Project

General

Profile

Actions

Feature #2280

open

Feature #5665: rules: bidirectional transaction matching

http: rules that match both request and response

Added by Victor Julien about 7 years ago. Updated 5 months ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Introduce support for matching on fields from both request and response side in a single rule in http.

This will have some limitations around body matching.


Related issues 2 (2 open0 closed)

Related to Suricata - Task #2309: SuriCon 2017 brainstormAssignedVictor JulienActions
Related to Suricata - Task #3288: Suricon 2019 brainstormAssignedVictor JulienActions
Actions #1

Updated by Andreas Herz almost 7 years ago

  • Assignee set to OISF Dev
  • Target version set to TBD
Actions #2

Updated by Victor Julien almost 7 years ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
Actions #3

Updated by Victor Julien almost 7 years ago

  • Related to Task #2309: SuriCon 2017 brainstorm added
Actions #4

Updated by Victor Julien about 5 years ago

  • Related to Task #3288: Suricon 2019 brainstorm added
Actions #5

Updated by Philippe Antoine about 3 years ago

I do not understand what is expected here...

Actions #6

Updated by xiaolong li about 3 years ago

Philippe Antoine wrote in #note-5:

I do not understand what is expected here...

How to match http GET request with 404 NOT FOUND response?

Actions #7

Updated by Victor Julien about 2 years ago

  • Related to Feature #5665: rules: bidirectional transaction matching added
Actions #8

Updated by Victor Julien 5 months ago

  • Parent task set to #5665
Actions #9

Updated by Philippe Antoine 5 months ago

#5665 should cover this completely and more (not only http)

Actions

Also available in: Atom PDF