Feature #6857: iprep: support seeing if rule is part of a rep list - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #6857

open

iprep: support seeing if rule is part of a rep list

Added by Victor Julien about 1 month ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

E.g. something like iprep:src,myCategory,isset; and iprep:src,myCategory,isnotset;. Not sure about the keyword, just used that is done in dataset.

Related issues 1 (1 open — 0 closed)

History
Property changes

Actions

Copy link

Updated by Victor Julien about 1 month ago

Related to Bug #6834: iprep: rule with '=,0' can't match added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #6857

iprep: support seeing if rule is part of a rep list

Updated by Victor Julien about 1 month ago