
<div dir="ltr"><div>Hello Victor,<br></div><div>I was curious Suricata able to analyze QUIC protocol or not, and able to detect rules properly.<br></div><div><br></div><div>Thanks,<br></div><div><br><div class="gmail_quote"><div dir="ltr">On Thu, Mar 29, 2018 at 2:56 AM Victor Julien <<a href="mailto:lists@inliniac.net">lists@inliniac.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 28-03-18 21:05, SJ Lee wrote:<br>

> I would like to know that Suricata support parsing Quic protocol or not.<br>

> <br>

> <br>

> "The Quic protocol (Quick UDP Internet Connections) is a experimental<br>

> protocol designed by Google that its goal is to improve perceived<br>

> performance of connection-oriented web applications that are currently<br>

> using TCP."<br>

> <br>

<br>

There is no specific support for QUIC in Suricata. I've looked a little<br>

bit into it when doing the first tests with Rust, but that didn't lead<br>

to any merged code.<br>

<br>

What kind of support are you looking for?<br>

<br>

-- <br>

---------------------------------------------<br>

Victor Julien<br>

<a href="http://www.inliniac.net/" rel="noreferrer" target="_blank">http://www.inliniac.net/</a><br>

PGP: <a href="http://www.inliniac.net/victorjulien.asc" rel="noreferrer" target="_blank">http://www.inliniac.net/victorjulien.asc</a><br>

---------------------------------------------<br>

<br>

_______________________________________________<br>

Suricata IDS Devel mailing list: <a href="mailto:oisf-devel@openinfosecfoundation.org" target="_blank">oisf-devel@openinfosecfoundation.org</a><br>

Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Participate: <a href="http://suricata-ids.org/participate/" rel="noreferrer" target="_blank">http://suricata-ids.org/participate/</a><br>

List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>

Redmine: <a href="https://redmine.openinfosecfoundation.org/" rel="noreferrer" target="_blank">https://redmine.openinfosecfoundation.org/</a><br>

<br>

</blockquote></div></div></div>