<html><head></head><body>So just to be clear. If running Suricata 4.0.1 then it is best to use the 4.x set?<br><br><br><div><strong>
From:
</strong>
Francis Trudeau <ftrudeau@emergingthreats.net>
<br>
<strong>
To:
</strong>
Leonard Jacobs <ljacobs@netsecuris.com>
<br>
<strong>
Cc:
</strong>
Jason Williams <jwilliams@emergingthreats.net>, "oisf-users@openinfosecfoundation.org" <oisf-users@openinfosecfoundation.org>, Alan Amesbury <amesbury@oitsec.umn.edu>
<br>
<strong>
Sent:
</strong>
11/29/2017 6:24 PM
<br>
<strong>
Subject:
</strong>
Re: [Oisf-users] Suricata 4.0 rule fork
<br><br><blockquote class="mori" style="margin:0 0 0 .8ex;border-left:1px solid #CCC;padding-left:1ex;">>
<br>> Each set covers versions above it. 2.x set will run in anything above 2.0. If running 4.0, that set will work, but you'll be missing out on the new features we're targeting.
<br>
<br>"That set" was referencing the sentence prior, talking about 2.x set.
<br>I should have been more clear:
<br>
<br>> Each set covers versions above it. 2.x set will run in anything above 2.0. If running 4.0, the 2.x set will work, but you'll be missing out on the new 4.0 features we're using in the 4.x set.
<br>
<br>FT
<br></blockquote></div></body></html>