Jason Ish
Jason Ish
Other fix in progress at https://github.com/OISF/suricata/pull/11999.
Thanks for the submission. Could you please create a ticket that discusses this feature, the benefits, etc.
Linker error.. When I build Suricata with `./configure --enable-ndpi --with-ndpi=/home/jason/src/nDPI`, it fails to link: ``` /usr/bin/ld: /home/jason/src/nDPI/src/lib/libndpi.a(ndpi_main.o): in function `ndpi_handle_rule.isra.0': ndpi_main.c:(.text+0xaef3): undefined reference to `nbpf_parse' /usr/bin/ld: /home/jason/src/nDPI/src/lib/libndpi.a(ndpi_main.o): in function `ndpi_exit_detection_module':...
@lucaderi @cardigliano Its still needs much review, but here's what I'm thinking for the support required for nDPI to be a plugin, including a stub plugin that shows off the...
> I believe you have built nDPI with nBPF support and the nBPF library was not used during linking. I think you have /home/jason/PF_RING/userland/nbpf/libnbpf.a but that was not used during...
> In the suricata docs, code and general terminology we use "signatures" and "rules" interchangeably. However this feels like a mistake. The current engine is very much a signature engine,...
Replaced by https://github.com/OISF/suricata/pull/12000.
It does look like a schema can be extended with custom fields (https://json-schema.org/draft/2019-09/json-schema-core#rfc.section.6.5), my only comment here would be some sort of prefix to make clear they are suricata extensions...
I wonder if we could take a simpler approach here, which might mean making use of it sooner. Take a look at this ldap example from the schema: ```json "ldap":...
Typically I'd wait for it to be available in the repos, in this case that means AlmaLinux 9 repos. There is some activity on packaging to replace Hyperscan, but I'll...