Enhancements:
- converted sd_pattern to use hyperscan
- ported smb reassembly and raw commands processing, segmentation support
- ported smb write and close command, deprecated dialect check, smb fingerprint
- ported appid rule option as "appids"
- ported appid detectors: kereberos, bittorrent, imap, pop
- added appid counts for mdns, timbuktu, battlefield, bgp, and netbios services
- added smtp.max_auth_command_line_len
- added new_http_inspect unbounded POST alert
- added oversize directory alert to new_http_inspect
- snort2lua updates for new_http_inspect
- fixed asn1:print help
- fixed event queue buffer log size
- fixed make distcheck; thanks to jack jackson <jsakcon@gmail.com> for reporting the issue
- fixed help text for rule options ack, fragoffset, seq, tos, ttl, and win
- fixed endianness issues with rule options seq and win
- fixed rule option session binary vs all
- fixed issue with icmp_seq and icmp_id field matching
- fixed off-by-1 line number in rule parsing errors
- fixed cmake make check issue with new_http_inspect
- fixed new_http_inspect handling of 100 response
- fixed dynamic build of new_http_inspect
- fixed outstanding strndup calls
- fixed static analysis issues
- moved http_inspect (old) to http_server (in extras)
- moved new_http_inspect to http_inspect
- code refactoring and cleanup
Happy Snorting!
The Snort Release Team