Eric Leblond

  • Email:
  • Registered on: 07/23/2010
  • Last connection: 10/20/2017



  • Suricata (Manager, Developer, 12/30/2010)



08:21 AM Suricata Bug #2249 (New): rule with file keyword used with ip or tcp not seen as invalid
Currently signature using ip and tcp and using a file keyword like filemd5 are not valid in the sense they will not m...
08:12 AM Suricata Feature #2213: file matching: allow generic file matching / store
This feature is also a bug as there is no warning on a rule like:...


03:45 AM Suricata Revision 7ee989a3: prscript: update urls to use OISF repo


04:12 PM Suricata Optimization #2218: Leave TSO enabled for Linux AF_PACKET runmode
In your test, you are testing the local stack not Suricata. In most cases, suricata is handling a copy of the traffic...
03:22 PM Suricata Optimization #2218: Leave TSO enabled for Linux AF_PACKET runmode
I agree TSO could be interesting to keep. What is your test ?


01:10 AM Suricata Bug #2217: event_type flow is missing icmpv4 (while it has icmpv6) info wherever available
This behavior has been introduced by commit:548a3b2c93aed79e39a34ee9dd4c68f43a27f363. Idea was not to create flows fo...


01:56 AM Suricata Revision 8fa6e065: af-packet: free bpf program
This fixes a small memory leak when Suricata is running with a
BPF filter.
01:56 AM Suricata Revision 7127ae2b: af-packet: call thread deinit function
01:51 AM Suricata Revision 620f2540: prscript: update docker code
Update docker code to latest docker python API. This patch
preserves backwrd compatibility with older versions.


09:59 AM Suricata Feature #2199: DNS answer events compacted
Regarding the format, i'm sure some people will be interested only by the "metadata" part. Other will want the detail...

Also available in: Atom