Jeff Lucovsky
Jeff Lucovsky
Continuation of #7694 The intent of this PR is to support arbitrary order options for `byte_math`. During the investigation phase, it was suggested that the parser be converted to Rust...
This is a *draft PR*; Git hygiene to applied to separate commits properly. This PR extends Suricata's support for VLANs from 2 to 3 levels. There is no standard for...
Continuation of #7339 This changeset provides subsystem and module identifiers in the log when the log format string contains `"%S"`. By convention, the log format surrounds `"%S"` with brackets. The...
This PR adds a transform for base64 encoded data. Here's a rule showing the transform: ``` alert http any any -> any any (msg:"from_base64 transform"; flow:established,from_server; http.response_body; from_base64; content: "This...
Continuation of #7660 Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: [#2871](https://redmine.openinfosecfoundation.org/issues/2871) Describe changes: - Allow lua match scripts to access variables defined in rule by byte_extract or byte_math Updates - Rebase. suricata-verify-pr: 899...
Continuation of #6954 This commit modifies the validation callback to include the distance during validation. Values of distance that cause the right edge to be exceeded are considered an error...
Continuation of #7222 Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: [5198](https://redmine.openinfosecfoundation.org/issues/5198) The buffer overflow occurred due to the stats output not being set up with a valid context useful for threaded output. The...
Continuation of #7115 Batch backport of Netmap issues to 6.0.x: - [Issue #4582](https://redmine.openinfosecfoundation.org/issues/4852) that provide access to the Netmap API changes in Netmap API versions 14+. - [Issue #4883](https://redmine.openinfosecfoundation.org/issues/4883) allows...
Continuation of #7802 The intent of this PR is to support arbitrary order options for `byte_math`. During the investigation phase, it was suggested that the parser be converted to Rust...
Continuation of #7845 This commit modifies the validation callback to include the distance during validation. Values of distance that cause the right edge to be exceeded are considered an error...