Philippe Antoine
c7214be99b
snmp: adds usm keyword
...
as is logged
Ticker: #5416
2 years ago
Andreas Dolp
324f5ec10c
doc: Add missing ")" in example
2 years ago
Andreas Dolp
e4163c4e02
doc: Fix typos
2 years ago
Andreas Dolp
49bd6cfa5d
doc: Fix broken link
2 years ago
jason taylor
d799956348
doc: add note about file.data and file_data
...
Signed-off-by: jason taylor <jtfas90@gmail.com>
2 years ago
jason taylor
83f2056d20
doc: update file_data to file.data keyword
...
Signed-off-by: jason taylor <jtfas90@gmail.com>
2 years ago
jason taylor
cd54d0dbc8
doc: remove extra newline in order to match style
...
Signed-off-by: jason taylor <jtfas90@gmail.com>
2 years ago
jason taylor
38bd775ca0
doc: remove extraneous + characters
...
Signed-off-by: jason taylor <jtfas90@gmail.com>
2 years ago
Shivani Bhardwaj
015c9fe1e3
doc: add usage of flowbits OR op
...
Ticket 5130
3 years ago
Victor Julien
cf4ddab6f4
doc/quic: update for new quic.version logic
3 years ago
Emmanuel Thompson
6641efb74f
doc/quic: Add documentation for QUIC keywords
3 years ago
Philippe Antoine
0cfdec1266
detect: xor transform
...
Ticket: 3285
The xor transform applies xor decoding to a buffer, with a key
specified as an option in hexadecimal. Arbitrary key sizes are
accepted.
3 years ago
Juliana Fajardini
de0ce26e3f
userguide: update references to Suricata website
...
Many places were still referencing the old Suricata page.
Used git grep with replace to update them. Checked that new links work.
Left old references when they were only documentation examples (for
output or unittests).
Task#4915
3 years ago
Juliana Fajardini
4256c1ccd5
userguide: rename pg Lua Scripting->Lua Detection
...
Since we can have scripts for output _or_ detection, it seems more
clear to rename this page to add more meaning
3 years ago
Juliana Fajardini
59e5a21fca
userguide: update buffers list for lua-scripting
3 years ago
Juliana Fajardini
e7f1736f3a
userguide/lua: add explanation about `need` diffs
...
The differences on how the `need` key works, depending on script
usage (output or detection) confuses users, sometimes (cf doc#4725).
While we don't fix that, just explain this behavior.
3 years ago
Andreas Dolp
b25350ee13
doc: Fix typo in documentation of rule keyword flow
3 years ago
Philippe Antoine
fae7389ae2
pcre2: document the behavioral changes
3 years ago
Joshua Lumb
cf9b2b5fd1
detect-dsize: Add ! operator for dsize matching
3 years ago
myr463
755124763d
doc: escape dot in pcre
3 years ago
Shivani Bhardwaj
51be8f0238
doc/dcerpc: add proto keywords
3 years ago
showipintbri
a39025bf24
doc: Grammar Correction
3 years ago
frank honza
f83d51d0cb
ike: set event for multiple server proposals
4 years ago
Andreas Herz
a5f36eccf1
doc: add documentation for rawbytes keyword
4 years ago
frank honza
ab59ef0d79
ikev1: add documentation for ikev1
4 years ago
frank honza
ecdf9f6b0b
ikev1: rename ikev2 to common ike
...
Renaming was done with shell commands, git mv for moving the files and content like
find -iname '*.c' | xargs sed -i 's/ikev1/ike/g' respecting the different mixes of upper/lower case.
4 years ago
Jason Ish
547afcb983
doc/userguide/transforms: remove not about libnss being required
4 years ago
Jason Ish
c0ddad8e7e
doc/ja3: libnss support no longer required
4 years ago
Philippe Antoine
4e242645be
doc: explicit header normalization further
...
And their concatenation as described in RFC 2616
4 years ago
Philippe Antoine
6b30890de9
doc: http.uri.raw has no spaces
...
as they are in the protocol
cf bug #2881
4 years ago
Victor Julien
7b4ac8dbab
doc/userguide: update http keywords
4 years ago
Jeff Lucovsky
a18a9d3046
doc: New sticky buffer icmpv4.hdr
4 years ago
Victor Julien
c95850c6ce
doc/rules: document config rule option
4 years ago
Shivani Bhardwaj
87617b200c
doc/datasets: add info about memcap and hashsize
4 years ago
Victor Julien
e1ecb7dc41
doc/datasets: explain reloads, general improvements
4 years ago
Jeff Lucovsky
06f41f608c
doc: Improve grammar, spelling and clarifications
...
This commit improves the overall documentation's grammar, spelling, and
adds clarifications where needed.
4 years ago
jason taylor
b21160a6e3
doc: http.host keyword note for matching on port
...
Signed-off-by: jason taylor <jtfas90@gmail.com>
4 years ago
Philippe Antoine
999af4f62a
http2: adds documentation
4 years ago
Sascha Steinbiss
c31360070b
rust/mqtt: add MQTT parser
4 years ago
Philippe Antoine
1569f3e349
transform: adds url_decode keyword
...
Fixes https://redmine.openinfosecfoundation.org/issues/2689
Adds a new source file to handle this keyword.
And modifies documentation, Makefile, and registration accordingly.
url_decode decodes url-encoded data, ie replacing '+' with space
and '%HH' with its value.
4 years ago
Tristan Fletcher
6cbb4d4909
doc: fix spelling in flowbits image
4 years ago
Jeff Lucovsky
901fbae7b9
doc: Add byte_math documentation
4 years ago
Vadym Malakhatko
a80f705d4b
userguide: add documentation for Hassh usage
...
1. Rules keywords
2. Json keywords
3. Usage in lua
4. Enabling in configuration file
4 years ago
Jeff Lucovsky
b116a56a32
doc: Correct typos
4 years ago
Jeff Lucovsky
59cc3c6281
doc: Update byte_extract doc
4 years ago
Victor Julien
82ac72782d
doc/userguide: update app-proto list
4 years ago
Victor Julien
e6330c354d
doc/userguide: list valid rule actions
4 years ago
Jeff Lucovsky
5e4aa5b851
doc: Improve tos description
...
This commit improves the description of the `tos` keyword by emphasizing
that the value used should adhere to the guidelines in RFC2474. Instead
of specifying the DSCP value directly, right shift the DSCP value and
use that.
4 years ago
Jeff Lucovsky
3005dca3fd
doc: pcrexform documentation
4 years ago
Jason Ish
0dd1b2a616
doc: typo: http.server_body should be http.response_body
...
Thanks to Jason Williams for pointing this out.
5 years ago