https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022015-03-23T10:17:43ZOpen Information Security FoundationSuricata - Feature #1389: suppress by hosthttps://redmine.openinfosecfoundation.org/issues/1389?journal_id=50112015-03-23T10:17:43Zgod lol
<ul></ul><p>Note: suppressing based on ip is less desirable due to dyndns host.</p> Suricata - Feature #1389: suppress by hosthttps://redmine.openinfosecfoundation.org/issues/1389?journal_id=50422015-04-05T03:26:24ZVictor Julienvictor@inliniac.net
<ul></ul><p>I can see how this could work for http where we could use the actual hostname to match the hostname in the request, but how would this otherwise work? Would you expect suri to do the dns lookup to get the IP of the hostname?</p> Suricata - Feature #1389: suppress by hosthttps://redmine.openinfosecfoundation.org/issues/1389?journal_id=50462015-04-06T08:34:43Zgod lol
<ul></ul><p>My personal use-case is SIP where it can also be extracted directly in theory (no corresponding Suricata helper yet). Although I can see how it can be handy regardless of the protocol so having infrastructure to do dns requests and cache the results for correct time would be definitely usefull.</p> Suricata - Feature #1389: suppress by hosthttps://redmine.openinfosecfoundation.org/issues/1389?journal_id=69962016-06-16T02:52:41ZVictor Julienvictor@inliniac.net
<ul><li><strong>Tracker</strong> changed from <i>Support</i> to <i>Feature</i></li></ul> Suricata - Feature #1389: suppress by hosthttps://redmine.openinfosecfoundation.org/issues/1389?journal_id=73132016-09-08T14:35:08ZAndreas Herzoisf@herzandreas.de
<ul><li><strong>Assignee</strong> set to <i>OISF Dev</i></li><li><strong>Target version</strong> set to <i>TBD</i></li></ul>