suricata icon indicating copy to clipboard operation
suricata copied to clipboard

Published 20 hours ago verified publisher icon OISF

Detect bidir 5665 v10

Open catenacyber opened this issue 1 year ago • 1 comments

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/5665

Describe changes:

  • allows bidirectional signature matching !

SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1786

Draft again because of second commit General feedback expected :-)

TODO :

  • Give me better names
  • Where should I document these new keywords bidir.toclient ?
  • more tests !!!! Throw me rules examples ! negative and positive...

https://github.com/OISF/suricata/pull/10818 with additional commit to not require unambiguous keyword to specify their direction in the case there was previously some ambiguous keyword with a direction...

catenacyber avatar Apr 18 '24 14:04 catenacyber

ERROR:

ERROR: QA failed on SURI_TLPW1_files_sha256.

Pipeline 20203

suricata-qa avatar Apr 20 '24 07:04 suricata-qa

Rebased in https://github.com/OISF/suricata/pull/11246

catenacyber avatar Jun 05 '24 09:06 catenacyber