Fixes for issues reported from the community:
- fix cmake issues (reported by Y M)
- add missing sanity checks and g++ dependency (reported by Bill Parker)
- add general fp re-search solution for fp buffers further restricted during rule eval (reported by @rmkml)
- fixes for large file support on 32-bit Linux systems (reported by Y M)
Partial code sync with Snort 2.9.7:
- malloc info output with -v at shutdown (if supported)
- sync Mpse and add SearchTool
- sync for sfghash, sfxhash, tag, u2spewfoo, profiler and target based
- addition of mime decoding stats and updates to mime detection limits
- added md5, sha256, and sha512 rule options based on Snort 2.X protected_content
- misc bug fixes and variable renaming
Other updates:
- fix asciidoc formatting and update default manuals
- updated source copyrights for 2015 and reformatted license foo for consistency
- fix default init for new_http_inspect
- fixed active rule actions (react, reject, rewrite)
- moved http_inspect profile defaults to snort_defaults.lua
- add generalized infractions tracking to new_http_inspect
- updated snort2lua to override default tables (x = { t = v }; x.t.a = 1)
- added pflog codecs
- fixed stream_size rule option
- snort2lua changed to add bindings for default ports if not explicitly configured
Please take a look, download, and test out this release for Snort++ and provide us feedback on the snort-users mailing list.