[Oisf-users] LUA Byte Extract

Clark Kent ctyk3322 at gmail.com
Fri Mar 8 12:36:28 UTC 2019

It is good to hear that others would find this feature useful. So I am
trying to use extract byte that would represent the size of the payload and
then using LUA to calculate the size of the payload. If both value match
then that would generate an alert.

I was planning to submit a feature request if it didn't exist.

On Thu, Mar 7, 2019 at 6:09 PM b smith <x62smith at gmail.com> wrote:

> As far as I know there isn't a way to do it but I'm looking into
> submitting a feature request for byte_extract as well as other variables to
> pass to Lua.  I've got a couple use cases for it. Just got to put things
> together.
> What are you trying to do that requires passing a value to Lua?
> On Thu, Mar 7, 2019, 2:14 PM Clark Kent <ctyk3322 at gmail.com> wrote:
>> Hello,
>> I was curious if there was a way to use byte extract and pass that value
>> into a LUA script?
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> Conference: https://suricon.net
>> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190308/8a83426d/attachment.html>

More information about the Oisf-users mailing list