Project

General

Profile

Actions
Copy link

Feature #741

closed
AS VJ

Introduce endswith keyword

Feature #741: Introduce endswith keyword

Added by Anoop Saldanha over 13 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
4.1beta1
Effort:
Difficulty:
Label:

Description

endswith is a modifier to the existing content keyword. It matches if the content string matches at the end of the buffer being matched. Usage wise it works the same as nocase.

Should we allow depth and within to be used with endswith keyword?

Related issues 2 (1 open1 closed)

Related to Suricata - Task #2309: SuriCon 2017 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #742: startswith keywordClosedVictor JulienActions
Actions
Copy link

Also available in: PDF Atom