[Oisf-devel] [COMMIT] OISF branch, master-2.0.x, updated. suricata-2.0.9-2-ge4023b5
OISF Git
noreply at openinfosecfoundation.org
Wed Nov 25 08:16:14 UTC 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master-2.0.x has been updated
via e4023b5182c990606405302bbcef12cc8374bfed (commit)
via f84a1382c7677603e7f6217d645f1fadc729accf (commit)
from 727274da0cb45ac71e1bf65dbc1c9f5b7f83db97 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e4023b5182c990606405302bbcef12cc8374bfed
Author: Victor Julien <victor at inliniac.net>
Date: Mon Apr 13 12:12:46 2015 +0200
pcap: implement LINKTYPE_NULL
Implement LINKTYPE_NULL for pcap live and pcap file.
From: http://www.tcpdump.org/linktypes.html
"BSD loopback encapsulation; the link layer header is a 4-byte field,
in host byte order, containing a PF_ value from socket.h for the
network-layer protocol of the packet.
Note that ``host byte order'' is the byte order of the machine on
which the packets are captured, and the PF_ values are for the OS
of the machine on which the packets are captured; if a live capture
is being done, ``host byte order'' is the byte order of the machine
capturing the packets, and the PF_ values are those of the OS of
the machine capturing the packets, but if a ``savefile'' is being
read, the byte order and PF_ values are not necessarily those of
the machine reading the capture file."
Feature ticket #1581
commit f84a1382c7677603e7f6217d645f1fadc729accf
Author: Giuseppe Longo <glongo at stamus-networks.com>
Date: Tue Nov 17 14:54:01 2015 +0100
logging: fix modules ordering during logging for 2.0.x
This is a backport patch for 2.0.x to fix
modules ordering during logging.
Original patch is written by Eric Leblond,
the original commit message below:
With the previous code the order of the logging modules in the
YAML were determining which module was run first. This was not
wished and a consequences was that the EVE fileinfo module was
not correctly displaying the key 'stored' because it was
depending on a flag set alter by the filestore module.
This patch adds a priority file to the TmModule structure. The
higher the priority is set, the sooner the module is run in the
logging process. The RunModeOutput structure has also been
updated to contain the name of the original TmModule. Thus allowing
to define a priority for a RunModeOutput.
Currently only the filestore has a priority set. The rest of them is
set to the default value of zero.
-----------------------------------------------------------------------
Summary of changes:
rules/decoder-events.rules | 9 ++++-
src/Makefile.am | 1 +
src/decode-events.h | 4 ++
src/decode-null.c | 89 ++++++++++++++++++++++++++++++++++++++++++
src/{debug.h => decode-null.h} | 12 ++----
src/decode.c | 2 +
src/decode.h | 8 ++++
src/detect-engine-event.h | 4 ++
src/log-filestore.c | 1 +
src/runmodes.c | 38 ++++++++++++++++--
src/source-pcap-file.c | 3 ++
src/source-pcap.c | 3 ++
src/tm-modules.h | 2 +
13 files changed, 163 insertions(+), 13 deletions(-)
create mode 100644 src/decode-null.c
copy src/{debug.h => decode-null.h} (86%)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list