcf155f88b01b7ac8e7070aacc7aa9319c
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Apr 27 13:15:13 2023 -0400
appid: validate data size of SSL certificate record before parsing
Sreeja Athirkandathil Narayanan (sathirka) [Fri, 28 Apr 2023 17:55:50 +0000 (17:55 +0000)]
Pull request #3803: appid: AppIdPegCounters thread fixes
Merge in SNORT/snort3 from ~OSTEPANO/snort3:appid_pegs_data_ref to master
Squashed commit of the following:
commit
49fedbbdbfb3e6e06a131f51aefec1603a1b3d83
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Apr 7 12:02:51 2023 -0400
appid: AppIdPegCounters thread data handling refactored to prevent data races
Steven Baigal (sbaigal) [Fri, 28 Apr 2023 17:38:41 +0000 (17:38 +0000)]
Pull request #3825: tcp_reassembler: Fix missing VLAN ids in TCP pseudopkts
Merge in SNORT/snort3 from ~CHSHERWI/snort3:vlan_fix2 to master
Squashed commit of the following:
commit
d89e24f57bca7d1f9af03858b5c7069d84039fce
Author: Chris Sherwin <chsherwi@cisco.com>
Date: Thu Apr 27 15:15:15 2023 -0400
stream tcp: Populate TCP pseudopackets with VLAN ids in TCP reassembler to avoid
issues with secondary flow creation / expected flow cache
Pull request #3832: CMake: update sed
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:js_norm_cmake_sed to master
Squashed commit of the following:
commit
c4bd8e8b2c39d96c367bfb6c6e1340c686add726
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Apr 28 12:23:30 2023 +0300
cmake: update sed call
Use '|' rather than '+' for sed separator.
A target name can contain any symbol, for example '+' on OpenWrt.
Picking '|' as a more common substitution for '/'.
Thanks to graysky for reporting the issue.
Pull request #3830: Force initalization of thread local variables.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:fix_nullptr_memman to master
Squashed commit of the following:
commit
09db004f568e7d14f81aad4d30533e3f758e6b0c
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Mon Apr 24 14:24:37 2023 +0300
memory: provide a default value for pointers if the module has not been initialized
Steve Chew (stechew) [Thu, 27 Apr 2023 17:34:25 +0000 (17:34 +0000)]
Pull request #3811: main: reset the global s_network_policy pointer at main thread as part of snort cleanup flow
Merge in SNORT/snort3 from ~SVLASIUK/snort3:firewall_hitcount to master
Squashed commit of the following:
commit
f6930a067cc2252a15efb9eea16692b7ade6295e
Author: Serhii Vlasiuk <svlasiuk@cisco.com>
Date: Thu Apr 13 20:02:46 2023 +0300
managers: check main SnortConfig pointer in InspectorManager::get_inspector() to avoid memory bad access calls
Ron Dempster (rdempste) [Thu, 27 Apr 2023 14:08:35 +0000 (14:08 +0000)]
Pull request #3826: Reap fix master
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:reap_fix_master to master
Squashed commit of the following:
commit
fcaaf4316971b0f38e170e3d92a98571c184e25a
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Thu Apr 20 14:49:11 2023 -0400
flow, hash, stream: add a free list node count that is output as a peg count
commit
47a20ab19a85ac3a33787c5ab53a30d15c1208d9
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Apr 19 13:05:52 2023 -0400
memory: fix memory pruning race condition and bail on reap failure
Pull request #3815: profiler: add shell commands
Merge in SNORT/snort3 from ~ASERBENI/snort3:profiler_shell_commands to master
Squashed commit of the following:
commit
7c951114e3b54775c8f30e889f050f431e170842
Author: Anna Norokh <anorokh@cisco.com>
Date: Tue Apr 11 13:16:59 2023 +0300
snort: add show_config_generation() command
commit
a12cf4ae89d500160412504e2c1c4a7aea38c665
Author: Anna Norokh <anorokh@cisco.com>
Date: Tue Apr 11 13:15:46 2023 +0300
profiler: add shell commands
commit
3d388c55ff0a35776413b41386e5db5b0378545f
Author: vhorbato <vhorbato@cisco.com>
Date: Wed Feb 15 12:45:52 2023 +0200
profiler: move profiler module to separate files
Steven Baigal (sbaigal) [Wed, 26 Apr 2023 14:56:07 +0000 (14:56 +0000)]
Pull request #3822: Pull request #592: flow: Defensive fix to prevent crash if flow->prev is nullptr.
Merge in SNORT/snort3 from ~SBAIGAL/snort3:unideffixmaster to master
Squashed commit of the following:
commit
d993b3cb09234ca2333fbf370ddbc0f168e5bfc7
Author: Steven Baigal (sbaigal) <sbaigal@cisco.com>
Date: Tue Apr 18 22:47:33 2023 +0000
Pull request #592: flow: Defensive fix to prevent crash if flow->prev is nullptr.
Merge in FIREPOWER/snort3 from ~STECHEW/snort3:uni_defensive_fix to release/7.4.0
* commit '
8e476581a05fb61df0138ce30d6a9ebc9d053447 ':
flow: Defensive fix to prevent crash if flow->prev is nullptr.
Pull request #3820: build: remove unused header
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:build_malloc_header to master
Squashed commit of the following:
commit
79b926addf2f5e5dabf1700eaae12da0f0099016
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Thu Apr 20 16:34:25 2023 +0300
build: remove unused header
Thanks to Rui Chen for reporting the issue.
Priyanka Bangalore Gurudev (prbg) [Fri, 21 Apr 2023 14:26:54 +0000 (14:26 +0000)]
Pull request #3819: build: generate and tag 3.1.60.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.60.0 to master
Squashed commit of the following:
commit
67777edd17ca59c103144cc572ab9b5165d3ec65
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Apr 20 15:40:28 2023 -0400
build: generate and tag 3.1.60.0
Sreeja Athirkandathil Narayanan (sathirka) [Tue, 18 Apr 2023 19:31:48 +0000 (19:31 +0000)]
Pull request #3807: appid: Making free_servicematch_list thread local
Merge in SNORT/snort3 from ~OSTEPANO/snort3:csd_pattern_search_crash to master
Squashed commit of the following:
commit
d8dc69deffebdb3205b7a11a9e0d35a72223228c
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Fri Apr 14 09:54:00 2023 -0400
appid: Making free_servicematch_list thread local
Brian Morris (bmorris2) [Fri, 14 Apr 2023 16:00:26 +0000 (16:00 +0000)]
Pull request #3809: src: fix broken unit test/tweak define related to previous operator bool fixes
Merge in SNORT/snort3 from ~BMORRIS2/snort3:cppcheck_operator to master
Squashed commit of the following:
commit
255884ac3dd41076a21b901a286fc1de9437abbd
Author: Brian Morris <bmorris2@cisco.com>
Date: Fri Apr 14 14:52:20 2023 +0000
src: fix broken unit test/tweak define related to previous operator bool fixes
Brian Morris (bmorris2) [Thu, 13 Apr 2023 15:34:52 +0000 (15:34 +0000)]
Pull request #3805: src: change a few operator bool functions to named functions
Merge in SNORT/snort3 from ~BMORRIS2/snort3:cppcheck_operator to master
Squashed commit of the following:
commit
cf6f1f58a76a597302628847200369d912d890db
Author: Brian Morris <bmorris2@cisco.com>
Date: Wed Apr 12 15:52:18 2023 +0000
src: change a few operator bool functions to named functions
Sreeja Athirkandathil Narayanan (sathirka) [Wed, 12 Apr 2023 17:46:20 +0000 (17:46 +0000)]
Pull request #3775: appid: Adds logs for memory and pattern count
Merge in SNORT/snort3 from ~LCZARNIK/snort3:appid_logs to master
Squashed commit of the following:
commit
b3115951ae0ed617ae5acb715e351c8789f8fba7
Author: Lukasz Czarnik <lczarnik@cisco.com>
Date: Fri Mar 3 10:16:27 2023 -0500
appid: log maxrss difference and pattern count during appid initialization and reload detectors
Ron Dempster (rdempste) [Mon, 10 Apr 2023 19:55:34 +0000 (19:55 +0000)]
Pull request #3801: appid: make ssl app group id lookup set payload and client
Merge in SNORT/snort3 from ~RDEMPSTE/snort3:cert_viz_take_2 to master
Squashed commit of the following:
commit
a36b1fbaeb2485a2d9e20354af8062fca368e988
Author: Ron Dempster (rdempste) <rdempste@cisco.com>
Date: Wed Apr 5 17:01:39 2023 -0400
appid: make ssl app group id lookup set payload and client
Sreeja Athirkandathil Narayanan (sathirka) [Mon, 10 Apr 2023 16:03:02 +0000 (16:03 +0000)]
Pull request #3782: appid: Fixed TSAN warnings
Merge in SNORT/snort3 from ~BSACHDEV/snort3:tsan_warnings_part1 to master
Squashed commit of the following:
commit
b2934642d9bf0fcf7d53f6fc80c4540e7a63736c
Author: bsachdev <bsachdev@cisco.com>
Date: Wed Mar 8 09:03:53 2023 -0500
appid: Fixed TSAN warnings
Priyanka Bangalore Gurudev (prbg) [Fri, 7 Apr 2023 13:56:22 +0000 (13:56 +0000)]
Pull request #3802: build: generate and tag 3.1.59.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.59.0 to master
Squashed commit of the following:
commit
c6153096f840bc6a00588b108b1f5aeb0260bc2a
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Apr 6 17:21:16 2023 -0400
build: generate and tag 3.1.59.0
Steven Baigal (sbaigal) [Wed, 5 Apr 2023 18:28:42 +0000 (18:28 +0000)]
Pull request #3799: http2_inspect: Snort3 crash due to HTTP2 Stream Re-transmission.
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:http2_reload_fix to master
Squashed commit of the following:
commit
eec6509dbafa0d13ddb4bd6fd854ccdd806a1172
Author: rshafiq <rshafiq@cisco.com>
Date: Tue Apr 4 14:37:13 2023 -0400
http2_inspect: make flow data reload safe
Steven Baigal (sbaigal) [Tue, 4 Apr 2023 21:16:56 +0000 (21:16 +0000)]
Pull request #3798: thread_config: add preemptive watchdog kick for flow deletion
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:wdt_flow_deletes to master
Squashed commit of the following:
commit
da7e7eeddf30ca011d46949ec76df28480ec331d
Author: Adrian Mamolea <admamole@cisco.com>
Date: Tue Apr 4 15:35:17 2023 -0400
thread_config: add preemptive watchdog kick for flow deletion
Steven Baigal (sbaigal) [Tue, 4 Apr 2023 19:18:02 +0000 (19:18 +0000)]
Pull request #3797: Revert "Pull request #3790: thread_config: remove message use in wdt"
Merge in SNORT/snort3 from ~SBAIGAL/snort3:revert_wgt1 to master
Squashed commit of the following:
commit
89cecd40161799c1c0afbaf83698cd77af32c172
Author: Steven Baigal <sbaigal@cisco.com>
Date: Tue Apr 4 14:55:20 2023 -0400
Revert "Pull request #3790: thread_config: remove message use in wdt"
This reverts commit
824a06ebdc56f88ec8dfe9c96f31a712e053e00e .
Steven Baigal (sbaigal) [Tue, 4 Apr 2023 18:21:32 +0000 (18:21 +0000)]
Pull request #3790: thread_config: remove message use in wdt
Merge in SNORT/snort3 from ~ADMAMOLE/snort3:wdt_atomic to master
Squashed commit of the following:
commit
d963d3fa286084fd2e537c6698ebdbfc0806dc81
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Mar 30 12:46:15 2023 -0400
watchdog: address comments from Steven
commit
85f9cbf5a6b99f0812ae20a4d004d41b4f02a74a
Author: Adrian Mamolea <admamole@cisco.com>
Date: Thu Mar 23 09:24:42 2023 -0400
thread_config: remove message use in wdt
Steven Baigal (sbaigal) [Tue, 4 Apr 2023 15:41:34 +0000 (15:41 +0000)]
Pull request #3793: 7.5.0 Forward-port -- memory: subtract the allocated memory from the thread pruned before comparing to the target
Merge in SNORT/snort3 from ~MMATIRKO/snort3:memory_forward_75 to master
Squashed commit of the following:
commit
c1e4fa90a08069e186bdf9717bcb8524b123a220
Author: Steve Chew (stechew) <stechew@cisco.com>
Date: Wed Mar 29 05:26:48 2023 +0000
Pull request #554: memory: subtract the allocated memory from the thread pruned before comparing to the target
Merge in FIREPOWER/snort3 from ~RDEMPSTE/snort3:free_space_allocs to hotfix/7.0.5-DE
* commit '
71b3d000f9788a3ef14f6b9b5a606354623fe58f ':
memory: subtract the allocated memory from the thread pruned before comparing to the target
Shanmugam S (shanms) [Tue, 4 Apr 2023 08:08:02 +0000 (08:08 +0000)]
Pull request #3794: stream: store thread local flow control pointer in global
Merge in SNORT/snort3 from ~KBHANDAN/snort3:crash_dump_flow_control to master
Squashed commit of the following:
commit
e6dd384b6ba178393dcf1bd56721b7243646a05f
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Tue Apr 4 10:35:32 2023 +0530
stream: store thread local flow control pointer in global
Bhargava Jandhyala (bjandhya) [Mon, 3 Apr 2023 05:43:40 +0000 (05:43 +0000)]
Pull request #3785: file_api: handling file cache context
Merge in SNORT/snort3 from ~VKAMBALA/snort3:file_context_75 to master
Squashed commit of the following:
commit
d2ef60bb3aadead55f22384cc5263882262f40d7
Author: krishnakanth <vkambala@cisco.com>
Date: Tue Mar 21 18:47:29 2023 +0530
file_api: handling file cache context
Pull request #3791: http2_inspect: clear flow stream_intf with flow_data
Merge in SNORT/snort3 from ~VHORBATO/snort3:http2_stream_intf to master
Squashed commit of the following:
commit
6e6662bc009fddcdd8abc4c4d506f8144847b87b
Author: vhorbato <vhorbato@cisco.com>
Date: Fri Mar 24 19:23:41 2023 +0200
http2_inspect: clear flow stream_intf with flow_data
Shanmugam S (shanms) [Fri, 24 Mar 2023 08:10:12 +0000 (08:10 +0000)]
Pull request #3787: flow_cache: Prune multiple flows
Merge in SNORT/snort3 from ~KBHANDAN/snort3:prune_multiple to master
Squashed commit of the following:
commit
2851a29722b096be89b291dc8d2e88dd0764510b
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date: Thu Mar 23 01:28:22 2023 +0530
flow_cache: Prune multiple flows
Priyanka Bangalore Gurudev (prbg) [Thu, 23 Mar 2023 01:51:45 +0000 (01:51 +0000)]
Pull request #3786: build: generate and tag 3.1.58.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.58.0 to master
Squashed commit of the following:
commit
b84026ea28ab20d03aaff276ced50b9e9fecbc0a
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Mar 22 11:50:40 2023 -0400
build: generate and tag 3.1.58.0
Pull request #3781: detection: fix queue_limit pegcounter evaluation
Merge in SNORT/snort3 from ~YCHALOV/snort3:snort3_detection_queue_limit to master
Squashed commit of the following:
commit
172915ec46eb9d912f1d6b0a9d9b17cffa3e53e1
Author: Yurii Chalov <ychalov@cisco.com>
Date: Fri Mar 10 10:20:31 2023 +0100
detection: fix queue_limit pegcounter evaluation
Steven Baigal (sbaigal) [Tue, 21 Mar 2023 13:16:27 +0000 (13:16 +0000)]
Pull request #3766: host cache: removed some log to prevent log flooding
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:host_cache_logs to master
Squashed commit of the following:
commit
ec6949eab03ba034c9ed416476329e1a6c6ad697
Author: rshafiq <rshafiq@cisco.com>
Date: Thu Feb 16 09:30:46 2023 -0500
host cache: removed some log to prevent log flooding
Pull request #3784: js_norm: Initialize normalizer after script was found
Merge in SNORT/snort3 from ~DKYRYLOV/snort3:jsn_perf_fix to master
Squashed commit of the following:
commit
a54f7df1a0443a886091118006020608ef3140b6
Author: dkyrylov <dkyrylov@cisco.com>
Date: Fri Mar 17 18:20:46 2023 +0200
js_norm: initialize normalization context only when script is detected
Steven Baigal (sbaigal) [Mon, 20 Mar 2023 14:45:59 +0000 (14:45 +0000)]
Pull request #3783: memory: add shell command to dump heap stats
Merge in SNORT/snort3 from ~SBAIGAL/snort3:memstats to master
Squashed commit of the following:
commit
ebe8554f4f5e95c464f08e57393d4fc204b531a0
Author: Steven Baigal <sbaigal@cisco.com>
Date: Wed Mar 15 17:19:35 2023 -0400
memory: add shell command to dump heap stats
Sreeja Athirkandathil Narayanan (sathirka) [Fri, 17 Mar 2023 18:00:30 +0000 (18:00 +0000)]
Pull request #3780: appid: give precedence to eve detected client over appid when eve_http_client_mapping config is set
Merge in SNORT/snort3 from ~SATHIRKA/snort3:eve_http_process_client_detection to master
Squashed commit of the following:
commit
214fba55d508bd25ecbe05aa55618d17085daada
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Thu Mar 9 11:20:54 2023 -0500
appid: give precedence to eve detected client over appid when eve_http_client_mapping config is set
Pull request #3778: actions: restore rtn check in Actions::alert and add to Actions::log
Merge in SNORT/snort3 from ~ANOROKH/snort3:rtn_check to master
Squashed commit of the following:
commit
d969e687476e4f6ca453fa0501691e93dd0b8442
Author: AnnaNorokh <annanorokh15@gmail.comm>
Date: Thu Mar 9 16:00:01 2023 +0200
actions: restore rtn check in Actions::alert and add to Actions::log
Pull request #3777: loggers: fix pcap flushing
Merge in SNORT/snort3 from ~YCHALOV/snort3:snort3_sigsegv to master
Squashed commit of the following:
commit
a57f1b0348b5d4262b8c5df81af6ab297a89de98
Author: Yurii Chalov <ychalov@cisco.com>
Date: Mon Mar 6 21:41:35 2023 +0100
loggers: fix pcap flushing
Priyanka Bangalore Gurudev (prbg) [Mon, 13 Mar 2023 02:14:03 +0000 (02:14 +0000)]
Pull request #3779: Build 3.1.57.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.57.0 to master
Squashed commit of the following:
commit
b1ca05cd7d06a3cc4b3cd199ac754527a32bb5b7
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Thu Mar 9 14:03:27 2023 -0500
build: generate and tag 3.1.57.0
Bhargava Jandhyala (bjandhya) [Tue, 7 Mar 2023 16:58:31 +0000 (16:58 +0000)]
Pull request #3690: telnet: added paf based splitter for telnet
Merge in SNORT/snort3 from ~SMANGHAT/snort3:snort_telnet_splitter to master
Squashed commit of the following:
commit
573f28712abe09bbcdd7d693986fffffa7eb6881
Author: Shailendra Manghate <smanghat@cisco.com>
Date: Tue Mar 7 15:38:22 2023 +0530
ftp_telnet: updated flushing around subnegotiation parameters
The splitter will flush after EOL or SE. It will ignore EOL between SB and SE.
Pull request #3772: Hyperscan scratch space.
Merge in SNORT/snort3 from ~OSHUMEIK/snort3:mpse_hs_scratch to master
Squashed commit of the following:
commit
84e671286cba6537b4893d2425e0542e008e758a
Author: Oleksii Shumeiko <oshumeik@cisco.com>
Date: Fri Feb 24 22:34:08 2023 +0200
search_engine: allocate a single shared scratch space
All threads, compiling mpse database, update the same scratch space sequentially.
Pull request #3769: profiler: add rule time percentage table field
Merge in SNORT/snort3 from ~YCHALOV/snort3:snort_rule_profiler_per to master
Squashed commit of the following:
commit
abd4ea019de96d2083c46c0d898e84099a83615e
Author: Yurii Chalov <ychalov@cisco.com>
Date: Fri Feb 17 14:27:11 2023 +0100
profiler: add rule time percentage table field
Priyanka Bangalore Gurudev (prbg) [Thu, 23 Feb 2023 15:50:35 +0000 (15:50 +0000)]
Pull request #3771: build: generate and tag 3.1.56.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.56.0 to master
Squashed commit of the following:
commit
42baa9b03a8293dac46f75195a512c52ceffa0bc
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Feb 22 20:18:39 2023 -0500
build: generate and tag 3.1.56.0
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 16 Feb 2023 17:10:51 +0000 (17:10 +0000)]
Pull request #3763: appid: merge cname pattern matchers with ssl pattern matchers
Merge in SNORT/snort3 from ~OSTEPANO/snort3:cname_and_cert_merge to master
Squashed commit of the following:
commit
9be16131179eeff287720a474b410885b19cff7a
Author: Oleksandr Stepanov <ostepano@cisco.com>
Date: Thu Feb 9 10:41:51 2023 -0500
appid: merge cname pattern matchers with ssl pattern matchers
Russ Combs (rucombs) [Sun, 12 Feb 2023 11:13:33 +0000 (11:13 +0000)]
Pull request #3764: configure: fix typo in jemalloc with tcmalloc error message
Merge in SNORT/snort3 from ~RUCOMBS/snort3:mem_config to master
Squashed commit of the following:
commit
7b2c5a1442a406af1869ce7b408fdeeec44a003e
Author: Russ Combs <rucombs@cisco.com>
Date: Thu Feb 9 11:31:56 2023 -0500
configure: fix typo in jemalloc with tcmalloc error message
Pull request #3753: sd_pattern: keep obfuscation blocks per buffer
Merge in SNORT/snort3 from ~ASERBENI/snort3:sd_obfuscation to master
Squashed commit of the following:
commit
0db98b656216676553096952d7df2d815e073627
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Tue Jan 31 11:12:57 2023 +0200
doc: update sd_pattern docs after obfuscation changes
commit
7699a8338c6d7ec534d648d16cae8fde7947fd3a
Author: Andrii Serbeniuk <aserbeni@cisco.com>
Date: Mon Jan 23 11:26:18 2023 +0200
sd_pattern: keep obfuscation blocks per buffer
Steven Baigal (sbaigal) [Fri, 10 Feb 2023 01:44:24 +0000 (01:44 +0000)]
Pull request #3756: copyright: update for year 2023
Merge in SNORT/snort3 from ~RSHAFIQ/snort3:copyright_update_year_2023 to master
Squashed commit of the following:
commit
74b7468527b55e3f54b7969b30a7fcb53648fe2c
Author: rshafiq <rshafiq@cisco.com>
Date: Mon Feb 6 15:03:24 2023 -0500
copyright: update for year 2023
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 9 Feb 2023 21:25:29 +0000 (21:25 +0000)]
Pull request #3755: appid: add validation for rpcbind universal address
Merge in SNORT/snort3 from ~SATHIRKA/snort3:rpc_bind_uaddr_validate to master
Squashed commit of the following:
commit
fff62286d419f493c0882fb1d94b4f3fe21f843a
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date: Wed Feb 1 10:29:32 2023 -0500
appid: add validation for rpcbind universal address
Priyanka Bangalore Gurudev (prbg) [Thu, 9 Feb 2023 03:49:01 +0000 (03:49 +0000)]
Pull request #3761: build: generate and tag 3.1.55.0
Merge in SNORT/snort3 from ~PRBG/snort3:build_3.1.55.0 to master
Squashed commit of the following:
commit
b8adbca0e683e91cc9aed32bf556420d902395a1
Author: Priyanka Gurudev <prbg@cisco.com>
Date: Wed Feb 8 15:53:28 2023 -0500
build: generate and tag 3.1.55.0
Russ Combs (rucombs) [Tue, 7 Feb 2023 19:25:30 +0000 (19:25 +0000)]
Pull request #3757: build: fix configure_cmake.sh 'too many arguments' error
Merge in SNORT/snort3 from ~RUCOMBS/snort3:jem_tcm to master
Squashed commit of the following:
commit
52e2b486adf8562f5c6578a0ab44d6ce3846dcf2
Author: Russ Combs <rucombs@cisco.com>
Date: Tue Feb 7 10:00:51 2023 -0500
build: fix configure_cmake.sh 'too many arguments' error
Pull request #3752: detection: add new pegcount
Merge in SNORT/snort3 from ~YCHALOV/snort3:sse_total_distance to master
Squashed commit of the following:
commit
f41962a935ec8edf4de99df43bcc569877afc9f8
Author: Yurii Chalov <ychalov@cisco.com>
Date: Thu Jan 26 13:08:52 2023 +0100
detection: add new pegcount
Sreeja Athirkandathil Narayanan (sathirka) [Mon, 6 Feb 2023 15:23:07 +0000 (15:23 +0000)]
Pull request #3742: appid: updating lua API to accomodate netbios domain extraction, substring search, and substring index.
Merge in SNORT/snort3 from ~AANTONYK/snort3:netbios_donain_name_detection_on_SMB_traffic to master
Squashed commit of the following:
commit
29bf509e59cc0cdbbbe29e1ffe06ed216202325b
Author: Clifford Judge <cljudge@cisco.com>
Date: Mon Apr 25 10:54:52 2022 -0400
appid: updating lua API to accomodate netbios domain extraction, substring search, and substring index.
Sreeja Athirkandathil Narayanan (sathirka) [Thu, 2 Feb 2023 21:48:58 +0000 (21:48 +0000)]
Pull request #3740: appid: Support for IPv4 and IPv6 subnets for First Packet API
Merge in SNORT/snort3 from ~OSTEPANO/snort3:subnet_first_packet_api to master
Squashed commit of the following:
commit
f6bcb8fbe09223f566cafc3a40c3e57c174998e0
Author: Umang Sharma <umasharm@cisco.com>
Date: Fri Dec 9 06:38:37 2022 -0500
appid: Support for IPv4 and IPv6 subnets for First Packet API
projects / thirdparty / snort3.git / log
