[Oisf-devel] [COMMIT] OISF branch, master, updated. 2e2e80b8127589704ab6c5e81ffa8780b0ecbf47

noreply at openinfosecfoundation.org noreply at openinfosecfoundation.org
Mon Oct 24 12:31:08 UTC 2011 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  2e2e80b8127589704ab6c5e81ffa8780b0ecbf47 (commit)
       via  128261cb9746e4af7c3a1d1671c8aee94f1ca2fd (commit)
       via  b3023643ecc18e7a111388ab04fb29b7b54a4aeb (commit)
       via  7fd1e9cacc22ff87547d837389eb3148bfe6828e (commit)
       via  839b0d9bfee7b2799836be86662c15a49b9d54a9 (commit)
       via  316f2d72892c6042176e191bf36f33209db887aa (commit)
       via  a03a402b831b82329ab0d8fae18fd23d0d414708 (commit)
       via  50ddd2df43012624ac57f24fb4feeeb687763fcf (commit)
       via  2f24987f153253644f2eea842e7c242b868b6719 (commit)
       via  628bfcc1b9cf6ef6ac06222a83c8c0027c58f8ee (commit)
      from  c672bdd863f72e73366baaf30f4b16deb9249d21 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2e2e80b8127589704ab6c5e81ffa8780b0ecbf47
Author: Victor Julien <victor at inliniac.net>
Date:   Fri Oct 21 19:00:16 2011 +0200

    Add packet alert flag to indicate a match happened (partly) in the app layer state. Make unified2 use this flag.

commit 128261cb9746e4af7c3a1d1671c8aee94f1ca2fd
Author: Eric Leblond <eric at regit.org>
Date:   Mon Oct 24 10:30:36 2011 +0200

    unified2: Fix event_id computation
    
    This patch fixes event_id computation which was not incremented
    for each alert.

commit b3023643ecc18e7a111388ab04fb29b7b54a4aeb
Author: Eric Leblond <eric at regit.org>
Date:   Mon Oct 24 10:04:50 2011 +0200

    unified2: fix multiple alerts case

commit 7fd1e9cacc22ff87547d837389eb3148bfe6828e
Author: Eric Leblond <eric at regit.org>
Date:   Fri Oct 21 14:48:55 2011 +0200

    unified2: synchronize IPv4 and IPv6 code
    
    IPv6 code was missing some points.

commit 839b0d9bfee7b2799836be86662c15a49b9d54a9
Author: Eric Leblond <eric at regit.org>
Date:   Fri Oct 21 13:31:59 2011 +0200

    unified2: switch to event->packet->packet mode.
    
    Attach multiple packets to an event instead of using one
    event data per packet. This is currrently unsupported by
    reporting frontend but at least we don't have multiple
    alerts.

commit 316f2d72892c6042176e191bf36f33209db887aa
Author: Eric Leblond <eric at regit.org>
Date:   Fri Oct 21 12:11:35 2011 +0200

    unified2: segment callback log raw packet.
    
    As we don't have any trustable information about the ethernet
    header, we can simply log RAW packet to avoid to confuse the
    analyst.

commit a03a402b831b82329ab0d8fae18fd23d0d414708
Author: Eric Leblond <eric at regit.org>
Date:   Fri Oct 21 12:01:49 2011 +0200

    unified2: set datalink to correct value.
    
    The value of datalink could have been modified if the logging
    of segment was attempted. This patch restore it to a correct value.

commit 50ddd2df43012624ac57f24fb4feeeb687763fcf
Author: Eric Leblond <eric at regit.org>
Date:   Fri Oct 21 11:34:32 2011 +0200

    Restore old barnyard2 support.
    
    Some old version of barnyard2 were needing a workaround in the
    packet header building. THis patch introduces a enable-old-barnyard2
    configure flag which can be used to restore this behaviour.

commit 2f24987f153253644f2eea842e7c242b868b6719
Author: Eric Leblond <eric at regit.org>
Date:   Thu Oct 20 11:51:03 2011 +0200

    unified2: improve packet logging logic.
    
    This patch improves packet logging logic and fix some place
    regarding alert generation (event_id, ethernet header).

commit 628bfcc1b9cf6ef6ac06222a83c8c0027c58f8ee
Author: Eric Leblond <eric at regit.org>
Date:   Thu Oct 20 17:56:53 2011 +0200

    stream: Change return of StreamSegmentForEach
    
    The function now returns the number of segment where the callback
    has ben runned successfully.

-----------------------------------------------------------------------

Summary of changes:
 configure.in               |    8 ++
 src/alert-unified2-alert.c |  251 ++++++++++++++++++++++++++-----------------
 src/decode.h               |    9 +-
 src/detect.c               |   12 +-
 src/stream-tcp.c           |   10 +-
 src/stream.c               |    2 +-
 6 files changed, 179 insertions(+), 113 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list