Project

General

Profile

Actions
Copy link

Feature #2572

closed
VJ VJ

extend protocol detection to specify flow direction

Feature #2572: extend protocol detection to specify flow direction

Added by Victor Julien almost 8 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
5.0beta1
Effort:
Difficulty:
Label:

Description

In midstream and async cases, the flow direction can be wrong. It's not always possible to detect this based on the packet properties, but the protocol detection can often tell.

Implement a way to allow protocol detect to change the flow direction.

Related issues 3 (1 open2 closed)

Blocks Suricata - Feature #1125: smtp: improve protocol detectionClosedPhilippe AntoineActions
Blocks Suricata - Feature #273: IRC protocol detection supportNewCommunity TicketActions
Blocks Suricata - Optimization #2272: Analyze DNS response if query is not presentRejectedJason IshActions
Actions
Copy link

Also available in: PDF Atom