Feature #6723: detect: review existing keywords for usage of enumerations - Suricata - Open Information Security Foundation

Actions

Feature #6723

open

Task #6644: tracking: detect: integer as first-class support

detect: review existing keywords for usage of enumerations

Added by Philippe Antoine 6 months ago. Updated 7 days ago.

Status:

In Progress

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

Effort:

Difficulty:

Label:

Description

Follow up on #6647

http2.error_code and alike

Related issues 3 (0 open — 3 closed)

Actions

#1

Updated by Philippe Antoine 6 months ago

Related to Feature #6647: detect: integers: support for enumerations added

Actions

#2

Updated by Philippe Antoine 6 months ago

Also review for generic integer usage like #5446

Actions

#3

Updated by Philippe Antoine 6 months ago

Related to Feature #5446: allow ranges in dns.opcode value added

Actions

#4

Updated by Philippe Antoine 3 months ago

quick note : snmp pdu is not so easy to get this, because we use the enum of an external crate

Actions

#5

Updated by Philippe Antoine about 2 months ago

Related to Task #4683: detect: remove sigmatch_table in favor of a dynamic storage option added

Actions

#6

Updated by Philippe Antoine about 1 month ago

MQTTTypeCode is good for this

We should handle negation of known strings in detect_parse_uint_enum

Actions

#7

Updated by Philippe Antoine 10 days ago

https://github.com/OISF/suricata/pull/11502 did this for MQTTTypeCode

Actions

#8

Updated by Philippe Antoine 10 days ago

Status changed from New to In Progress

Actions

#9

Updated by Philippe Antoine 7 days ago

Target version changed from TBD to 8.0.0-beta1

This is done progressively for each protocol as pat of the rustification of keywords

Actions

Also available in: Atom PDF