]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7682816) | patch
detect: absent keyword to test absence of sticky buffer 12174/head
authorPhilippe Antoine <pantoine@oisf.net>
Thu, 30 Nov 2023 13:47:14 +0000 (14:47 +0100)
committerVictor Julien <victor@inliniac.net>
Thu, 28 Nov 2024 13:59:23 +0000 (14:59 +0100)
commit4ec90bd2276afab1c3c3eea82a1fd1216ee0961c
treec3bd0a84b52ff7c91563d2cda1aa01cf0cf599a6tree
parent7682816ef92fc7c158ca7c76b0666013fb52031acommit | diff
detect: absent keyword to test absence of sticky buffer

Ticket: 2224

It takes an argument to match only if the buffer is absent,
or it can still match if the buffer is present, but we test
the absence of some content.

For multi buffers, absent matches if there are 0 buffers.

For file keywords, absent matches if there is no file.
16 files changed:
doc/userguide/rules/payload-keywords.rst diff | blob | blame | history
src/detect-engine-analyzer.c diff | blob | blame | history
src/detect-engine-content-inspection.c diff | blob | blame | history
src/detect-engine-content-inspection.h diff | blob | blame | history
src/detect-engine-mpm.c diff | blob | blame | history
src/detect-engine-register.h diff | blob | blame | history
src/detect-engine.c diff | blob | blame | history
src/detect-file-data.c diff | blob | blame | history
src/detect-filemagic.c diff | blob | blame | history
src/detect-filename.c diff | blob | blame | history
src/detect-http-client-body.c diff | blob | blame | history
src/detect-http-header.c diff | blob | blame | history
src/detect-isdataat.c diff | blob | blame | history
src/detect-isdataat.h diff | blob | blame | history
src/detect-parse.c diff | blob | blame | history
src/detect.h diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git