Bug fix for vulnerability CVE-2014-0039 reported by Murray McAllister of the Red Hat Security Team in which an attacker-controlled fwsnort.conf file could be read by fwsnort when not running as root. This was caused by fwsnort reading './fwsnort.conf' when not running as root and when a path to the config file was not explicitly set with -c on the command line. This behavior has been changed to require the user to specify a path to fwsnort.conf with -c when not running as root.
…against fwsnort.save file (fixes CentOS deployments)
Dwight Davis reported that "when EXTERNAL_NET is set to 'any' the outbound rules get put into the INPUT chain": http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693000 This commit fixes this behavior, and forces such rules to the OUTPUT chain whenever the original Snort rule has HOME_NET -> EXTERNAL_NET.
(Dwight Davis) Contributed patches for several bugs including not handling --exclude-regex properly, not ignoring the deleted.rules file, not handling --strict mode opertions correctly, and more. These issues and the corresponding patch were originally reported here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693000