alert pkthdr any any -> any any (msg:"SURICATA TCP duplicated option"; decode-event:tcp.opt_duplicate; classtype:protocol-command-decode; sid:2200037; rev:2;)
alert pkthdr any any -> any any (msg:"SURICATA UDP packet too small"; decode-event:udp.pkt_too_small; classtype:protocol-command-decode; sid:2200038; rev:2;)
alert pkthdr any any -> any any (msg:"SURICATA UDP header length too small"; decode-event:udp.hlen_too_small; classtype:protocol-command-decode; sid:2200039; rev:2;)
-alert pkthdr any any -> any any (msg:"SURICATA UDP invalid header length"; decode-event:udp.hlen_invalid; classtype:protocol-command-decode; sid:2200040; rev:2;)
+# 2200040 "udp.hlen_invalid" has been retired.
alert pkthdr any any -> any any (msg:"SURICATA UDP invalid length field in the header"; decode-event:udp.len_invalid; classtype:protocol-command-decode; sid:2200120; rev:2;)
alert pkthdr any any -> any any (msg:"SURICATA SLL packet too small"; decode-event:sll.pkt_too_small; classtype:protocol-command-decode; sid:2200041; rev:2;)
alert pkthdr any any -> any any (msg:"SURICATA Ethernet packet too small"; decode-event:ethernet.pkt_too_small; classtype:protocol-command-decode; sid:2200042; rev:2;)
}
if (OutdatedEvent(rawstr)) {
- SCLogWarning(
- SC_WARN_DEPRECATED, "decode-event keyword no longer supports event \"%s\"", rawstr);
+ if (SigMatchStrictEnabled(DETECT_DECODE_EVENT)) {
+ SCLogError(SC_WARN_DEPRECATED, "decode-event keyword no longer supports event \"%s\"",
+ rawstr);
+ goto error;
+ } else {
+ SCLogNotice("decode-event keyword no longer supports event \"%s\"", rawstr);
+ }
}
return de;
projects / thirdparty / suricata.git / commitdiff
