<div dir="ltr"><div>Hello Victor,<br></div><div>I was curious Suricata able to analyze QUIC protocol or not, and able to detect rules properly.<br></div><div><br></div><div>Thanks,<br></div><div><br><div class="gmail_quote"><div dir="ltr">On Thu, Mar 29, 2018 at 2:56 AM Victor Julien <<a href="mailto:lists@inliniac.net">lists@inliniac.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 28-03-18 21:05, SJ Lee wrote:<br>
> I would like to know that Suricata support parsing Quic protocol or not.<br>
> <br>
> <br>
> "The Quic protocol (Quick UDP Internet Connections) is a experimental<br>
> protocol designed by Google that its goal is to improve perceived<br>
> performance of connection-oriented web applications that are currently<br>
> using TCP."<br>
> <br>
<br>
There is no specific support for QUIC in Suricata. I've looked a little<br>
bit into it when doing the first tests with Rust, but that didn't lead<br>
to any merged code.<br>
<br>
What kind of support are you looking for?<br>
<br>
-- <br>
---------------------------------------------<br>
Victor Julien<br>
<a href="http://www.inliniac.net/" rel="noreferrer" target="_blank">http://www.inliniac.net/</a><br>
PGP: <a href="http://www.inliniac.net/victorjulien.asc" rel="noreferrer" target="_blank">http://www.inliniac.net/victorjulien.asc</a><br>
---------------------------------------------<br>
<br>
_______________________________________________<br>
Suricata IDS Devel mailing list: <a href="mailto:oisf-devel@openinfosecfoundation.org" target="_blank">oisf-devel@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Participate: <a href="http://suricata-ids.org/participate/" rel="noreferrer" target="_blank">http://suricata-ids.org/participate/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
Redmine: <a href="https://redmine.openinfosecfoundation.org/" rel="noreferrer" target="_blank">https://redmine.openinfosecfoundation.org/</a><br>
<br>
</blockquote></div></div></div>