EL Eric Leblond
- Login: regit
- Email: eric@regit.org
- Registered on: 07/23/2010
- Last sign in: 05/07/2026
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 14 | 302 | 316 |
| Reported issues | 22 | 158 | 180 |
Projects
| Project | Roles | Registered on |
|---|---|---|
| Suricata | Developer | 12/30/2010 |
| Suricata-Update | Developer | 10/31/2017 |
Activity
05/07/2026
- EL 07:25 AM Suricata Feature #8516: http: include server header in default eve record as a field
- Jason Ish wrote in #note-5:
> @eleblond @pevma Any thoughts on how to handle the case where there are multiple server headers? We do not handle this for the user agent, either the first or last wins (I'm not sure which). So we could eit... - EL 07:23 AM Suricata Feature #8520: quic: include server header in default eve record as a field
- Jason Ish wrote in #note-6:
> Jason Ish wrote in #note-5:
> ...
IMO, the sni key is enough and it is not confusing as similar to what is in TLS.
09/08/2025
- EL 11:52 AM Suricata Feature #7888: eve: add app_proto to all event_type
- This is not a regression. I've tested with a 7.0.x and a 8.0.x and they behave similarly. I had a patch on the 7.0.x I used to test data format that was bringing more app_proto logging.
- EL 07:01 AM Suricata Feature #7888 (In Review): eve: add app_proto to all event_type
- Proposal here: https://github.com/OISF/suricata/pull/13810
- EL 06:54 AM Suricata Feature #7888 (In Review): eve: add app_proto to all event_type
- There is a regression between Suricata 7 and Suricata 8. The app_proto was logged in almost all events in 7 and is only log in a small subset (fileinfo, flow, frame, netflow) in 8.
This could trigger problem for people who have dashbo...
07/19/2025
- EL 08:07 AM Suricata Feature #7816 (In Review): Add alternative to file magic
- EL 07:59 AM Suricata Feature #7669 (Closed): Add support for development under NixOs
- shell.nix is now part of the source tree.
07/14/2025
- EL 07:53 PM Suricata Feature #7816 (In Progress): Add alternative to file magic
- EL 07:52 PM Suricata Feature #7816 (In Review): Add alternative to file magic
- File magic is suffering from multiple issues:
- not predictable: the magic depends of the version
- slow: computing magic on all files for logging is killing performance
Rust has a crate tree magic mini (https://docs.rs/tree_magic_...
07/11/2025
- EL 11:47 AM Suricata Bug #5652: af-packet: remove emergency flush from yaml
- Victor Julien wrote in #note-2:
> @regit do you remember why we wanted to do this?
The option is not really working or in some rare case so the purpose was to hide it.