aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rules: fix typos & missing keywords in examples

Browse Source 
Task #8372
pull/15080/head
Juliana Fajardini 1 month ago committed by Victor Julien
parent 9cab99fbd3
commit 56917cf8f3
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File

4
doc/userguide/capture-hardware/ebpf-xdp.rst
Unescape Escape View File

@ -160,8 +160,8 @@ Another solution is to use a set of signatures using the ``bypass`` keyword to o
a selective bypass. Suricata traffic ID defines flowbits that can be used in other signatures.
For instance one could use ::
alert any any -> any any (msg:"bypass video"; flowbits:isset,traffic/label/video; noalert; bypass; sid:1000000; rev:1;)
alert any any -> any any (msg:"bypass Skype"; flowbits:isset,traffic/id/skype; noalert; bypass; sid:1000001; rev:1;)
alert ip any any -> any any (msg:"bypass video"; flowbits:isset,traffic/label/video; noalert; bypass; sid:1000000; rev:1;)
alert ip any any -> any any (msg:"bypass Skype"; flowbits:isset,traffic/id/skype; noalert; bypass; sid:1000001; rev:1;)
Setup eBPF filter
-----------------

Write Preview
Loading…
Cancel
Save