Actions
Bug #1962
closeduser reports custom rule stopped working when migrating 1.x to 2.x
Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:
Description
Hi,
I know this is related to an old suricata version, but here it is anyway.
A Debian user reports that when migrating a custom rule from suricata 1.x to 2.x the rule stoped working.
See details in the debian bug report https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783660
The rule seems to be:
alert http any any -> any any (msg:"User-Agent Gecko http_user_agent"; content:"Gecko"; http_user_agent; sid:2; rev:1;)
I asked for more info back in Aug 2016, but no reply so far.
Would you recommend just closing this bug?
regards.
Updated by Victor Julien over 7 years ago
- Status changed from New to Closed
Most issues with that upgrade path were around changed vlan handling.
But yes, I think it should be closed.
Btw, we consider 2.x EOL.
Actions