github snort3/snort3 3.1.47.0
Snort v3.1.47.0
on GitHub

latest releases: 3.3.5.0, 3.3.4.0, 3.3.3.0...
22 months ago

Changes in this release since 3.1.45.0:

  • appid: add a changed bit for discovery finished
  • appid: check for empty patterns in lua detector api input
  • appid: ntp detection improvements
  • appid: publish client and payload ids set in eve process event handler and ssl lookup api only after appid discovery is complete
  • appid: service, client and payload detection by lua detectors and third-party when first packet re-inspection is enabled
  • detection: add config option for SSE
  • detection: skip a rule variable copy for a single-branched node
  • doc: add information about handling multiple detection in SSE
  • doc: add JavaScript Normalization section to user manual
  • doc: add js_norm alerts to builtin_stubs.txt
  • doc: specified which packages are sent on rejection
  • helpers: fix duplicate scratch_handler
  • http_inspect: add override to destructor
  • http_inspect: move LiteralSearch::setup for http_param to its module
  • http_inspect: subdivide dev_notes into topics
  • http_inspect: move Enhanced JS Normalizer from NHI to a standalone component
  • js_norm: implement standalone Enhanced JavaScript Normalizer
  • main: add variables to lua environment
  • main: dump packet trace after publishing finalize event since verdict could be modified.
  • main: update to improve performance by making packet tracer checks before calling function.
  • netflow: if LAST_SWITCHED isn't provided, use packet time
  • netflow: implement deferred trust, cleanup
  • packet_io: allow ACT_TRUST to be used as a delayed action.
  • packet_io: the most strict delayed action takes precedence.
  • parser: improve port_object hash function
  • ports: align fields of PortObject and PortObject2
  • ports: enable checks in debug build only
  • smtp: do not accumulate cmds across policies and reloads. Avoids memory and performance problem.
  • stream: add info about the splitter lifetime to dev_notes
  • stream: ignore flushing from meta-ack if sent after FIN
  • stream: remove splitter from session before inspectors
  • stream: set splitter only on initialized tcp sessions or if midstream sessions are allowed
  • wizard: remove inspector's ref counter increments from MagicSplitter
Check out latest releases or
releases around snort3/snort3 3.1.47.0

Don't miss a new snort3 release

NewReleases is sending notifications on new releases.

Get notifications