⚲
Project
General
Profile
Sign in
Register
Home
Projects
Help
Search
:
Suricata
All Projects
Suricata
Overview
Activity
Roadmap
Issues
Wiki
Files
8.0beta1
open
4%
183 issues
(
3 closed
—
180 open
)
Issues by
Tracker
Status
Priority
Author
Assignee
Category
Bug
1/32
Feature
0/56
Optimization
0/26
Task
2/35
Documentation
0/34
Related issues
Bug #635
: Some keywords missing in list-keyword command
Actions
Bug #1826
: Rule validation bug with fast_pattern:only and specified buffers
Actions
Bug #1926
: rule parsing: wrong content checked for fast_pattern (snort compatibility)
Actions
Bug #1983
: tls: events are directionless and trigger twice per flow direction
Actions
Bug #2205
: Buffer confusion with fast_pattern:only;
Actions
Bug #2836
: signature with filemagic do not honor flowbits
Actions
Bug #2881
: http.protocol parsing inaccuracy
Actions
Bug #2908
: ip only rules cause suricata to take 17 minutes to start
Actions
Bug #3218
: ssl_state does the wrong thing
Actions
Bug #3236
: missing keywords docs on some keywords when --list-keywords is called
Actions
Bug #3682
: bsize needs to err upon non possible matching conditions
Actions
Bug #3867
: windows: compile warnings
Actions
Bug #3910
: datasets: for type string the memcap isn't applied to the string data
Actions
Bug #4135
: dns: response only udp not detected as dns
Actions
Bug #4220
: failed to hit a signature with option --simulate-ips
Actions
Bug #4358
: Add warning/error for datatypes differing b/w C and Rust w FFI
Actions
Bug #4482
: detect: detect events not in rules, not tested (and not working?)
Actions
Bug #4529
: Not keyword matches in Kerberos requests
Actions
Bug #4786
: xbits: no error on invalid 'expire' values
Actions
Bug #4881
: alert event incorrectly log stored files
Actions
Bug #4898
: detect: Ensure detection events are logged
Actions
Bug #5017
: counters: tcp.syn, tcp.synack, tcp.rst depend on flow
Actions
Bug #5031
: flowbits - no error on invalid options
Actions
Bug #5037
: invalid timestamp in ending events
Actions
Bug #5076
: keyword content does not work over reassembled TCP
Actions
Bug #5165
: http: request not logged when response comes before request
Actions
Bug #5177
: detect/engine-analyzer: rule analyzer warns about http buffers usage/replacement even when using new keyword
Actions
Bug #5196
: Suricata test mode should fail when there are invalid config values
Actions
Bug #5220
: fast_pattern specification in base64_data shouldn't be allowed
Actions
Bug #5261
: rust: reconsider bundling Cargo.lock
Actions
Bug #5270
: Flow hash table collision and flow state corruption between different capture interfaces
Actions
Bug #5689
: community id computed wrong for tcp and ipv4 when src_ip == dest_ip
Actions
Feature #1005
: conditional logging: controlling what gets logged
Actions
Feature #1065
: Introduce vlan id keyword
Actions
Feature #1125
: smtp: improve protocol detection
Actions
Feature #1199
: protocol: LDAP support
Actions
Feature #1542
: dump-config - extend into multi-detect supplied yaml configuration
Actions
Feature #1993
: commandline: introduce --enable-all-outputs switch
Actions
Feature #2290
: lua: use script as transform
Actions
Feature #2375
: Design and implement sensible per-thread capabilities
Actions
Feature #2377
: deprecate: ssh.softwareversion and ssh.protoversion
Actions
Feature #2448
: Add additional buffers for DNS Responses
Actions
Feature #2486
: prefilter/fast_pattern logic for flowbits
Actions
Feature #2678
: list-keywords: add info about fast_pattern and transforms
Actions
Feature #2696
: http parser in rust
Actions
Feature #2816
: vlan: support more than 2 layers
Actions
Feature #2958
: Suricata 5.0.0beta1 and way too much anomaly logging
Actions
Feature #3003
: filestore to uses rename syscall instead of sendfile,which doesn't allow files to be sent across file systems
Actions
Feature #3487
: multi-part parser in Rust
Actions
Feature #3636
: eve: configuration options to enable all, none or just a default set of outputs
Actions
Feature #3912
: yaml: --include <yaml> commandline option
Actions
Feature #4089
: rules: Flexible format transform
Actions
Feature #4099
: allow rule keyword registration from app-layer
Actions
Feature #4136
: use Suricata-Update managed classification.config
Actions
Feature #4153
: Rust parsers: Make use of Rust derive style macros to generate common code in parsers
Actions
Feature #4174
: tracking: app-layer frame inspection support
Actions
Feature #4226
: bsize: apply as depth to patterns
Actions
Feature #4566
: pgsql: add subprotocol-states
Actions
Feature #4756
: capture: support ips stats for all IPS capture methods
Actions
Feature #4853
: eve: Add information about Suricata version
Actions
Feature #4854
: pgsql: Add COPY subprotocol-state
Actions
Feature #4855
: rules: refactor rule parsing into multi-stage parser
Actions
Feature #4861
: smb: support multi-stream file transfers
Actions
Feature #4876
: Additional FTP Buffers
Actions
Feature #4904
: dcerpc: add stream app-layer records support
Actions
Feature #4905
: smtp: add stream app-layer frame support
Actions
Feature #4906
: ftp: add stream app-layer frame support
Actions
Feature #4910
: dpdk: implement secondary mode
Actions
Feature #4986
: postgresql: support frames
Actions
Feature #4990
: eve/frames: make payload logging configurable
Actions
Feature #5029
: eve: telnet logger
Actions
Feature #5049
: detect/frames: allow mixing with txs
Actions
Feature #5075
: smb: keyword for the SMB version
Actions
Feature #5082
: smb: keyword for matching the SMB files
Actions
Feature #5194
: tracking: options for simulating various exceptions
Actions
Feature #5203
: dpdk: implement primary app for Suricata secondary mode
Actions
Feature #5217
: ips: allow dropping of flow if applayer specific memcap is hit
Actions
Feature #5234
: SSL/TLS Sticky Buffer for subjectAltName
Actions
Feature #5286
: ips: allow dropping of packet/flow when alert queue exceeded
Actions
Feature #5495
: implement grace period for midstream exception policy
Actions
Feature #5664
: "Scope" bits with expiration
Actions
Feature #5717
: rfb: add frame support
Actions
Feature #5726
: ike: add frame support
Actions
Feature #5731
: mqtt: add frame support
Actions
Feature #5737
: smtp body extract
Actions
Feature #5838
: dpdk: NIC encapsulation stripping
Actions
Feature #5839
: dpdk: power saving mode
Actions
Feature #5849
: dpdk: add virtio-pmd support
Actions
Optimization #2272
: Analyze DNS response if query is not present
Actions
Optimization #2621
: Convert setup scripts from sh/ed/sed to Python.
Actions
Optimization #3524
: Remove unsafe Rust code for ALPROTO_X constants
Actions
Optimization #3540
: krb5: use app-layer incomplete support
Actions
Optimization #3707
: Convert JSON Loggers to JsonBuilder
Actions
Optimization #3766
: Convert Stats to JsonBuilder
Actions
Optimization #3827
: clean up logging initialization code
Actions
Optimization #4141
: file.data: inspect File objects for HTTP
Actions
Optimization #4145
: file keywords: unify keyword registration
Actions
Optimization #4517
: cbindgen export the constants from Rust to C
Actions
Optimization #4753
: Fix inconsistency in Lua functions for the "needs" key
Actions
Optimization #4809
: stats: human readable sizes in the stats.log
Actions
Optimization #4950
: Code improvement in KRB5State.parse function
Actions
Optimization #4987
: frames: unify handling of getting frame data, flags
Actions
Optimization #5207
: Common Rust parser for *bits
Actions
Optimization #5476
: decoder: compact & flexible storage of decoder data in the packet
Actions
Optimization #5517
: decode: big clean up (macros and functions)
Actions
Optimization #5544
: tls keywords: increase code coverage and update documentation (if need be)
Actions
Optimization #5545
: prefilter keyword: increase code coverage
Actions
Optimization #5566
: pgsql: add events
Actions
Optimization #5583
: output: iface shortening more compact
Actions
Optimization #5672
: smb: avoid unbounded hash maps
Actions
Optimization #5787
: detect/filestore: optimize http tx handling
Actions
Optimization #5800
: ttl keywords: increase code coverage and update documentation (if need be)
Actions
Optimization #5801
: filemagic keywords: increase code coverage and update documentation (if need be)
Actions
Optimization #5827
: [investigate] output/drop: make `drop reason` more informative
Actions
Task #2693
: tracking: libsuricata
Actions
Task #3166
: src code file reorg
Actions
Task #3334
: Cleanup registration of C function pointers in SuricataContext in main()
Actions
Task #3343
: tracking: developer documentation
Actions
Task #3695
: research: libhwloc for better autoconfiguration
Actions
Task #4019
: Convert unittests to new FAIL/PASS API - detect-detection-filter.c
Actions
Task #4022
: Convert unittests to new FAIL/PASS API - detect-engine-address-ipv4.c
Actions
Task #4023
: Convert unittests to new FAIL/PASS API: detect-engine-address-ipv6.c
Actions
Task #4051
: Convert unittests to new FAIL/PASS API: detect-lua.c
Actions
Task #4067
: http2: overload existing http keywords to support http/2
Actions
Task #4082
: Convert FTP to Rust
Actions
Task #4098
: Convert SMTP to Rust
Actions
Task #4103
: Plugins: Convert a "core" parser (DNS) to use the plugin API
Actions
Task #4105
: Plugins: Create template capture source plugin
Actions
Task #4122
: tracking: handle various TLS decrypt headers in proxies and decryption tools
Actions
Task #4143
: tracking: file.data improvements
Actions
Task #4176
: plugins: review capture plugin API
Actions
Task #4201
: http2: full protocol support
Actions
Task #4429
: libsuricata: Use cases with examples
Actions
Task #4698
: Example program to bootstrap Suricata (an alternate main() for Suricata)
Actions
Task #4704
: unix-socket: separate functionality from the unix socket interface
Actions
Task #4742
: Make the auto-generated config.h not conflict with other config.h.
Actions
Task #4773
: research: IPS behavior wrt resource limits
Actions
Task #4919
: Add option to change sensor-name log field
Actions
Task #4936
: Use Rust to parse unix socket messages
Actions
Task #5050
: rules/frames: settle on rule syntax
Actions
Task #5053
: app-layer: dynamic alproto IDs
Actions
Task #5181
: detect/engine-analyzer: add rule analyzer warnings about rules that could use the frame keyword/semantics/feature
Actions
Task #5472
: tracking: upgrading from 6 to 7
Actions
Task #5510
: stream (midstream): investigate - Suri drops flow but still logs second packet of the flow
Actions
Task #5560
: dpdk: Design a test-case for Suricata running as a secondary process
Actions
Task #5588
: ips/tap: don't allow mixed tap and ips modes
Actions
Task #5610
: tracking: new protocol: telnet
Actions
Task #5682
: tracking: smb performance issues
Actions
Task #5840
: dpdk: Design test cases for DPDK capture interface
Actions
Documentation #2620
: Documentation: tagged_packets / event_type packet
Actions
Documentation #4350
: Devguide: transaction handling logic
Actions
Documentation #4352
: Devguide: Debugging Basics - pcap_cnt
Actions
Documentation #4557
: Add document about JsonBuilder
Actions
Documentation #4658
: Add/improve documentation for pcre substring capture logging
Actions
Documentation #4705
: userguide: add sections about frame support
Actions
Documentation #4708
: DevGuide: Add Eve Output Plugins
Actions
Documentation #5008
: userguide: add a protocol chart listing defaults
Actions
Documentation #5068
: nfs: document rule keyword
Actions
Documentation #5078
: suricata config reload: improve documentation on behavior
Actions
Documentation #5138
: userguide: add a section for fileinfo eve type
Actions
Documentation #5139
: userguide: add a section for netflow event type
Actions
Documentation #5274
: devguide: document how the alert flow works
Actions
Documentation #5393
: devguide: move github workflow document from redmine into devguide
Actions
Documentation #5449
: userguide: document how suricata processes rules internally
Actions
Documentation #5465
: doc/userguide: document terminating behavior of rule actions
Actions
Documentation #5494
: userguide: update tls eve-log fields 'not_before' and 'not_after'
Actions
Documentation #5513
: userguide: add a chapter for IPS mode
Actions
Documentation #5531
: userguide: ensure documentation is up to date
Actions
Documentation #5532
: userguide: have a section to mention and document the various ways stream-depth can be set
Actions
Documentation #5534
: userguide: better document what TCP midstreams are for Suricata
Actions
Documentation #5543
: userguide: document which keywords accept the prefilter keyword
Actions
Documentation #5554
: userguide: document behavior for actions like PASS, DROP, REJECT, BYPASS...
Actions
Documentation #5575
: docs: bring 'reporting bugs page' into userguide and update it
Actions
Documentation #5596
: doc/optimization: move 'suricata.git/doc/userguide/convert.py' to Python3
Actions
Documentation #5612
: devguide: add a chapter about Suricata's exception policies
Actions
Documentation #5651
: bsize: format should specify operators
Actions
Documentation #5690
: Document the differences between IPS and IDS mode.
Actions
Documentation #5829
: userguide: add context on "why/when an exception policy is applied"
Actions
Documentation #5830
: userguide: update & improve exception policy section
Actions
Documentation #5869
: userguide: describe what are the delta stats counters
Actions
Documentation #5897
: devguide: add section on generating code coverage reports locally
Actions
Documentation #5910
: devguide: explain possible differences in data inspection with inline stream or not
Actions
Documentation #5911
: userguide: update & bring guide for installation on Windows to RtD
Actions
Loading...