Open Information Security Foundation

01/17/2025

03:16 PM Suricata Task #7501 (New): rust/plugins: first class support for app-layer plugins

Jason Ish

03:16 PM Suricata Task #7500 (New): rust/plugins: first class support for eve filtetype plugins

Jason Ish

03:15 PM Suricata Task #7499 (New): tracking: rust/plugins: first class support for rust plugins

Currently our Rust is missing a lot of bindings required create many plugins in Rust such as an app-layer. These shou... Jason Ish

01/16/2025

03:46 PM Suricata Bug #7498 (New): rust: cleanup of extern "C" functions and no_mangle

I recently ran into an issue where a plugin was using a sha256 library that had a function names @sha256_transform@. ... Jason Ish

01/15/2025

04:00 PM Suricata-Update Task #7494 (In Progress): log: Suricata log level should be "error" when testing Suricata configuration

Jason Ish

03:40 PM Suricata-Update Task #7494 (In Progress): log: Suricata log level should be "error" when testing Suricata configuration

Currently when testing the Suricata configuration the Suricata log level is set to "warning". This results with a war... Jason Ish

01/13/2025

03:36 PM Suricata Task #6930: eve/stats: hide zero-values for counters individually (7.0.x backport)

Currently thinking we should close/reject this for the 7 series. Jason Ish

03:33 PM Suricata Bug #7460 (Closed): eve: empty src_ip and dest_ip values may be logged

Fix has been merged. Commit: 1551888f6e313a6a988d4b0d5bae279d89589bd7 Jason Ish

01/09/2025

06:09 PM Suricata Bug #7478: DNS packets not on port 53 are identified as DHCP protocol

Not able to replicate with this PCAP, do you have configuration changes as well?
DNS and DHCP are both probing par... Jason Ish

02:35 PM Suricata Task #5053: app-layer: dynamic alproto IDs

Looks like this complete #5053.
Jason Ish