- sync with Snort 297-262
- ported reputation inspector
- ported dnp3 and modbus inspectors
- ported gtp inspector
- pigliet plugin test harness
- file policy support
- added regex rule option based on hyperscan
- added fast pattern matching based on hyperscan
- new time and space profiling
Work in progress:
- the all new HTTP inspector
- a rewrite of TCP packet and session handling
The priority for the fourth and final alpha release is parity with Snort 2.X (i.e. a superset of 2.X functionality). Here are some things to look for in the final alpha release:
- port open appID
- port dcerpc2 inspector
- port sensitive data inspector
- finish rewrite of stream_tcp for greater functionality and performance
- finish rewrite of side channel and HA functionality
- finish rewrite of perf stats
- finish next generation DAQ
There are several new features in the works that will be delayed by the effort to overtake Snort 2.X but this strategy will ultimately allow us to move even quicker.
Windows support is also affected but not forgotten. We will eventually provide a full featured Snort++ for Windows.
New downloads are posted to snort.org monthly. You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.
Please submit bugs, questions, and feedback to firstname.lastname@example.org or the
Snort-Users mailing list.
The Snort Release Team