Permalink
Commits on Jun 20, 2013
  1. Fix: Forgotten select access for the schema table in the SCHEMA_ACCESS

    binf committed Jun 20, 2013
    file.
    
    Thanks to Steve McLaughlin, for picking it up.
Commits on Jun 19, 2013
  1. Fix: Removed loop control continue in ReadSidMap()

    binf committed Jun 19, 2013
     that could force the parser to skip the first line in SIDMAPv1 format if there was no space or hash tag at the start of the file.
Commits on Jun 17, 2013
Commits on May 27, 2013
  1. Fix: little issue when starting in SIDv2 mode, mainly due to a early

    binf committed May 25, 2013
         free of the classification file path name in ReadClassification().
         value is now copied properly and freed at cleanup.
    
    Fix: leak in spo_syslog_full arguments parsing. (unrelated)
Commits on May 24, 2013
Commits on May 14, 2013
Commits on May 9, 2013
Commits on May 7, 2013
Commits on May 5, 2013
  1. Last minute commit for a long waited needed feature and some little fix.

    binf committed Apr 26, 2013
    Add: Support for proper signal handling.
    Add: README info for google mailing lists.
    
    Fixed: Compile issue when debug was enabled (missing , in some
    DEBUG_WRAP code.
    
    Fixed: Changed a few places where the snort literal was used instead of
    barnyard2 and this could confuse some first time barnyard2 users.
    
    Fixed: RPM spec file to point to good version (when needed)
    
    Bumped: Build to 326
    
    --github specific
    Fixes #81
    Fixes #73
    Fixes #75
    
    Close #82
    Close #83
    Close #80
    Close #79
    Close #78
    Close #27
    --github specific
Commits on Apr 7, 2013
  1. Bumped: version to 2-1.13-BETA

    binf committed Mar 13, 2013
    Bumped: build to 325
    
    Add: Full support for sid-msg v2 format which
         enchanced by the following fields: gid,revision,classification,priority
         for each entry which allow pre-population of signature metadata by
         barnyard2 if database output is used.
    
    Add: Signature Suppression support at the spooler level using
         configuration directive. See doc/README.sig_suppress
    
    Add: Variable resolving/support in configuration file
         (generic variable.
    
    Add: hostname and interface to possible CSV field
         Feature requested by: Phil Daws
    
    Add: spo_database configuration keyword "disable_signature_reference_table"
         was added and reconnect_sleep_time, connection_limit defined in
         doc/README.database.
    
    Fixed: Added extra check when generating sig_reference cache.
           (Martin Olsson)
    
    Fixed: sid-msg.map and gen-msg.map double declaration issue (using
           command line and directive is now prohibited) [ will bail
           if both are used (-S and config sid_file OR -G and config
           gen_file.]
    
    Fixed: syslog_full in complete mode IP information (F�bu Hufi)
    
    Fixed: database, could stop processing event when some ip options where
           null (John Naggets)
    
    Fixed: Removed some database messages and move them to debug message if
           the propre debug flag is used.
Commits on Feb 14, 2013
  1. updated: bumped licensing for the new year as well as minor revision …

    firnsy committed Feb 14, 2013
    …for cummalitve bugfixes hitherto.
Commits on Feb 7, 2013
  1. Merge pull request #68 from reedloden/master

    firnsy committed Feb 7, 2013
    Fix a segfault in TextLog_Print() by using %d for classification ID, as it's a 'uint32_t'.
  2. Merge pull request #67 from binf/bug-fix

    firnsy committed Feb 7, 2013
    Fix: Possible segfault in spo_database
  3. Add: Enable payload encoding for log_syslog_full in complete mode,

    binf committed Feb 7, 2013
    support hex(default),base64,ascii
    
    Bumped: Build to 320
Commits on Feb 5, 2013
  1. Fix a segfault in TextLog_Print() by using %d for classification ID, …

    Reed Loden
    Reed Loden committed Feb 5, 2013
    …as it's a 'uint32_t'.
  2. Fix: Possible segfault in spo_database

    binf committed Feb 4, 2013
         when the decoded IP header is supposed to have a TCP/UDP packet but
         the decoded packet does not contain such information.
         A pointer validation check has been added and behavior has been
         changed for ICMP handling which was already considering this case but
         would lead to a processing fault. (DB_DEBUG information messages
         where also added).
    
    Bumped: Build to 319
Commits on Jan 18, 2013
  1. Merge pull request #61 from binf/bug-fix

    firnsy committed Jan 18, 2013
    Fix: Call to memcmp in signature_reference code.
  2. Merge pull request #58 from jasonish/ish/pqping

    firnsy committed Jan 18, 2013
    Test for PQping by attempting to link it.
  3. Merge pull request #56 from inliniac/sguil-timeout-fix

    firnsy committed Jan 18, 2013
    sguil: fix recursive calling of SguilSensorAgentInit
Commits on Jan 12, 2013
  1. Bumped: build to 318

    binf committed Dec 28, 2012
    Fix: Call to memcmp in signature_reference code.
Commits on Dec 5, 2012
Commits on Dec 3, 2012
  1. sguil: fix recursive calling of SguilSensorAgentInit leading to stack…

    inliniac committed Dec 3, 2012
    … exhaustion on connection problems
Commits on Nov 30, 2012
Commits on Nov 29, 2012
Commits on Nov 28, 2012
  1. Merge pull request #55 from binf/PQPing_TEST

    firnsy committed Nov 28, 2012
    Add: Added call to PQPing in  dbConnectionStatusPOSTGRESQL().
Commits on Nov 27, 2012
Commits on Nov 21, 2012
  1. Add: Added call to PQPing in dbConnectionStatusPOSTGRESQL().

    binf committed Nov 15, 2012
         This modification can allow to detect a dead VPN tunnel
         (Requested fix)
    Fix: configure directive disable_alert_on_each_packet_in_stream, will
         work properly.
Commits on Nov 9, 2012
Commits on Nov 7, 2012
  1. fixed: conflict when cherry picking #51

    binf authored and firnsy committed Oct 24, 2012
Commits on Nov 4, 2012
  1. alert_unixsock: Add a sync mode, which requires the remote end to

    Martijn van Oosterhout authored and firnsy committed Mar 10, 2012
    acknowledge receipt.  This means in sync mode it requires a SOCK_SEQPACKET
    type socket instead of plain SOCK_DGRAM.  It also complains about failures
    during sending.
  2. alert_unixsock: Improve some error messages so it's clear which modul…

    Martijn van Oosterhout authored and firnsy committed Mar 10, 2012
    …e they came from.
  3. alert_unixsock: Get rid of global alertaddr by connecting to the sock…

    Martijn van Oosterhout authored and firnsy committed Mar 10, 2012
    …et at
    
    startup.  This should allow multiple sockets to be used at the same time.
    This also checks the socket name, whereas previously incorrect filenames
    were simply ignored.