You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

Philippe Antoine bb714c9178 http: have a headers limit Ticket: 7191 So as to avoid quadratic complexity in libhtp. Make the limit configurable from suricata.yaml, and have an event when network traffic goes over the limit.		3 weeks ago
..
Makefile.am	enip: convert to rust	4 months ago
README.md	rules/readme: document sid ranges in source tree	2 years ago
app-layer-events.rules	…
decoder-events.rules	rules: spelling	1 year ago
dhcp-events.rules	…
dnp3-events.rules	…
dns-events.rules	dns: parse and alert on invalid opcodes	2 years ago
enip-events.rules	enip: convert to rust	4 months ago
files.rules	rules: spelling	1 year ago
ftp-events.rules	ftp: add events for command too long	2 years ago
http-events.rules	http: have a headers limit	3 weeks ago
http2-events.rules	http2: handle reassembly for continuation frames	8 months ago
ipsec-events.rules	ike: set event for multiple server proposals	3 years ago
kerberos-events.rules	…
modbus-events.rules	rules: spelling	1 year ago
mqtt-events.rules	mqtt: raise event on parse error	3 years ago
nfs-events.rules	nfs: limits the number of active transactions per flow	3 years ago
ntp-events.rules	…
quic-events.rules	quic: events and rules on them	2 years ago
rfb-events.rules	rfb: never return error on unknown traffic	1 year ago
smb-events.rules	smb: checks against nbss records length	2 years ago
smtp-events.rules	protocol-change: sets event in case of failure	2 years ago
ssh-events.rules	…
stream-events.rules	stream: enable backoff on event rules	4 months ago
tls-events.rules	…
websocket-events.rules	app-layer: websockets protocol support	6 months ago

README.md

Suricata Reserved SID Allocations

Unless otherwise noted, each component or protocol is allocated 1000 signature IDs.

Components

Component	Start	End
Decoder	2200000	2200999
Stream	2210000	2210999
Generic App-Layer	2260000	2260999

App-Layer Protocols

Protocol	Start	End
SMTP	2220000	2220999
HTTP	2221000	2221999
NTP	2222000	2222999
NFS	2223000	2223999
IPsec	2224000	2224999
SMB	2225000	2225999
Kerberos	2226000	2226999
DHCP	2227000	2227999
SSH	2228000	2228999
MQTT	2229000	2229999
TLS	2230000	2230999
QUIC	2231000	2231999
FTP	2232000	2232999
DNS	2240000	2240999
MODBUS	2250000	2250999
DNP3	2270000	2270999
HTTP2	2290000	2290999