[Oisf-users] Rule Protocol Keyword Documentation

Andreas Moe moe.andreas at gmail.com
Thu Nov 19 18:34:00 UTC 2015

Hi all!

I was looking around for some documentation for the different keywords,
with regards to the signature protocol (ex. alert ip.. / drop tcp...).

I searched on google, and om redmine for the suricata project, but dit not
find anything (could probably have "searched harder"..), but a search in
redmine for "pkthdr" gives nothing.

1) Anyone know of where this is documented?
2) If this is not documented
2.1) Anyone know were i can find a overview of the different allowed
keywords (in the code)
2.2) Were (what place in the documentation) would be a good place to add

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20151119/c6de8826/attachment.html>

More information about the Oisf-users mailing list