Open Information Security Foundation

06/23/2025

09:02 AM Suricata Feature #7785: pcap-log: support packet context for conditional alerts

Ofer Dagan wrote:
> Hi all,
>
> Currently the pcap-log feature, when configured with `conditional: alerts`, only ... Eric Leblond

06/08/2025

06:23 AM Suricata Bug #7746 (Closed): suricatasc does not handle reconnect

The rust version of suricatasc does not handle automatic reconnect.
When a python suricatasc is started, it is han... Eric Leblond

05/07/2025

07:14 AM Suricata Bug #7689 (In Review): datasets: set type IP can't set IPv4

Eric Leblond

07:14 AM Suricata Bug #7689: datasets: set type IP can't set IPv4

Done in https://github.com/OISF/suricata/pull/13176 Eric Leblond

06:43 AM Suricata Bug #7689 (Closed): datasets: set type IP can't set IPv4

The type IP of dataset is handling IPv4 and IPv6 addresses. If matching is fine, it is currently not able to set an I... Eric Leblond

04/21/2025

04:25 PM Suricata Feature #7669 (In Review): Add support for development under NixOs

NixOS (https://nixos.org/) is Linux operating system that allow dynamic environment to be setup for specific tasks.
... Eric Leblond

04/09/2025

11:39 AM Suricata Feature #7654 (New): detect: rule keywords for matching on file hashes

Matching on a list of files hash is convenient but it requires to ship multiple files which is not convenient in auto... Eric Leblond

03/30/2025

03:10 PM Suricata Feature #7635 (Closed): eve: include transaction count

Transaction Id or transaction count is a interesting information when trying to understand the nature of a flow.
B... Eric Leblond

01/19/2025

09:29 PM Suricata Bug #7509 (In Review): Invalid macros in decode-tcp.h

Eric Leblond

09:27 PM Suricata Bug #7509 (In Review): Invalid macros in decode-tcp.h

Some macros are present in decode-tcp.h but they have not been update to the l4 approach. Eric Leblond