SB Shivani Bhardwaj
- Login: unixia
- Registered on: 09/29/2018
- Last sign in: 05/19/2026
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 30 | 424 | 454 |
| Reported issues | 66 | 290 | 356 |
Projects
| Project | Roles | Registered on |
|---|---|---|
| Suricata | Developer, OISF Team, OISF Manager | 08/17/2023 |
| Suricata-Update | Developer, OISF Team, OISF Manager | 08/17/2023 |
Activity
05/22/2026
- SB 12:42 PM Suricata Task #8595 (In Review): flowbits: deprecate "toggle" command
- In Review PR: https://github.com/OISF/suricata/pull/15443
- SB 10:16 AM Suricata Task #8595 (In Review): flowbits: deprecate "toggle" command
- flowbits toggle command is not used by any major ruleset provider.
All the functionality that toggle offers can already be achieved by the combination of other available commands that are in regular use.
State tracking for flowbits bec... - SB 11:27 AM Suricata Task #8596 (In Review): detect: limit number of flowbits usage in a signature
- SB 10:33 AM Suricata Task #8596 (In Review): detect: limit number of flowbits usage in a signature
- Currently, there's no limit enforced on the number of times "flowbits" keyword could be used in a signature. A configurable limit is to be added with a reasonable allowed default.
- SB 10:14 AM Suricata Bug #8083 (Rejected): detect: incorrect rule ordering with more complex flowbit chains (8.0.x backport)
- Too intrusive to backport.
05/20/2026
- SB 08:20 AM Suricata Bug #8577 (Rejected): dcerpc: bind PDUs with 0 pfc_flags don't match without any_frag
- Thank you, @alexey !
I apologize. I was using an incorrect Wireshark filter on the PCAP you provided and misunderstood you based on that.
I thought @dcerpc.cn_flags.first_frag@ won't show me packets with flags set to 0 but I had to use a... - SB 06:03 AM Suricata Feature #8523 (In Review): dcerpc: map opnum to the function names
- In Review PR: https://github.com/OISF/suricata/pull/15421
- SB 06:03 AM Suricata Feature #2727 (In Review): dcerpc: UUID to service name mapping
- In Review PR: https://github.com/OISF/suricata/pull/15421
05/19/2026
- SB 08:27 AM Suricata Documentation #8578 (Triaged): doc: dcerpc any_frag option should mention which PDU is checked
- Reported by @alexey
- SB 08:24 AM Suricata Bug #8457: dcerpc.iface keyword matches any interface if PFC_FIRST_FRAG is missing in the BIND request
- thank you very much, Alexey!
> I have confirmed empirically — in the PCAP with live Windows port 135 traffic attached to this issue — that Windows endpoints accept BIND requests with pfc_flags=0x00 and respond with a valid BIND_ACK. S...