MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: Removed url -> tls_cert_subject rule conversion for the suricata export, fixes #2396

pull/2428/head
Andras Iklody 2017-08-28 14:09:23 +02:00 committed by GitHub
parent 360b2df9bc
commit ad60bddc2d
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Lib/Export/NidsSuricataExport.php
View File

@ -136,6 +136,7 @@ class NidsSuricataExport extends NidsExport {
$content = 'flow:to_server; app-layer-protocol:tls;';
}
# Domain: rule on https certificate subject
/*
else {
$suricata_protocol = 'tls';
$suricata_src_ip = '$EXTERNAL_NET';
@ -144,6 +145,7 @@ class NidsSuricataExport extends NidsExport {
$suricata_dst_port = 'any';
$content = 'tls_cert_subject; content:"' . $data['host'] . '"; nocase; pcre:"/' . $data['host'] . '$/";';
}
*/
break;
case "ssh":