Support #3037: The rules detect order - Suricata - Open Information Security Foundation

Actions

Copy link

Support #3037

closed

The rules detect order

Added by John Smith over 5 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Affected Versions:

Label:

Description

suricata detect the signatures with ip at first;then tcp or udp;the last is alproto?
and if the rules have same proto,the order is pass,drop,reject,alert?
and if the rules have same action,the order is the sid number?

History
Notes
Property changes

Actions

Copy link

Updated by Andreas Herz over 5 years ago

Target version set to TBD

Actions

Copy link

Updated by Victor Julien over 5 years ago

Assignee deleted (~~Shivani Bhardwaj~~)

Actions

Copy link

Updated by Andreas Herz over 5 years ago

Status changed from New to Closed

dupliocate of #3013

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Support #3037

The rules detect order

Updated by Andreas Herz over 5 years ago

Updated by Victor Julien over 5 years ago

Updated by Andreas Herz over 5 years ago