]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d2a6b61)
dns: fix message of decoder rule 2240008
authorVictor Julien <victor@inliniac.net>
Thu, 13 Feb 2014 13:41:54 +0000 (14:41 +0100)
committerVictor Julien <victor@inliniac.net>
Thu, 13 Feb 2014 13:41:54 +0000 (14:41 +0100)
The message now reflects that the rule matches on:
    app-layer-event:dns.state_memcap_reached;

rules/dns-events.rules patch | blob | blame | history

diff --git a/rules/dns-events.rules b/rules/dns-events.rules
index 95dee1d09b042b64f4cfd9874189950d502bbfeb..693f2f1b3b365a4859b47110bdc094d4a54634f7 100644 (file)
--- a/rules/dns-events.rules
+++ b/rules/dns-events.rules
@@ -12,4 +12,4 @@ alert dns any any -> any any (msg:"SURICATA DNS Z flag set"; app-layer-event:dns
 # Request Flood Detected
 alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.flooded; sid:2240007; rev:1;)
 # Per-flow (state) memcap reached. Relates to the app-layer.protocols.dns.state-memcap setting.
-alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:1;)
+alert dns any any -> any any (msg:"SURICATA DNS flow memcap reached"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:2;)
Mirror of https://github.com/OISF/suricata.git