Project

General

Profile

8.0beta1

open

4%

183 issues   (3 closed180 open)

Issues by
Bug

1/32
Feature

0/56
Optimization

0/26
Task

2/35
Documentation

0/34
Related issues
Bug #635: Some keywords missing in list-keyword command Actions
Bug #1826: Rule validation bug with fast_pattern:only and specified buffers Actions
Bug #1926: rule parsing: wrong content checked for fast_pattern (snort compatibility) Actions
Bug #1983: tls: events are directionless and trigger twice per flow direction Actions
Bug #2205: Buffer confusion with fast_pattern:only; Actions
Bug #2836: signature with filemagic do not honor flowbits Actions
Bug #2881: http.protocol parsing inaccuracy Actions
Bug #2908: ip only rules cause suricata to take 17 minutes to start Actions
Bug #3218: ssl_state does the wrong thing Actions
Bug #3236: missing keywords docs on some keywords when --list-keywords is called Actions
Bug #3682: bsize needs to err upon non possible matching conditions Actions
Bug #3867: windows: compile warnings Actions
Bug #3910: datasets: for type string the memcap isn't applied to the string data Actions
Bug #4135: dns: response only udp not detected as dns Actions
Bug #4220: failed to hit a signature with option --simulate-ips Actions
Bug #4358: Add warning/error for datatypes differing b/w C and Rust w FFI Actions
Bug #4482: detect: detect events not in rules, not tested (and not working?) Actions
Bug #4529: Not keyword matches in Kerberos requests Actions
Bug #4786: xbits: no error on invalid 'expire' values Actions
Bug #4881: alert event incorrectly log stored files Actions
Bug #4898: detect: Ensure detection events are logged Actions
Bug #5017: counters: tcp.syn, tcp.synack, tcp.rst depend on flow Actions
Bug #5031: flowbits - no error on invalid options Actions
Bug #5037: invalid timestamp in ending events Actions
Bug #5076: keyword content does not work over reassembled TCP Actions
Bug #5165: http: request not logged when response comes before request Actions
Bug #5177: detect/engine-analyzer: rule analyzer warns about http buffers usage/replacement even when using new keyword Actions
Bug #5196: Suricata test mode should fail when there are invalid config values Actions
Bug #5220: fast_pattern specification in base64_data shouldn't be allowed Actions
Bug #5261: rust: reconsider bundling Cargo.lock Actions
Bug #5270: Flow hash table collision and flow state corruption between different capture interfaces Actions
Bug #5689: community id computed wrong for tcp and ipv4 when src_ip == dest_ip Actions
Feature #1005: conditional logging: controlling what gets logged Actions
Feature #1065: Introduce vlan id keyword Actions
Feature #1125: smtp: improve protocol detection Actions
Feature #1199: protocol: LDAP support Actions
Feature #1542: dump-config - extend into multi-detect supplied yaml configuration Actions
Feature #1993: commandline: introduce --enable-all-outputs switch Actions
Feature #2290: lua: use script as transform Actions
Feature #2375: Design and implement sensible per-thread capabilities Actions
Feature #2377: deprecate: ssh.softwareversion and ssh.protoversion Actions
Feature #2448: Add additional buffers for DNS Responses Actions
Feature #2486: prefilter/fast_pattern logic for flowbits Actions
Feature #2678: list-keywords: add info about fast_pattern and transforms Actions
Feature #2696: http parser in rust Actions
Feature #2816: vlan: support more than 2 layers Actions
Feature #2958: Suricata 5.0.0beta1 and way too much anomaly logging Actions
Feature #3003: filestore to uses rename syscall instead of sendfile,which doesn't allow files to be sent across file systems Actions
Feature #3487: multi-part parser in Rust Actions
Feature #3636: eve: configuration options to enable all, none or just a default set of outputs Actions
Feature #3912: yaml: --include <yaml> commandline option Actions
Feature #4089: rules: Flexible format transform Actions
Feature #4099: allow rule keyword registration from app-layer Actions
Feature #4136: use Suricata-Update managed classification.config Actions
Feature #4153: Rust parsers: Make use of Rust derive style macros to generate common code in parsers Actions
Feature #4174: tracking: app-layer frame inspection support Actions
Feature #4226: bsize: apply as depth to patterns Actions
Feature #4566: pgsql: add subprotocol-states Actions
Feature #4756: capture: support ips stats for all IPS capture methods Actions
Feature #4853: eve: Add information about Suricata version Actions
Feature #4854: pgsql: Add COPY subprotocol-state Actions
Feature #4855: rules: refactor rule parsing into multi-stage parser Actions
Feature #4861: smb: support multi-stream file transfers Actions
Feature #4876: Additional FTP Buffers Actions
Feature #4904: dcerpc: add stream app-layer records support Actions
Feature #4905: smtp: add stream app-layer frame support Actions
Feature #4906: ftp: add stream app-layer frame support Actions
Feature #4910: dpdk: implement secondary mode Actions
Feature #4986: postgresql: support frames Actions
Feature #4990: eve/frames: make payload logging configurable Actions
Feature #5029: eve: telnet logger Actions
Feature #5049: detect/frames: allow mixing with txs Actions
Feature #5075: smb: keyword for the SMB version Actions
Feature #5082: smb: keyword for matching the SMB files Actions
Feature #5194: tracking: options for simulating various exceptions Actions
Feature #5203: dpdk: implement primary app for Suricata secondary mode Actions
Feature #5217: ips: allow dropping of flow if applayer specific memcap is hit Actions
Feature #5234: SSL/TLS Sticky Buffer for subjectAltName Actions
Feature #5286: ips: allow dropping of packet/flow when alert queue exceeded Actions
Feature #5495: implement grace period for midstream exception policy Actions
Feature #5664: "Scope" bits with expiration Actions
Feature #5717: rfb: add frame support Actions
Feature #5726: ike: add frame support Actions
Feature #5731: mqtt: add frame support Actions
Feature #5737: smtp body extract Actions
Feature #5838: dpdk: NIC encapsulation stripping Actions
Feature #5839: dpdk: power saving mode Actions
Feature #5849: dpdk: add virtio-pmd support Actions
Optimization #2272: Analyze DNS response if query is not present Actions
Optimization #2621: Convert setup scripts from sh/ed/sed to Python. Actions
Optimization #3524: Remove unsafe Rust code for ALPROTO_X constants Actions
Optimization #3540: krb5: use app-layer incomplete support Actions
Optimization #3707: Convert JSON Loggers to JsonBuilder Actions
Optimization #3766: Convert Stats to JsonBuilder Actions
Optimization #3827: clean up logging initialization code Actions
Optimization #4141: file.data: inspect File objects for HTTP Actions
Optimization #4145: file keywords: unify keyword registration Actions
Optimization #4517: cbindgen export the constants from Rust to C Actions
Optimization #4753: Fix inconsistency in Lua functions for the "needs" key Actions
Optimization #4809: stats: human readable sizes in the stats.log Actions
Optimization #4950: Code improvement in KRB5State.parse function Actions
Optimization #4987: frames: unify handling of getting frame data, flags Actions
Optimization #5207: Common Rust parser for *bits Actions
Optimization #5476: decoder: compact & flexible storage of decoder data in the packet Actions
Optimization #5517: decode: big clean up (macros and functions) Actions
Optimization #5544: tls keywords: increase code coverage and update documentation (if need be) Actions
Optimization #5545: prefilter keyword: increase code coverage Actions
Optimization #5566: pgsql: add events Actions
Optimization #5583: output: iface shortening more compact Actions
Optimization #5672: smb: avoid unbounded hash maps Actions
Optimization #5787: detect/filestore: optimize http tx handling Actions
Optimization #5800: ttl keywords: increase code coverage and update documentation (if need be) Actions
Optimization #5801: filemagic keywords: increase code coverage and update documentation (if need be) Actions
Optimization #5827: [investigate] output/drop: make `drop reason` more informative Actions
Task #2693: tracking: libsuricata Actions
Task #3166: src code file reorg Actions
Task #3334: Cleanup registration of C function pointers in SuricataContext in main() Actions
Task #3343: tracking: developer documentation Actions
Task #3695: research: libhwloc for better autoconfiguration Actions
Task #4019: Convert unittests to new FAIL/PASS API - detect-detection-filter.c Actions
Task #4022: Convert unittests to new FAIL/PASS API - detect-engine-address-ipv4.c Actions
Task #4023: Convert unittests to new FAIL/PASS API: detect-engine-address-ipv6.c Actions
Task #4051: Convert unittests to new FAIL/PASS API: detect-lua.c Actions
Task #4067: http2: overload existing http keywords to support http/2 Actions
Task #4082: Convert FTP to Rust Actions
Task #4098: Convert SMTP to Rust Actions
Task #4103: Plugins: Convert a "core" parser (DNS) to use the plugin API Actions
Task #4105: Plugins: Create template capture source plugin Actions
Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption tools Actions
Task #4143: tracking: file.data improvements Actions
Task #4176: plugins: review capture plugin API Actions
Task #4201: http2: full protocol support Actions
Task #4429: libsuricata: Use cases with examples Actions
Task #4698: Example program to bootstrap Suricata (an alternate main() for Suricata) Actions
Task #4704: unix-socket: separate functionality from the unix socket interface Actions
Task #4742: Make the auto-generated config.h not conflict with other config.h. Actions
Task #4773: research: IPS behavior wrt resource limits Actions
Task #4919: Add option to change sensor-name log field Actions
Task #4936: Use Rust to parse unix socket messages Actions
Task #5050: rules/frames: settle on rule syntax Actions
Task #5053: app-layer: dynamic alproto IDs Actions
Task #5181: detect/engine-analyzer: add rule analyzer warnings about rules that could use the frame keyword/semantics/feature Actions
Task #5472: tracking: upgrading from 6 to 7 Actions
Task #5510: stream (midstream): investigate - Suri drops flow but still logs second packet of the flow Actions
Task #5560: dpdk: Design a test-case for Suricata running as a secondary process Actions
Task #5588: ips/tap: don't allow mixed tap and ips modes Actions
Task #5610: tracking: new protocol: telnet Actions
Task #5682: tracking: smb performance issues Actions
Task #5840: dpdk: Design test cases for DPDK capture interface Actions
Documentation #2620: Documentation: tagged_packets / event_type packet Actions
Documentation #4350: Devguide: transaction handling logic Actions
Documentation #4352: Devguide: Debugging Basics - pcap_cnt Actions
Documentation #4557: Add document about JsonBuilder Actions
Documentation #4658: Add/improve documentation for pcre substring capture logging Actions
Documentation #4705: userguide: add sections about frame support Actions
Documentation #4708: DevGuide: Add Eve Output Plugins Actions
Documentation #5008: userguide: add a protocol chart listing defaults Actions
Documentation #5068: nfs: document rule keyword Actions
Documentation #5078: suricata config reload: improve documentation on behavior Actions
Documentation #5138: userguide: add a section for fileinfo eve type Actions
Documentation #5139: userguide: add a section for netflow event type Actions
Documentation #5274: devguide: document how the alert flow works Actions
Documentation #5393: devguide: move github workflow document from redmine into devguide Actions
Documentation #5449: userguide: document how suricata processes rules internally Actions
Documentation #5465: doc/userguide: document terminating behavior of rule actions Actions
Documentation #5494: userguide: update tls eve-log fields 'not_before' and 'not_after' Actions
Documentation #5513: userguide: add a chapter for IPS mode Actions
Documentation #5531: userguide: ensure documentation is up to date Actions
Documentation #5532: userguide: have a section to mention and document the various ways stream-depth can be set Actions
Documentation #5534: userguide: better document what TCP midstreams are for Suricata Actions
Documentation #5543: userguide: document which keywords accept the prefilter keyword Actions
Documentation #5554: userguide: document behavior for actions like PASS, DROP, REJECT, BYPASS... Actions
Documentation #5575: docs: bring 'reporting bugs page' into userguide and update it Actions
Documentation #5596: doc/optimization: move 'suricata.git/doc/userguide/convert.py' to Python3 Actions
Documentation #5612: devguide: add a chapter about Suricata's exception policies Actions
Documentation #5651: bsize: format should specify operators Actions
Documentation #5690: Document the differences between IPS and IDS mode. Actions
Documentation #5829: userguide: add context on "why/when an exception policy is applied" Actions
Documentation #5830: userguide: update & improve exception policy section Actions
Documentation #5869: userguide: describe what are the delta stats counters Actions
Documentation #5897: devguide: add section on generating code coverage reports locally Actions
Documentation #5910: devguide: explain possible differences in data inspection with inline stream or not Actions
Documentation #5911: userguide: update & bring guide for installation on Windows to RtD Actions