Releases: jasonish/py-idstools
Releases · jasonish/py-idstools
0.6.5 - 2023-11-02
- dumpdynamicrules: Python 3 fix, plus fix for handling directories: #91
- rulecat: Fix placement of .md5 extension: #82
- rules: allow config action to be used in local.rules: #88
- rules: add more header elements into Rule object: #87
- eve2pcap: ipv6 fix: #86
- misc: replace warn with warning
- unified2: support for event type 3: #74
- dumpdynamicrules: repack fix for directories: #91
0.6.4
- eve2pcap: fix displaying of errors from libpcap
- eve2pcap: python3 fixes
- eve2pcap: print number of packets converted on exit
- rules: fix parsing of rules where the address or port list has a space
Commit log <https://github.com/jasonish/py-idstools/compare/0.6.3...0.6.4>
_
0.6.3
0.6.2
0.6.2 - 2017-08-09
- rulecat: ignore *deleted.rules by default. Provide --no-ignore
option to disable default ignores without having to add a new
ignore.
- rulecat: suppress progress bar if quiet
- rulecat: fix output filenaming for downloads that are a single rule
file
- rulecat: more python3/unicode fixes
- rule parser: if metadata is specified more than once, append to the
existing metadata list instead of replacing it
(https://github.com/jasonish/py-idstools/issues/57)
- `Commit log <https://github.com/jasonish/py-idstools/compare/0.6.1...0.6.2>`_
0.6.1
0.6.0
Change log:
- idstools-u2eve - output packet records
- idstools-rulecat: allow --local to be specified multiple times
- idstools-rulecat: --ignore option to ignore filenames
- More python 3 fixups.
- unified2 - deprecate event readers, use record readers instead
(#14) - u2json: --packet-hex and --printable to print raw buffers as printable
chars and hex in addition to base64. - u2eve: --packet-printable to include a "packet_printable" field
- u2eve: include Snort extra-data with printable data.
Commit log: 0.5.6...0.6.0
0.5.6
0.5.5
Changes:
- unified2: fix reading of ipv6 events
- idstools-u2json: option to sort the keys
- u2spewfoo: IPv6 printing fixes
- idstools-rulecat: use ET "enhanced" rules by default
- idstools-rulecat: suricata inspired colour logging
- idstools-rulecat: handle URLs ending with query parameters