[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-1.4-197-gce95fbd

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Mon Jun 17 13:08:16 UTC 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  ce95fbdda01f459d17cb2f2093a310f66df9d57f (commit)
       via  a35c36794218a925250669bcbc1bb6d12f343db5 (commit)
       via  efaa9a7302706ff9bb5970ce40be7bcbcf2f0d5c (commit)
      from  429b5cec101cdc6cf31241c45e067f1102acdc09 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ce95fbdda01f459d17cb2f2093a310f66df9d57f
Author: Eric Leblond <eric at regit.org>
Date:   Tue Jun 11 15:41:21 2013 +0200

    action handling: add test to avoid direct access
    
    Direct access to the action field of Packet structure is not
    allowed.

commit a35c36794218a925250669bcbc1bb6d12f343db5
Author: Eric Leblond <eric at regit.org>
Date:   Tue Jun 11 15:08:01 2013 +0200

    action handling: use macro for test.
    
    Use test macro instead of direct access to action field.
    
    This patch has been obtained by using the following
    spatch file:
    
      @@
      Packet *p;
      expression E;
      @@
    
      - p->action & E
      + TEST_PACKET_ACTION(p, E)

commit efaa9a7302706ff9bb5970ce40be7bcbcf2f0d5c
Author: Eric Leblond <eric at regit.org>
Date:   Tue Jun 11 14:52:11 2013 +0200

    action handling: define and use macros
    
    The action field in Packet structure should not be accessed
    directly as the tunneled packet needs to update the root packet
    and not the initial packet.
    
    This patch is fixing issue #819 where suricata was not able to
    drop fragmented packets in AF_PACKET IPS mode. It also fixes
    drop capability for tunneled packets.

-----------------------------------------------------------------------

Summary of changes:
 qa/coccinelle/action-pkt.cocci |   15 ++++++++
 src/alert-prelude.c            |    2 +-
 src/alert-unified2-alert.c     |    4 +-
 src/decode.h                   |   11 ++++++
 src/detect-detection-filter.c  |   14 ++++----
 src/detect-engine-alert.c      |    6 ++--
 src/detect-engine-iponly.c     |    2 +-
 src/detect-engine-state.c      |    2 +-
 src/detect-threshold.c         |   72 ++++++++++++++++++++--------------------
 src/detect.c                   |   13 ++++---
 src/log-droplog.c              |    4 +-
 src/respond-reject.c           |   18 +++++-----
 src/source-af-packet.c         |    2 +-
 src/source-ipfw.c              |    2 +-
 src/source-nfq.c               |    2 +-
 src/stream-tcp.c               |    4 +-
 src/util-threshold-config.c    |   20 +++++-----
 17 files changed, 110 insertions(+), 83 deletions(-)
 create mode 100644 qa/coccinelle/action-pkt.cocci


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list