Project

General

Profile

Actions
Copy link

Feature #7929

open

Task #6644: tracking: detect: integer as first-class support

detect/integers: support optional second argument to specify the index for all keywords

Added by Philippe Antoine 7 days ago. Updated 3 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

List of keywords to do : ./src/suricata --list-keywords=csv | grep uint | grep multi | cut -d\; -f1

  • nfs_procedure (first cherry-pick da81b7e)
  • filesize (file iterator)
  • vlan.id (c prefilter)
  • enip.cip_attribute (array of arrays)
  • enip.cip_class (array of arrays)
  • enip.cip_status (array of arrays)
  • enip.cip_instance (array of arrays)
  • enip.cip_extendedstatus (array of arrays)
  • mqtt.reason_code (2 arrays ...)
  • mqtt.flags (bitflags)
  • mqtt.connect.flags (bitflags)

Also #7211 still TODO

Related issues 1 (0 open1 closed)

Copied from Suricata - Feature #7480: detect/integers: array of integers should support an optional second argument to specify the indexClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Philippe Antoine 7 days ago

  • Copied from Feature #7480: detect/integers: array of integers should support an optional second argument to specify the index added
Actions
Copy link
 #2

Updated by Philippe Antoine 3 days ago

  • Status changed from New to In Progress

https://github.com/OISF/suricata/pull/13908 for vlan.id

bitflags are waiting for first merge of approved https://github.com/OISF/suricata/pull/13905

Actions
Copy link

Also available in: Atom PDF