Feature #2572: extend protocol detection to specify flow direction - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #2572

closed

extend protocol detection to specify flow direction

Added by Victor Julien about 6 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

5.0beta1

Effort:

Difficulty:

Label:

Description

In midstream and async cases, the flow direction can be wrong. It's not always possible to detect this based on the packet properties, but the protocol detection can often tell.

Implement a way to allow protocol detect to change the flow direction.

Related issues 3 (1 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Blocks Suricata - Feature #1125: smtp: improve protocol detection	Closed	Philippe Antoine	Actions
Blocks Suricata - Feature #273: IRC protocol detection support	New	Community Ticket	Actions
Blocks Suricata - Optimization #2272: Analyze DNS response if query is not present	Rejected	Jason Ish	Actions

Project

General

Profile

Suricata

Custom queries

Feature #2572

extend protocol detection to specify flow direction

Updated by Victor Julien about 6 years ago

Updated by Victor Julien about 6 years ago

Updated by Victor Julien about 6 years ago

Updated by Victor Julien over 5 years ago

Updated by Victor Julien over 5 years ago

Updated by Victor Julien over 5 years ago