aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

dns: fix message of decoder rule 2240008

Browse Source 
The message now reflects that the rule matches on:
    app-layer-event:dns.state_memcap_reached;
pull/841/head
Victor Julien 12 years ago
parent d2a6b61d76
commit df10559d80
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
rules/dns-events.rules
Unescape Escape View File

@ -12,4 +12,4 @@ alert dns any any -> any any (msg:"SURICATA DNS Z flag set"; app-layer-event:dns
# Request Flood Detected # Request Flood Detected
alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.flooded; sid:2240007; rev:1;) alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.flooded; sid:2240007; rev:1;)
# Per-flow (state) memcap reached. Relates to the app-layer.protocols.dns.state-memcap setting. # Per-flow (state) memcap reached. Relates to the app-layer.protocols.dns.state-memcap setting.
alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:1;) alert dns any any -> any any (msg:"SURICATA DNS flow memcap reached"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:2;)

Write Preview
Loading…
Cancel
Save