From: Victor Julien <victor@inliniac.net>
Date: Thu, 13 Feb 2014 13:41:54 +0000 (+0100)
Subject: dns: fix message of decoder rule 2240008
X-Git-Tag: suricata-2.0rc2~79
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df10559d80dab7320d9df07246261396334158cb;p=thirdparty%2Fsuricata.git

dns: fix message of decoder rule 2240008

The message now reflects that the rule matches on:
    app-layer-event:dns.state_memcap_reached;
---

diff --git a/rules/dns-events.rules b/rules/dns-events.rules
index 95dee1d09b..693f2f1b3b 100644
--- a/rules/dns-events.rules
+++ b/rules/dns-events.rules
@@ -12,4 +12,4 @@ alert dns any any -> any any (msg:"SURICATA DNS Z flag set"; app-layer-event:dns
 # Request Flood Detected
 alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.flooded; sid:2240007; rev:1;)
 # Per-flow (state) memcap reached. Relates to the app-layer.protocols.dns.state-memcap setting.
-alert dns any any -> any any (msg:"SURICATA DNS request flood detected"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:1;)
+alert dns any any -> any any (msg:"SURICATA DNS flow memcap reached"; flow:to_server; app-layer-event:dns.state_memcap_reached; sid:2240008; rev:2;)