Actions
Feature #3086
closedapp_proto for Torrent traffic
Effort:
medium
Difficulty:
medium
Label:
Protocol
Description
Currently the app_proto registered for Torrent traffic is "failed". Can the detection be revised to detect Torrent traffic?
It should be identifiable by the payload pre-fix: "d1:ad2:id20:".
Updated by Andreas Herz over 5 years ago
- Assignee set to Community Ticket
- Target version set to TBD
- Effort set to medium
- Difficulty set to medium
Updated by Victor Julien about 4 years ago
- Status changed from New to Assigned
- Assignee changed from Community Ticket to Aaron Bungay
Updated by Victor Julien about 4 years ago
Are you doing protocol detection only or a full parser?
Updated by Victor Julien about 4 years ago
- Related to Task #4151: Research: New protocol support added
Updated by Aaron Bungay about 4 years ago
Victor Julien wrote in #note-4:
Are you doing protocol detection only or a full parser?
Doing a full parser in rust for the BitTorrent DHT protocol :)
Updated by Victor Julien about 4 years ago
- Target version changed from TBD to 7.0.0-beta1
- Label Protocol added
Great!
Updated by Aaron Bungay almost 4 years ago
Updated by Victor Julien over 2 years ago
- Status changed from Assigned to In Review
- Assignee changed from Aaron Bungay to Jason Ish
Updated by Victor Julien over 2 years ago
- Subject changed from app_proto for Torrent traffic? to app_proto for Torrent traffic
Updated by Victor Julien about 2 years ago
- Target version changed from 7.0.0-beta1 to 7.0.0-rc1
Updated by Jason Ish about 2 years ago
Latest PR for review: https://github.com/OISF/suricata/pull/7838
Actions