From b9ba792279a8bab2255cba960e977e2cc549596c Mon Sep 17 00:00:00 2001
From: Jason Ish <ish@unx.ca>
Date: Mon, 7 Nov 2016 10:02:18 -0500
Subject: [PATCH] dns-events: fix direction of malformed events + typo

---
 rules/dns-events.rules | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/rules/dns-events.rules b/rules/dns-events.rules
index 693f2f1b3b..82ee633113 100644
--- a/rules/dns-events.rules
+++ b/rules/dns-events.rules
@@ -1,8 +1,8 @@
 # Response (answer) we didn't see a Request for. Could be packet loss.
-alert dns any any -> any any (msg:"SURICATA DNS Unsollicited response"; flow:to_client; app-layer-event:dns.unsollicited_response; sid:2240001; rev:1;)
+alert dns any any -> any any (msg:"SURICATA DNS Unsolicited response"; flow:to_client; app-layer-event:dns.unsollicited_response; sid:2240001; rev:1;)
 # Malformed data in request. Malformed means length fields are wrong, etc.
-alert dns any any -> any any (msg:"SURICATA DNS malformed request data"; flow:to_client; app-layer-event:dns.malformed_data; sid:2240002; rev:1;)
-alert dns any any -> any any (msg:"SURICATA DNS malformed response data"; flow:to_server; app-layer-event:dns.malformed_data; sid:2240003; rev:1;)
+alert dns any any -> any any (msg:"SURICATA DNS malformed request data"; flow:to_server; app-layer-event:dns.malformed_data; sid:2240002; rev:1;)
+alert dns any any -> any any (msg:"SURICATA DNS malformed response data"; flow:to_client; app-layer-event:dns.malformed_data; sid:2240003; rev:1;)
 # Response flag set on to_server packet
 alert dns any any -> any any (msg:"SURICATA DNS Not a request"; flow:to_server; app-layer-event:dns.not_a_request; sid:2240004; rev:1;)
 # Response flag not set on to_client packet