suricata

Author	SHA1	Message	Date
Jeff Lucovsky	7f102d95b6	detect: Modernize TLS keywords This changeset adds keywords for "tls.<name>" and moves the existing value of "tls_<name>" to an alias.	6 years ago
Eric Leblond	8c1b16e22d	doc: fix some links in list-keywords command	7 years ago
Victor Julien	0b3220a0df	detect: improve inspect buffer handling Fix and Optimize cleanup. For the simple single inspect buffer optimize the cleanup by keeping track of the actually used buffers. This avoid looping over unused buffers. Fix the case of cleaning not being done after a tx if the next tx is also inspected in the context of the same packet. Fix cleanup of the multi-inspect buffers. Optimize in 2 ways. First like with single keep track of which multi-inspect buffers have been used. Second, keep a max of the buffers within a multi-inspect buffer. Use this max to limit (nested) looping.	7 years ago
Mats Klepsland	6e23ae230b	detect: add (mpm) keyword ja3_string Match on JA3 string using ja3_string keyword, e.g: alert tls any any -> any any (msg:"JA3 string test"; ja3_string; content:"65-68-69-102"; sid:1;)	8 years ago