Suricata

Interactive Unix Socket mode was added. IP Reputation support was added. A Lua scripting detection keyword was added. IP Defrag engine performance was much improved. Global thresholding was improved. AF_PACKET IPS mode support was added. File log output was improved. HTTP inspection was made more configurable. Live packet capture stats support was added. The stream reassembly engine was improved. TLS cert logging, storing, and fingerprint matching was added. Support for decoding various tunnel protocols was added. Delayed detection engine initialization support was added.

This release fixes a major flow engine memory leak, a case in which unified2 could overwrite its own alert files, and the Windows build.

Interactive Unix Socket mode was added. IP Reputation support was added. Command line options were improved. The rule analyzer was improved. File log output was improved. Endace DAG card live stats support was added. A new HTTP event was added. Many issues were fixed.

Napatech capture card support was improved. Support for the pkt_data keyword was added. HTTP inspection was made more configurable. Live packet capture stats support was added. The stream reassembly engine was improved. Performance enhancements were made. The rule analyzer was improved. Many issues were fixed.

Several accuracy and stability issues were fixed. OpenBSD 5.2 support was added.