Project

General

Profile

9.0.0-beta1

open

3%

162 issues   (0 closed — 162 open)

Issues by
Bug

0/12
Feature

0/69
Optimization

0/33
Task

0/45
Documentation

0/2
Security

0/1
Related issues
Bug #1826: Rule validation bug with fast_pattern:only and specified buffers Actions
Bug #1926: rule parsing: wrong content checked for fast_pattern (snort compatibility) Actions
Bug #3375: tracking: file tracking/inspection performance issues Actions
Bug #4873: smb: midstream probing check affects performance Actions
Bug #4917: tls: leading GAP in toserver direction leads to various issues Actions
Bug #5196: config: test mode should fail when there are invalid config values Actions
Bug #5704: Filestore is not working if landlock is enabled Actions
Bug #6652: Configuration values trigger error instead of warning messages Actions
Bug #6956: mqtt: create PDU frames without regard to the parsing function Actions
Bug #6971: defrag: default policy is inconsistent Actions
Bug #7528: decode: remove duplicate counters tracking unknown ethertype values Actions
Bug #7666: rust: zero-dependency crate suricata-core Actions
Feature #1005: conditional logging: controlling what gets logged Actions
Feature #1542: dump-config - extend into multi-detect supplied yaml configuration Actions
Feature #1979: TCP/IP packets normalization/scrubbing Actions
Feature #1983: tls: events are directionless and trigger twice per flow direction Actions
Feature #1993: commandline: introduce --enable-all-outputs switch Actions
Feature #2375: Design and implement sensible per-thread capabilities Actions
Feature #2678: list-keywords: add info about fast_pattern and transforms Actions
Feature #2958: Suricata 5.0.0beta1 and way too much anomaly logging Actions
Feature #3003: filestore to uses rename syscall instead of sendfile,which doesn't allow files to be sent across file systems Actions
Feature #3243: POP3 Support Actions
Feature #3446: app-layer: implement MySQL parser Actions
Feature #3636: eve: configuration options to enable all, none or just a default set of outputs Actions
Feature #4089: rules: Flexible format transform Actions
Feature #4153: app-layer: rust derive style macros to generate common code Actions
Feature #4174: tracking: app-layer frame inspection support Actions
Feature #4855: rules: refactor rule parsing into multi-stage parser Actions
Feature #4861: smb: support multi-stream file transfers Actions
Feature #4906: ftp: add stream app-layer frame support Actions
Feature #4910: dpdk: implement secondary mode Actions
Feature #4946: nfsv2: implement WRITE support Actions
Feature #4965: protocol: SOCKS support Actions
Feature #4986: pgsql: support frames Actions
Feature #4990: eve/frames: make payload logging configurable Actions
Feature #5029: eve: telnet logger Actions
Feature #5044: rules: keyword for "count" of http_header_names Actions
Feature #5049: detect/frames: allow mixing with txs Actions
Feature #5194: tracking: options for simulating various exceptions Actions
Feature #5415: tftp: support keywords such as file.name, file.data etc... Actions
Feature #5495: implement grace period for midstream exception policy Actions
Feature #5640: frames: tx frames Actions
Feature #5664: "Scope" bits should have an expiration Actions
Feature #5726: ike: add frame support Actions
Feature #5775: http.headers - dynamic sticky buffers Actions
Feature #5826: frames: logging of events set on frames Actions
Feature #5838: dpdk: NIC encapsulation stripping Actions
Feature #5845: smb: Support SMB_COM_SESSION_SETUP_ANDX Request Actions
Feature #5973: warn when HTTP rules will only work for a specific version of HTTP Actions
Feature #5974: Midstream exception policy "reject-both" support Actions
Feature #6063: exception-policy: stream async policy Actions
Feature #6114: dpdk: wrap DPDK logs in a Suricata logger Actions
Feature #6210: outputs: add verdict event type Actions
Feature #6237: Multi-tenancy: Allow inner VLAN to be selected Actions
Feature #6261: Add GRE as a parsible protocol Actions
Feature #6293: Support disabling forced flow reuse in low memory conditions Actions
Feature #6399: Per-thread stats values can be negative Actions
Feature #6409: Lua support for HTTP/2 Actions
Feature #6424: HTTP/2 - http.host behavior when both :authority pseudo header and host header are present Actions
Feature #6459: filebits: support for new type of bits Actions
Feature #6472: HTTP/3 support Actions
Feature #6723: detect: review existing keywords for usage of enumerations Actions
Feature #6724: detect: review existing keywords for usage of bitflags Actions
Feature #6729: websockets: support over HTTP/2 Actions
Feature #6936: landlock: enable by default Actions
Feature #6996: add transformation to keyword performance stats Actions
Feature #6999: output/json: enrich EVE w/ libmaxminddb geoip info Actions
Feature #7068: protocol support: STUN Actions
Feature #7070: eve: internal state output facility Actions
Feature #7092: frames: support rules with multiple different frames Actions
Feature #7109: app-layer: stop generating anomalies after gap in the flow Actions
Feature #7125: threshold: by_src, by_dst, by_both should support vlan separation Actions
Feature #7211: detect/integers: support a count argument for array of integers Actions
Feature #7399: ipv6: support short notation of ipv6 addresses in output Actions
Feature #7480: detect/integers: array of integers should support an optional second argument to specify the index Actions
Feature #7514: rules: add file specific hooks Actions
Feature #7571: list-keywords should somehow show the multi-buffer keywords Actions
Feature #7629: dpdk: support for a hardware-accelerated input drop filter Actions
Feature #7672: detect/transforms: subslice transform Actions
Feature #7674: source/tunnels: config option to distinguish tunnels Actions
Feature #7691: detect: explore code embedded relationships between registered keywords Actions
Optimization #2621: Convert setup scripts from sh/ed/sed to Python. Actions
Optimization #3540: krb5: use app-layer incomplete support Actions
Optimization #3707: Convert JSON Loggers to JsonBuilder Actions
Optimization #3734: af-packet: better support for csum offload Actions
Optimization #3766: Convert Stats to JsonBuilder Actions
Optimization #4490: rust: see if we can use SuricataStreamingBufferConfig Actions
Optimization #4517: cbindgen export the constants from Rust to C, also for macro such as BIT_U8(1), and remove duplicate definitions between rust and C Actions
Optimization #4747: app-layer: make tx iterator a mandatory part of the API Actions
Optimization #4802: af-packet: remove IPS support for tpacket-v3 Actions
Optimization #4806: af-packet: remove autofp support Actions
Optimization #4937: Convert Rule Profile JSON output to JsonBuilder Actions
Optimization #4950: Code improvement in KRB5State.parse function Actions
Optimization #4987: frames: unify handling of getting frame data, flags Actions
Optimization #5207: Common Rust parser for *bits Actions
Optimization #5453: af-packet ips: floods packets that should be learned Actions
Optimization #5476: decoder: compact & flexible storage of decoder data in the packet Actions
Optimization #5787: detect/filestore: optimize http tx handling Actions
Optimization #6001: investigate: optional/configurable stats log verbosity Actions
Optimization #6002: stats/exception: allow configuring verbosity via unix socket Actions
Optimization #6061: cmdline: make --list-runmodes output friendlier Actions
Optimization #6188: ConfYamlLoadString: handle allocation failures Actions
Optimization #6225: exception: standardize log message about set-up value Actions
Optimization #6654: pgsql: optimize PDU processing logic Actions
Optimization #6703: detect-engine/port: Explore Rank Balanced trees for post grouping uses Actions
Optimization #6747: dpdk: synchronized CPU stalls on Suricata workers Actions
Optimization #6960: fuzz: target to test signatures compatibility Actions
Optimization #7186: detect: represent direction with enum Actions
Optimization #7263: pgsql: limit tx.responses - configurable? Actions
Optimization #7266: detect/dns-query: clean-up and convert unit tests Actions
Optimization #7371: smb: events/counters for caches getting full Actions
Optimization #7423: eve/json: reduce default memory buffer size; remove double buffering Actions
Optimization #7430: dns: parse more than 255 name segments to find end of name Actions
Optimization #7676: flow/manager: prepare for emergency mode earlier Actions
Task #3166: src code file reorg Actions
Task #3334: rust: cleanup registration of C function pointers in SuricataContext Actions
Task #3836: Formatting rust code Actions
Task #4082: ftp: convert parser to Rust Actions
Task #4098: smtp: convert parser to Rust Actions
Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption tools Actions
Task #4143: tracking: file.data improvements Actions
Task #4161: tls: convert parser to Rust Actions
Task #4704: unix-socket: separate functionality from the unix socket interface Actions
Task #4707: detect: unify internal buffer names to use <proto>.<buffer> naming Actions
Task #4773: research: IPS behavior wrt resource limits Actions
Task #4919: Add option to change sensor-name log field Actions
Task #4936: Use Rust to parse unix socket messages Actions
Task #5050: rules/frames: settle on rule syntax Actions
Task #5181: detect/engine-analyzer: add rule analyzer warnings about rules that could use the frame keyword/semantics/feature Actions
Task #5256: rust: see if we can reduce number of crate deps Actions
Task #5560: dpdk: Design a test-case for Suricata running as a secondary process Actions
Task #5610: tracking: new protocol: telnet Actions
Task #5682: tracking: smb performance issues Actions
Task #6028: c: C11 _s style buffer handling calls Actions
Task #6029: c: require C11 Actions
Task #6179: tracking: flash decompression deprecation and removal Actions
Task #6184: flash decompression: remove feature Actions
Task #6217: research: increased tcp.overlap after file data changes Actions
Task #6258: misc: clean-up commented out code Actions
Task #6262: tracking: reduce stack usage Actions
Task #6273: misc: clean up left over printf calls Actions
Task #6474: detect: smtp body inspection keyword Actions
Task #6485: [investigate] Scoring method for keywords and transforms Actions
Task #6489: test/stream/tcp-list: fix unittests Actions
Task #6545: tls-store: unify with file-store Actions
Task #6849: brainstorm: should certain eve ouput types be removed (eg syslog) Actions
Task #6917: [investigate] exceptions: are drop reasons unique to policies? Actions
Task #6951: tracking: nfs performance issues Actions
Task #6968: decode: unify decode thread module with receive thread module Actions
Task #7030: arp: make arp opcodes into enum Actions
Task #7061: content-inspect: expand accepted range of depth/offset/distance & related Actions
Task #7071: core/rust: use Direction enum for raw parser trigger fn Actions
Task #7232: http-log: remove Actions
Task #7233: tls-log: remove (deprecated in Suricata 8) Actions
Task #7234: syslog: remove standalone syslog output Actions
Task #7511: engine/analysis: store warnings and debugs in the rule struct Actions
Task #7590: eve: remove syslog filetype Actions
Task #7642: tls: deprecate "default" as an option in encryption-handling node Actions
Task #7721: threading: make the Suricata 7 cpu affinity format obsolete Actions
Documentation #4557: Add document about JsonBuilder Actions
Documentation #7174: docs: investigate if RtD AddOns will impact our guides Actions
Security #6187: DetectEngineReload: handle allocation failures Actions

Also available in: TXT