[Oisf-devel] [PATCH] suppress: DETECT_SUPPRESS_REGEX should support IPv6 addresses too. Bug #697.

Fri Jan 11 13:21:08 UTC 2013

---
 src/util-threshold-config.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/util-threshold-config.c b/src/util-threshold-config.c
index 3b659c3..ca4f81d 100644
--- a/src/util-threshold-config.c
+++ b/src/util-threshold-config.c
@@ -71,8 +71,9 @@ typedef enum ThresholdRuleType {
  * suppress has two form:
  *  suppress gen_id 0, sig_id 0, track by_dst, ip 10.88.0.14
  *  suppress gen_id 1, sig_id 2000328
+ *  suppress gen_id 1, sig_id 2000328, track by_src, ip fe80::/10
 */
-#define DETECT_SUPPRESS_REGEX "^,\\s*track\\s*(by_dst|by_src)\\s*,\\s*ip\\s*([\\d.:/]+)*\\s*$"
+#define DETECT_SUPPRESS_REGEX "^,\\s*track\\s*(by_dst|by_src)\\s*,\\s*ip\\s*([\\da-fA-F.:/]+)*\\s*$"
 
 /* Default path for the threshold.config file */
 #if defined OS_WIN32 || defined __CYGWIN__
-- 
1.7.10.4

