Actions
Feature #2198
closed
Extend the DNS parser to accept dns_response keyword in signatures
Feature #2198:
Extend the DNS parser to accept dns_response keyword in signatures
Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
Effort:
Difficulty:
Label:
Description
For A and AAAA records it would be interesting to match on the IP received from the DNS resolver.
In particular this could be useful to check for potentially sink-holed domains.
AH Updated by Andreas Herz almost 9 years ago
- Tracker changed from Bug to Feature
- Target version changed from 70 to TBD
Since you assigned yourself, do you want to submit that?
Updated by Anonymous almost 9 years ago
Andreas Herz wrote:
Since you assigned yourself, do you want to submit that?
Yes, it is in the pipeline.
Do you want me to focus on a Rust implentation?
AH Updated by Andreas Herz almost 9 years ago
Depends on what you prefer, IMHO it would be nice to have it in Rust.
JI Updated by Jason Ish over 8 years ago
- Related to Feature #2448: dns: additional buffers for DNS Responses added
AH Updated by Andreas Herz about 7 years ago
- Assignee changed from Anonymous to Stian Bergseth
VJ Updated by Victor Julien over 6 years ago
- Assignee changed from Stian Bergseth to Community Ticket
VJ Updated by Victor Julien about 1 year ago
- Status changed from New to Rejected
- Assignee deleted (
Community Ticket) - Target version deleted (
TBD)
Done in #7012
VJ Updated by Victor Julien about 1 year ago
- Is duplicate of Feature #7012: rules: add dns.response sticky buffer added
Actions