Bug #1697: byte_extract incompatibility with Snort. - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #1697

closed

byte_extract incompatibility with Snort.

Added by Jason Ish about 8 years ago. Updated about 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Jason Ish

Target version:

3.0.1

Affected Versions:

Effort:

Difficulty:

Label:

Description

Test with TALOS subscriber ruleset, Feb. 7 2016.

Suricata fails to parse a rule with the error:

[ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Base not specified for byte_extract, though string was specified.  The right options are (string, hex), (string, oct) or (string, dec)

And the relevant part of the rule being:

byte_extract:10,0,colspan,relative,string;

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #1697

byte_extract incompatibility with Snort.

Updated by Victor Julien about 8 years ago

Updated by Jason Ish about 8 years ago

Updated by Jason Ish about 8 years ago

Updated by Victor Julien about 8 years ago