[Oisf-devel] Suricata 1.4beta1 Available!

Victor Julien victor at inliniac.net
Thu Sep 6 15:37:50 UTC 2012


The OISF development team is proud to announce Suricata 1.4beta1. This
is the first beta release for the upcoming 1.4 version. It is the result
of major effort by the OISF team with significant help from community
contributors Ignacio Sanchez and Simon Moon.

Get the new release here:
http://www.openinfosecfoundation.org/download/suricata-1.4beta1.tar.gz

New features

- Custom HTTP logging contributed by Ignacio Sanchez (#530)
- TLS certificate logging and fingerprint computation and keyword by
Jean-Paul Roliers (#443)
- TLS certificate store to disk feature Jean-Paul Roliers (#444)
- Decoding of IPv4-in-IPv6, IPv6-in-IPv6 and Teredo tunnels (#462, #514,
#480)
- AF_PACKET IPS support (#516)
- Rules can be set to inspect only IPv4 or IPv6 (#494)
- filesize keyword for matching on sizes of files in HTTP (#489)
- Delayed detect initialization. Starts processing packets right away
and loads detection engine in the background (#522)
- NFQ fail open support (#507)
- Highly experimental lua scripting support for detection

Improvements

- Live reloads now supports HTTP rule updates better (#522)
- AF_PACKET performance improvements (#197, #415)
- Make defrag more configurable (#517, #528)
- Improve pool performance (#518)
- Improve file inspection keywords by adding a separate API (#531)
- Example threshold.config file provided (#302)

Fixes

- Fix building of perf profiling code on i386 platform. By Simon Moon (#534)
- Various spelling corrections by Simon Moon (#533)

Credits

We'd like to thank the following people and corporations for their
contributions and feedback:

  Jean-Paul Roliers
  Ignacio Sanchez
  Michel Saborde
  Simon Moon
  Coverity

Known issues & missing features

In a beta release like this things may not be as polished yet. So please
handle with care. That said, if you encounter issues, please let us
know! As always, we are doing our best to make you aware of continuing
development and items within the engine that are not yet complete or
optimal.  With this in mind, please notice the list we have included of
known items we are working on.

See http://redmine.openinfosecfoundation.org/projects/suricata/issues
for an up to date list and to report new issues. See
http://redmine.openinfosecfoundation.org/projects/suricata/wiki/Known_issues
for a discussion and time line for the major issues.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Oisf-devel mailing list