Actions
Bug #7773
openBug #7638: detect: incorrect rule ordering with more complex flowbit chains
flowbits: no-op unset + isnotset combinations are accepted
Affected Versions:
Effort:
Difficulty:
Label:
Description
For example, a rule like:
alert tcp any any -> any any (msg:"unset + isnotset"; flowbits:isnotset,abc; http.method; content:"GET"; flowbits:unset,abc; sid:111)
Updated by Shivani Bhardwaj 2 days ago
- Description updated (diff)
- Priority changed from Normal to High
Actions