Project

General

Profile

Actions
Copy link

Feature #1137

closed
DH VJ

Support IP lists in threshold.config

Feature #1137: Support IP lists in threshold.config

Added by Duane Howard about 12 years ago. Updated almost 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
3.0RC1
Effort:
Difficulty:
Label:

Description

Snort currently supports lists like:
suppress gen_id 1, sig_id 12345, track by_src, ip [10.1.1.1,10.1.2.3,192.168.1.9]

The same requires multiple rules in Suricata:
suppress gen_id 1, sig_id 12345, track by_src, ip 10.1.1.1
suppress gen_id 1, sig_id 12345, track by_src, ip 10.1.2.3
suppress gen_id 1, sig_id 12345, track by_src, ip 192.168.1.9

VJ Updated by Victor Julien about 12 years ago Actions
Copy link
 #1

  • Target version set to TBD

DH Updated by Duane Howard over 11 years ago Actions
Copy link
 #2

Was this considered for 2.1 ?

DH Updated by Duane Howard almost 11 years ago Actions
Copy link
 #3

Friendly ping?

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
 #4

  • Status changed from New to Closed
  • Assignee set to Victor Julien
  • Target version changed from TBD to 3.0RC1
  • % Done changed from 0 to 100
Actions
Copy link

Also available in: PDF Atom