Changes in this release since 3.1.67.0:
- appid, cip: parsing cip safety segments
- appid: mark ssl appid lookup successful if a service id is available
- appid: prefer eve client over appid detected client after decryption and use appid detected client version if eve client equals appid client
- dce_rpc: fix stats for client/server segments reassembled. Thanks to Bader-eddine Ouaich for addressing the issue.
- dns: parse and publish dns response with ip, fqdn/ttl data
- dns: updates to allow DNS to be compiled dynamically.
- doc: udpate tutorial
- framework: add virtual for inspectors that publish data when no ips policy is enabled.
- http2_inspect: add frame when logging a packet
- http2_inspect: handle empty header name
- http2_inspect: update connection settings on ack
- http2_inspect: update test tool configurations
- http_inspect: adjust formatting
- http_inspect: disable rule evaluation caching for MIME attachments
- inspector: export get_service_inspector_by_service method
- managers: fix get_inspector to use the passed in snort config for context and inspection inspectors
- mime: fix boundary search
- mime: postpone boundary-look-alike data till the next PDU arrives
- mime: support transport padding in boundary strings
- sfip: Add < operator so SfIp can be used in std::map and std::set.
- src: remove ips option asn1
- stream: init meta ack packet action field
- wizard: refactoring - split curses to multiple files by protocol