[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.0-24-gb93a302

OISF Git noreply at openinfosecfoundation.org
Wed Feb 10 10:10:13 UTC 2016

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  b93a302a5b3d011bc43118cce5037e89becab2f2 (commit)
       via  3a9bcd6a5362346b0e5c55fb4a2eb4117d818af4 (commit)
       via  6152d1abca7af90e01c69873fa38a272456f76b5 (commit)
       via  4b8bd9dfc9fb99162233983e7c3c97f3ec7684da (commit)
       via  6f79137971f50450212d3191a31dfe88e1f21f1d (commit)
       via  559747e325cf89f01e4b8bb659bb6f92a5275139 (commit)
       via  3c9538b783e1f3f0765b75a93e0c8a5949697edb (commit)
       via  c4fb6217ee72969ef59b60ff7f4a0f6bfeaa8c9b (commit)
       via  2b263d55a2d0583a2c02e352bfe490fd4f42b39a (commit)
       via  2a17e3e827a2d90d03b0525ad567d3668681947d (commit)
       via  5cee70f9ae60e480b4c4d71d45848a1b15dae024 (commit)
      from  8bd9f3d07209b0d2225b553d07ee052ab4fe4910 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b93a302a5b3d011bc43118cce5037e89becab2f2
Author: Victor Julien <victor at inliniac.net>
Date:   Wed Feb 3 09:51:33 2016 +0100

    stream: improve StreamTcpSegmentForEach for IPS
    StreamTcpSegmentForEach would only return ACK'd segments. This lead
    to missing stream data in alerts when running in IPS mode.
    This patch changes the behavior for IPS. All segments are iterated
    now, also the non-ACK'd ones. For IDS mode the behavior is unchanged.

commit 3a9bcd6a5362346b0e5c55fb4a2eb4117d818af4
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Jan 31 19:27:35 2016 +0100

    qa: add --simulate-ips option
    This option forces the engine in 'IPS' mode. This is useful for testing
    some IPS code paths based on pcaps.

commit 6152d1abca7af90e01c69873fa38a272456f76b5
Author: Victor Julien <victor at inliniac.net>
Date:   Sun Jan 31 13:40:07 2016 +0100

    eve: fix stream payload logging wrong direction
    In the EVE stream payload logging the IPS path logged the wrong dir.
    Both IDS and IPS can take the same path as the detection engine
    inspects in the same direction in both cases, so the alert is also
    generated in the same direction.
    Bug #1684

commit 4b8bd9dfc9fb99162233983e7c3c97f3ec7684da
Author: Maxtors <moe.andreas at gmail.com>
Date:   Mon Feb 1 14:54:29 2016 +0100

    Added checking of negated "totals" and "threads" config values for stats.

commit 6f79137971f50450212d3191a31dfe88e1f21f1d
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Mon Nov 2 13:21:37 2015 +0100

    lua: expose TLS certificate chain to lua
    Expose TLS certificate chain to lua through TlsGetCertChain().

commit 559747e325cf89f01e4b8bb659bb6f92a5275139
Author: Tom DeCanio <decanio.tom at gmail.com>
Date:   Mon Oct 5 15:34:55 2015 -0700

    file-store: add force-filestore configuration option to enable writing all
                extracted files to filesystem.

commit 3c9538b783e1f3f0765b75a93e0c8a5949697edb
Author: Nicolas Thill <ntl at p1sec.com>
Date:   Fri Feb 5 11:11:13 2016 +0100

    lua: set thread vars in DetectLuaMatch
    Fix internal error when calling SCThreadInfo from Lua detection modules.
    Signed-off-by: Nicolas Thill <ntl at p1sec.com>

commit c4fb6217ee72969ef59b60ff7f4a0f6bfeaa8c9b
Author: Maurizio Abba <mabba at lastline.com>
Date:   Mon Nov 16 12:21:27 2015 +0000

    filestore-call: forcing a call to FileStore instead of manually updating
    the relative flag in order to have a single point where we actually
    touch the File structure

commit 2b263d55a2d0583a2c02e352bfe490fd4f42b39a
Author: notnyt <nyt-github at countercultured.net>
Date:   Fri Feb 5 19:11:03 2016 -0500

    fix nfq_get_timestamp
    Handle case when nfq_get_timestamp returns 0 for success, but timestamp is empty.

commit 2a17e3e827a2d90d03b0525ad567d3668681947d
Author: bladeswords <bladeswords at users.noreply.github.com>
Date:   Wed Feb 3 22:09:34 2016 +1100

    Fix typo of trailing ] in configure --help
    It is the small things that count.  This is an example of the fix
    --disable-threading-tls Disable TLS (thread local storage)]
    --disable-threading-tls Disable TLS (thread local storage)

commit 5cee70f9ae60e480b4c4d71d45848a1b15dae024
Author: Andreas Herz <andi at geekosphere.org>
Date:   Tue Nov 17 12:25:29 2015 +0100

    Fix the comment and explanation for random-chunk-size


Summary of changes:
 configure.ac            |  2 +-
 src/detect-lua.c        |  1 +
 src/log-file.c          |  6 +++++
 src/log-filestore.c     |  6 +++++
 src/log-stats.c         |  9 +++++++
 src/output-json-alert.c | 14 +++--------
 src/output-json-file.c  |  6 +++++
 src/output-json-stats.c |  8 ++++++
 src/source-nfq.c        |  2 +-
 src/stream-tcp.c        | 10 +++++---
 src/suricata.c          |  5 ++++
 src/util-error.c        |  2 ++
 src/util-error.h        |  2 ++
 src/util-file.c         | 25 +++++++++++++++----
 src/util-file.h         |  2 ++
 src/util-lua-tls.c      | 65 +++++++++++++++++++++++++++++++++++++++++++++++++
 suricata.yaml.in        |  8 +++---
 17 files changed, 149 insertions(+), 24 deletions(-)


More information about the Oisf-devel mailing list