Bumped revision to 313 Fix: Enable compilation without error with --enable-ipv6 Fix to spo_syslog_full Fix: operation_mode parsing (strcasecmp return value) Fix: defined values (literals instead of 0 and 1) for clarity. Fix: in complete mode used a } instead of a ] at one place in a output literal. Fix: Check for input data in spo_database.c where revision is 0, we do not log and we print messages Modified: Replaced WARNING database by INFO database so people are less alarmed when those pop-up.
- Update event/record names for identifiers that Bro uses in its Barnyard2 integration scripts. - Fix ICMP type/code byte ordering. - Fix segfault when an alert has no classification. - Fix for Broccoli expecting 64-bit count values. - Support for IPv6 addresses (needs Bro > v2.0).
Bumped revision to 310
changed bzero() to memset() as bzero is deprecated. replaced bzero() with memset() replaced calls to bzero() with memset() as bzero is deprecated. replaced bcopy() with memmove() Replaced deprecated bcopy() with memmove(), memmove is guaranteed to work even if memory areas overlap, where as memcpy is designed so that the memory areas MUST not overlap. replaced bzero() with memset() Replaced bzero() with memset() as bzero is deprecated. replaced bzero() with memset() changed bzero() which is deprecated to memset(). replaced deprecated function calls replaced bzero() with memset() and bcopy() with memmove(). changed bzero to memset changed bzero() to memset in #define, bzero deprecated. replaced bzero() with memset() replaced bzero() with memset() as bzero is deprecated. changed function prototype corrected function prototype for PlatypusAgentReceive to match actual function later in file. corrected function prototype and deprecated calls changed function prototype for SguilRecvAgentMsg() and changed bzero() to memset() as bzero() is deprecated replaced bzero() with memset() replaced bzero() with memset() since bzero() is deprecated.
-Bumped: Build to 309 Fix sguil compile issue
… as there is data in the database -Bumped version to 208
…atabase that was leading to a missleading reference compare/insertion and a grow on the reference table. -Fix: Modified the sigref code so i is smarter and more tolerant to changes of order of reference etc. -Bumped revision to 307
…stem and sigref) Fix: Signature will now heritate message from latest revision if it exist in cache instead of Snort Alert [gid:sid:rev] Fix: Balance reference for signature with same gid:sid and different revision (no logic, raw compare, need to be present in file (sid-msg.map) Bumped build to 306.
-Add: SCHEMA_ACCESS for instruction on database schema requirements -Add: SQL escaping code check for reference tag name. -Fix: will not insert sig_ref for ""internal"" signature -Fix: will not fail when there is no reference present in sid-msg.map file. -Fix: spo_database.c typo in if (define) for postgresql -Fix: max cache events bumped to 256 -Fix: for compilation without libpcap libraries -Fix: compilation issue with Postgresql (Define error) -Fix: Database Compilation Warning (Header re-use issue) -Fix: Postgresql Encoding issue.
No signature data is commited to the database if it has a revision of 0 (initialized form file, beside preprocessor) This fixes some issue regarding uninitialized signature being logged. A few assert() call have been added. If you hit a bugcheck and use this branch, let us know. Addmentum: This commit contain ODBC code that is not ready for deployment.
…ble-debug and BARNYARD2_DEBUG set or combined with to (DB_DEBUG)0x80000000 -Added SignatureLookupDatabase() function to prevent some possible race condition when a signature is not found in cache,mabey an other by2 process could insert it ex:if an event occur at the same time for two sensor -Changed some log message format.
…setdbLogin instead of PQreset)
-Fixed possible nexted call to Rollback issued call to dbProcessSignatureInformation,dbSignatureInformationUpdate and SignaturePopulateDatabase -Fixed compilation issue when no database configuration flag are enabled. -Added some debug info to some RollbackTransaction call
Added support for local syslog logging.