mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6291e220e4
Ticket: 7228 That means log the rest of queries and answers, even if the final field additionals is corrupt. Set an event in this case. |
2 weeks ago | |
|---|---|---|
| .. | ||
| Makefile.am | ||
| README.md | ||
| app-layer-events.rules | ||
| decoder-events.rules | ||
| dhcp-events.rules | ||
| dnp3-events.rules | ||
| dns-events.rules | ||
| enip-events.rules | ||
| files.rules | ||
| ftp-events.rules | ||
| http-events.rules | ||
| http2-events.rules | ||
| ipsec-events.rules | ||
| kerberos-events.rules | ||
| modbus-events.rules | ||
| mqtt-events.rules | ||
| nfs-events.rules | ||
| ntp-events.rules | ||
| quic-events.rules | ||
| rfb-events.rules | ||
| smb-events.rules | ||
| smtp-events.rules | ||
| ssh-events.rules | ||
| stream-events.rules | ||
| tls-events.rules | ||
| websocket-events.rules | ||
README.md
Suricata Reserved SID Allocations
Unless otherwise noted, each component or protocol is allocated 1000 signature IDs.
Components
| Component | Start | End |
|---|---|---|
| Decoder | 2200000 | 2200999 |
| Stream | 2210000 | 2210999 |
| Generic App-Layer | 2260000 | 2260999 |
App-Layer Protocols
| Protocol | Start | End |
|---|---|---|
| SMTP | 2220000 | 2220999 |
| HTTP | 2221000 | 2221999 |
| NTP | 2222000 | 2222999 |
| NFS | 2223000 | 2223999 |
| IPsec | 2224000 | 2224999 |
| SMB | 2225000 | 2225999 |
| Kerberos | 2226000 | 2226999 |
| DHCP | 2227000 | 2227999 |
| SSH | 2228000 | 2228999 |
| MQTT | 2229000 | 2229999 |
| TLS | 2230000 | 2230999 |
| QUIC | 2231000 | 2231999 |
| FTP | 2232000 | 2232999 |
| DNS | 2240000 | 2240999 |
| MODBUS | 2250000 | 2250999 |
| DNP3 | 2270000 | 2270999 |
| HTTP2 | 2290000 | 2290999 |