Project

General

Profile

Actions

Feature #1261

closed

Request for Additional Lua Capabilities

Added by Paul Gofran about 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

We use the luajit capabilities for various tasks but have hit some limitiations. We’re interesting in making additional data accessible to the Lua scripts.

Some of these features will likely overlap but we would like Lua to have the following features:
1) Access to HTTP header data at the same time as body data. For more information see: https://lists.openinfosecfoundation.org/pipermail/oisf-devel/2013-May/002354.html
2) Access to stream payloads, not just packet payloads. This would be particularly useful for being able to decode emails for scanning purposes.
3) Access to the TCP quad. When extracting payloads (ex: needs["payload"]), Lua does not have access to the TCP/IP information at the same time.

These capabilties will help provide full context for scanning and analysis.

Are these things that the OISF community would be interested in? Has any work been done on this so far, or are there plans for developing any similar capabilities?

Actions

Also available in: Atom PDF