Feature #735: Introduce content_len keyword - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #735

closed

AS VJ

Introduce content_len keyword

Feature #735: Introduce content_len keyword

Added by Anoop Saldanha over 13 years ago. Updated about 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

4.1beta1

Effort:

Difficulty:

Label:

Description

Add support for the content_len keyword.

Can be used as -

conten_len:<op>,<no>;

where,
op - >, <, >=, <=, = ,!=,
no - unsigned integer

The content_len can be modified by the http_* modifiers.

For example,

content:"index"; http_uri; content_len:=,8; http_uri;

If no modifier is used, it would match on the packet payload length(which is the same as dsize)

Suggestions, comments?

Related issues 1 (1 open — 0 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Feature #735

Introduce content_len keyword

VJ Updated by Victor Julien about 13 years ago Actions
Copy link
#1

AS Updated by Anoop Saldanha about 13 years ago Actions
Copy link
#2

VJ Updated by Victor Julien over 12 years ago Actions
Copy link
#3

VJ Updated by Victor Julien about 12 years ago Actions
Copy link
#4

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#5

AH Updated by Andreas Herz over 9 years ago Actions
Copy link
#6

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
#7

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
#8

VJ Updated by Victor Julien about 8 years ago Actions
Copy link
#9

Project

General

Profile

Suricata

Custom queries

Feature #735

Introduce content_len keyword

VJ Updated by Victor Julien about 13 years ago ActionsCopy link #1

AS Updated by Anoop Saldanha about 13 years ago ActionsCopy link #2

VJ Updated by Victor Julien over 12 years ago ActionsCopy link #3

VJ Updated by Victor Julien about 12 years ago ActionsCopy link #4

VJ Updated by Victor Julien almost 11 years ago ActionsCopy link #5

AH Updated by Andreas Herz over 9 years ago ActionsCopy link #6

VJ Updated by Victor Julien over 8 years ago ActionsCopy link #7

VJ Updated by Victor Julien over 8 years ago ActionsCopy link #8

VJ Updated by Victor Julien about 8 years ago ActionsCopy link #9

VJ Updated by Victor Julien about 13 years ago Actions
Copy link
#1

AS Updated by Anoop Saldanha about 13 years ago Actions
Copy link
#2

VJ Updated by Victor Julien over 12 years ago Actions
Copy link
#3

VJ Updated by Victor Julien about 12 years ago Actions
Copy link
#4

VJ Updated by Victor Julien almost 11 years ago Actions
Copy link
#5

AH Updated by Andreas Herz over 9 years ago Actions
Copy link
#6

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
#7

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
#8

VJ Updated by Victor Julien about 8 years ago Actions
Copy link
#9