Open Information Security Foundation

09/16/2025

07:21 PM Suricata Feature #6063: exception-policy: stream async policy

Could we abandon the 7.0 backport task in favor of a 8.0 backport task? This remains something we are waiting to use. Jamie Lavigne

06:52 PM Suricata Feature #6063: exception-policy: stream async policy

Searchable keyword: firewall Jamie Lavigne

09/15/2025

10:57 PM Suricata Bug #7902 (New): IKE invalid JSON log output

I don't have a packet capture to reproduce this bug, but I have a credible bug report and a plausible explanation. T... Jamie Lavigne

09/12/2025

11:24 PM Suricata Feature #7896: Report stream/socket bytes transferred in flow logs

Searchable keyword: protolog Jamie Lavigne

11:24 PM Suricata Feature #7896 (New): Report stream/socket bytes transferred in flow logs

Suricata reports total packets and bytes in flow logs, which counts the total data volume transferred including the o... Jamie Lavigne

12:45 AM Suricata Feature #7895: Identify tunnel parent flow ID in flow logs

Searchable keyword: protolog Jamie Lavigne

12:44 AM Suricata Feature #7895 (New): Identify tunnel parent flow ID in flow logs

Replaying a single connection (TCP connection tunneled inside a Geneve UDP) produces two flow log entries, one for th... Jamie Lavigne

08/06/2025

10:37 PM Suricata Feature #6456: output: binary logging

Ion could be a candidate that could coexist well with the existing JSON outputs: https://amazon-ion.github.io/ion-doc... Jamie Lavigne

09:38 PM Suricata Feature #7103: ssh: extra fields and keywords

Searchable keyword: protolog Jamie Lavigne

09:06 PM Suricata Bug #2091: nonexistent/misspelled custom fields accepted during parsing of suricata.yaml

Erroring explicitly would definitely be a good thing for usability - if it's an invalid input then getting that feedb... Jamie Lavigne