[Discussion] Suricata 2.1beta2 Available!
Victor Julien
victor at inliniac.net
Thu Nov 6 10:32:34 UTC 2014
The OISF development team is proud to announce Suricata 2.1beta2. This
is the second beta release for the upcoming 2.1 version. It should be
considered a development snapshot for the 2.1 branch.
Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-2.1beta2.tar.gz
New features
Feature #549: Extract file attachments from emails
Feature #1312: Lua output support
Feature #899: MPLS over Ethernet support
Feature #383: Stream logging
Improvements
Feature #1263: Lua: Access to Stream Payloads
Feature #1264: Lua: access to TCP quad / Flow Tuple
Feature #707: ip reputation files - network range inclusion availability
(cidr)
Bug fixes
Bug #1048: PF_RING/DNA config - suricata.yaml
Bug #1230: byte_extract, within combination not working
Bug #1257: Flow switch is missing from the eve-log section in suricata.yaml
Bug #1259: AF_PACKET IPS is broken in 2.1beta1
Bug #1260: flow logging at shutdown broken
Bug #1279: BUG: NULL pointer dereference when suricata was debug mode.
Bug #1280: BUG: IPv6 address vars issue
Bug #1285: Lua - http.request_line not working (2.1)
Bug #1287: Lua Output has dependency on eve-log:http
Bug #1288: Filestore keyword in wrong place will cause entire rule not
to trigger
Bug #1294: Configure doesn't use --with-libpcap-libraries when testing
PF_RING library
Bug #1301: suricata yaml - PF_RING load balance per hash option
Bug #1308: http_header keyword not matching when SYN|ACK and ACK missing
(master)
Bug #1311: EVE output Unix domain socket not working (2.1)
Special thanks
We'd like to thank the following people and corporations for their
contributions and feedback:
- Tom Decanio -- FireEye
- Ken Steele -- Tilera
- Giuseppe Longo -- Emerging Threats & Ntop
- David Abarbanel -- BAE Systems
- Jason Ish -- Endace/Emulex
- Mats Klepsland
- Duarte Silva
- Bill Meeks
- Anoop Saldanha
- lessyv
Known issues & missing features
In a beta release like this things may not be as polished yet. So please
handle with care. That said, if you encounter issues, please let us
know! As always, we are doing our best to make you aware of continuing
development and items within the engine that are not yet complete or
optimal. With this in mind, please notice the list we have included of
known items we are working on.
See http://redmine.openinfosecfoundation.org/projects/suricata/issues
for an up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.
About Suricata
Suricata is a high performance Network IDS, IPS and Network Security
Monitoring engine. Open Source and owned by a community run non-profit
foundation, the Open Information Security Foundation (OISF). Suricata is
developed by the OISF, its supporting vendors and the community.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Discussion
mailing list