Skip to content

Releases: jasonish/py-idstools

0.6.5 - 2023-11-02

01 Nov 17:43
0.6.5
Compare
Choose a tag to compare
  • dumpdynamicrules: Python 3 fix, plus fix for handling directories: #91
  • rulecat: Fix placement of .md5 extension: #82
  • rules: allow config action to be used in local.rules: #88
  • rules: add more header elements into Rule object: #87
  • eve2pcap: ipv6 fix: #86
  • misc: replace warn with warning
  • unified2: support for event type 3: #74
  • dumpdynamicrules: repack fix for directories: #91

0.6.4

20 Apr 15:52
0.6.4
Compare
Choose a tag to compare
  • eve2pcap: fix displaying of errors from libpcap
  • eve2pcap: python3 fixes
  • eve2pcap: print number of packets converted on exit
  • rules: fix parsing of rules where the address or port list has a space
  • Commit log <https://github.com/jasonish/py-idstools/compare/0.6.3...0.6.4>_

0.6.3

20 Nov 20:52
Compare
Choose a tag to compare

0.6.3 - 2017-11-20

  • eve2pcap: fix segfault when calling libpcap functions.
  • rulecat: for Emerging Threat rule URLs, use the Suricata version as found
  • rulecat: default to Suricata 4.0 if it can't be found.
  • rule parser: fix case where rule option does not end in ; and is
    last option (#58)

0.6.2

14 Nov 09:22
Compare
Choose a tag to compare

0.6.2 - 2017-08-09

- rulecat: ignore *deleted.rules by default. Provide --no-ignore
  option to disable default ignores without having to add a new
  ignore.
- rulecat: suppress progress bar if quiet
- rulecat: fix output filenaming for downloads that are a single rule
  file
- rulecat: more python3/unicode fixes
- rule parser: if metadata is specified more than once, append to the
  existing metadata list instead of replacing it
  (https://github.com/jasonish/py-idstools/issues/57)
- `Commit log <https://github.com/jasonish/py-idstools/compare/0.6.1...0.6.2>`_

0.6.1

25 May 15:28
0.6.1
Compare
Choose a tag to compare
  • idstools-rulecat: handle zip archive files
  • rules: handle msg with escaped semicolons
  • rulecat: don't generate report summary if its not going to be logged
    anyways (#49)
  • rulecat: Python 3 fixes
  • rules: speed up parsing

Commit log: 0.6.0...0.6.1

0.6.0

29 Mar 19:36
0.6.0
Compare
Choose a tag to compare

Change log:

  • idstools-u2eve - output packet records
  • idstools-rulecat: allow --local to be specified multiple times
  • idstools-rulecat: --ignore option to ignore filenames
  • More python 3 fixups.
  • unified2 - deprecate event readers, use record readers instead
    (#14)
  • u2json: --packet-hex and --printable to print raw buffers as printable
    chars and hex in addition to base64.
  • u2eve: --packet-printable to include a "packet_printable" field
  • u2eve: include Snort extra-data with printable data.

Commit log: 0.5.6...0.6.0

0.5.6

07 Mar 16:11
0.5.6
Compare
Choose a tag to compare
  • idstools-rulecat: fix issue parsing Suricata version on Python 3
  • idstools-rulecat: don't convert rules with noalert to drop
  • idstools-rulecat: allow suricata version to be set on the command
    line (#38)

Full commit log.

0.5.5

29 Dec 16:36
Compare
Choose a tag to compare

Changes:

  • unified2: fix reading of ipv6 events
  • idstools-u2json: option to sort the keys
  • u2spewfoo: IPv6 printing fixes
  • idstools-rulecat: use ET "enhanced" rules by default
  • idstools-rulecat: suricata inspired colour logging
  • idstools-rulecat: handle URLs ending with query parameters

0.5.4

21 Sep 21:19
Compare
Choose a tag to compare
  • idstools: handle rules with no msg in rule parser
  • idstools-rulecat: support a drop.conf for setting rules to drop
  • idstools-eve2pcap: allow link type to be set on command line
  • unified2: handle large appid buffer in newer versions of Snort.

0.5.3

21 Sep 21:19
Compare
Choose a tag to compare
  • idstools-rulecat: better documentation
  • idstools-rulecat: use ET Pro https URL