Open Information Security Foundation

05/30/2025

11:01 AM Suricata Bug #7724: detect: wrong detect behavior for stream keywords no_stream and only_stream

Can you create some SV tests to show the issue? Victor Julien

05/21/2025

06:58 PM Suricata Bug #7016: tls: hello retry request handling issues

I don't think the multiple SNI warning is correct here. It is meant for detecting multiple sni's in a client hello, n... Victor Julien

03:21 PM Suricata Feature #7713 (In Review): detect: add tcp.wscale keyword to match on TCP wscale option values

https://github.com/OISF/suricata/pull/13288 Victor Julien

03:21 PM Suricata Feature #7712 (In Review): detect: add pre_stream rule hook

https://github.com/OISF/suricata/pull/13288 Victor Julien

03:20 PM Suricata Feature #7714 (In Review): detect: add pre_flow rule hook

https://github.com/OISF/suricata/pull/13288 Victor Julien

03:04 PM Suricata Feature #7714 (In Review): detect: add pre_flow rule hook

Allow rules to drop packets before the flow engine is updated for a packet, or a flow is created.
Victor Julien

03:20 PM Suricata Feature #7715 (In Review): rules: add option to skip flow tracking for a packet

https://github.com/OISF/suricata/pull/13288 Victor Julien

03:06 PM Suricata Feature #7715 (In Review): rules: add option to skip flow tracking for a packet

Use config keyword to allow skipping flow handling for a packet. Requires pre_flow hook support to eval the rule befo... Victor Julien

03:20 PM Suricata Feature #7711 (In Review): tracking: detect: add detection hooks to inspect/drop before stateful components

https://github.com/OISF/suricata/pull/13288 Victor Julien

05/19/2025

02:27 PM Suricata Feature #6936: landlock: enable by default

For 8.0.0 will stick to improving docs. Victor Julien