Project

General

Profile

Actions
Copy link

Feature #2280

open

Feature #5665: rules: bidirectional transaction matching

http: rules that match both request and response

Added by Victor Julien over 6 years ago. Updated about 1 month ago.

Status:
Assigned
Priority:
Normal
Assignee:
Victor Julien
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Introduce support for matching on fields from both request and response side in a single rule in http.

This will have some limitations around body matching.

Related issues 2 (2 open0 closed)

Related to Suricata - Task #2309: SuriCon 2017 brainstormAssignedVictor JulienActions
Related to Suricata - Task #3288: Suricon 2019 brainstormAssignedVictor JulienActions
Actions
Copy link
 #1

Updated by Andreas Herz over 6 years ago

  • Assignee set to OISF Dev
  • Target version set to TBD
Actions
Copy link
 #2

Updated by Victor Julien over 6 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
Actions
Copy link
 #3

Updated by Victor Julien over 6 years ago

  • Related to Task #2309: SuriCon 2017 brainstorm added
Actions
Copy link
 #4

Updated by Victor Julien over 4 years ago

  • Related to Task #3288: Suricon 2019 brainstorm added
Actions
Copy link
 #5

Updated by Philippe Antoine almost 3 years ago

I do not understand what is expected here...

Actions
Copy link
 #6

Updated by xiaolong li almost 3 years ago

Philippe Antoine wrote in #note-5:

I do not understand what is expected here...

How to match http GET request with 404 NOT FOUND response?

Actions
Copy link
 #7

Updated by Victor Julien over 1 year ago

  • Related to Feature #5665: rules: bidirectional transaction matching added
Actions
Copy link
 #8

Updated by Victor Julien about 1 month ago

  • Parent task set to #5665
Actions
Copy link
 #9

Updated by Philippe Antoine about 1 month ago

#5665 should cover this completely and more (not only http)

Actions
Copy link

Also available in: Atom PDF