mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19cf0f8133
Add events for the following resource name parsing issues: - name truncated as its too long - maximum number of labels reached - infinite loop Currently these events are only registered when encountered, but recoverable. That is where we are able to return some of the name, usually in a truncated state. As name parsing has many code paths, we pass in a pointer to a flag field that can be updated by the name parser, this is done in addition to the flags being set on a specific name as when logging we want to designate which fields are truncated, etc. But for alerts, we just care that something happened during the parse. It also reduces errors as it won't be forgotten to check for the flags and set the event if some new parser is written that also parses names. Ticket: #7280 |
3 months ago | |
|---|---|---|
| .. | ||
| Makefile.am | 9 months ago | |
| README.md | 2 years ago | |
| app-layer-events.rules | ||
| decoder-events.rules | 2 years ago | |
| dhcp-events.rules | ||
| dnp3-events.rules | ||
| dns-events.rules | 3 months ago | |
| enip-events.rules | 9 months ago | |
| files.rules | 2 years ago | |
| ftp-events.rules | 2 years ago | |
| http-events.rules | 5 months ago | |
| http2-events.rules | 1 year ago | |
| ipsec-events.rules | 4 months ago | |
| kerberos-events.rules | ||
| modbus-events.rules | 4 months ago | |
| mqtt-events.rules | ||
| nfs-events.rules | ||
| ntp-events.rules | ||
| quic-events.rules | ||
| rfb-events.rules | 2 years ago | |
| smb-events.rules | 2 years ago | |
| smtp-events.rules | 3 years ago | |
| ssh-events.rules | ||
| stream-events.rules | 8 months ago | |
| tls-events.rules | ||
| websocket-events.rules | 11 months ago | |
README.md
Suricata Reserved SID Allocations
Unless otherwise noted, each component or protocol is allocated 1000 signature IDs.
Components
| Component | Start | End |
|---|---|---|
| Decoder | 2200000 | 2200999 |
| Stream | 2210000 | 2210999 |
| Generic App-Layer | 2260000 | 2260999 |
App-Layer Protocols
| Protocol | Start | End |
|---|---|---|
| SMTP | 2220000 | 2220999 |
| HTTP | 2221000 | 2221999 |
| NTP | 2222000 | 2222999 |
| NFS | 2223000 | 2223999 |
| IPsec | 2224000 | 2224999 |
| SMB | 2225000 | 2225999 |
| Kerberos | 2226000 | 2226999 |
| DHCP | 2227000 | 2227999 |
| SSH | 2228000 | 2228999 |
| MQTT | 2229000 | 2229999 |
| TLS | 2230000 | 2230999 |
| QUIC | 2231000 | 2231999 |
| FTP | 2232000 | 2232999 |
| DNS | 2240000 | 2240999 |
| MODBUS | 2250000 | 2250999 |
| DNP3 | 2270000 | 2270999 |
| HTTP2 | 2290000 | 2290999 |