Hi, If you haven't already noticed. I have just released version 0.4.1. ChangeLog is posted below. For version 0.4.2 I will mainly be focusing on tidying up the preprocessor and signature engines and working towards TCP stream reassembly and stateful inspection. Version 0.4.1 * Get rid of madvise() in capdev.tcpdump * Fix ipaddr/port negation bug in tcp/ip/udp matching * Negation of ipaddr/port works on bidirectional snort rules * Centralised alerting subsystem * Finished ICMP matching code * Implement icmp_id and icmp_seq (can be ranges) * Fix TCP,UDP,ICMP decode bug * Micro-optimisations in TCP and ICMP matching code * Implement 'require' keyword in config file * Split string matching in to seperate plugin * Oops, actually implement IP ID matcher! * IP Options matcher * Depth and Offset supported in content matcher * Fix RPM and tarball binary builds -- // Gianni Tedesco <gianni@xxxxxxxxxx> 8646BE7D: 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
Attachment:
signature.asc
Description: This is a digitally signed message part