The OISF development team is proud to announce Suricata 1.4.1. This is a major update over the 1.4 release, adding some exiting features, many improvements and fixing some important bugs.
Get the new release here: suricata-1.4.1.tar.gz
The most interesting new feature is the GeoIP support. Great contribution by Ignacio Sanchez. It adds “geoip” rule keyword that allows you to match on source of destination of a packet per country.
New features
- GeoIP keyword, allowing matching on Maxmind’s database, contributed by Ignacio Sanchez (#559)
- Introduce http_host and http_raw_host keywords (#733, #743)
- Add python module for interacting with unix socket (#767)
- Add new unix socket commands: fetching config, counters, basic runtime info (#764, #765)
Improvements
- Big Napatech support update by Matt Keeler
- Configurable sensor id in unified2 output, contributed by Jake Gionet (#667)
- FreeBSD IPFW fixes by Nikolay Denev
- Add “default” interface setting to capture configuration in yaml (#679)
- Make sure “snaplen” can be set by the user (#680)
- Improve HTTP URI query string normalization (#739)
- Improved error reporting in MD5 loading (#693)
- Improve reference.config parser error reporting (#737)
- Improve build info output to include all configure options (#738)
Fixes
- Segfault in TLS parsing reported by Charles Smutz (#725)
- Fix crash in teredo decoding, reported by Rmkml (#736)
- fixed UDPv4 packets without checksum being detected as invalid (#760)
- fixed DCE/SMB parsers getting confused in some fragmented cases (#764)
- parsing ipv6 address/subnet parsing in thresholding was fixed by Jamie Strandboge (#697)
- FN: IP-only rule ip_proto not matching for some protocols (#689)
- Fix build failure with other libhtp installs (#688)
- Fix malformed yaml loading leading to a crash (#694)
- Various Mac OS X fixes (#700, #701, #703)
- Fix for autotools on Mac OS X by Jason Ish (#704)
- Fix AF_PACKET under high load not updating stats (#706)
Special thanks
- Ignacio Sanchez
- Matt Keeler — nPulse
- Jake Gionet
- Nikolay Denev
- Jason Ish — Endace
- Jamie Strandboge
- Charles Smutz
- Rmkml
Known issues & missing features
As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.
See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.
About Suricata
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.
More Articles...
- Suricata 1.3.5 Available!
- Suricata 1.4rc1 Available!
- Suricata 1.4beta3 Available for testing!
- Suricata 1.3.4 available!
- Suricata 1.3.3 Available!
- Suricata 1.4beta2 Available for testing!
- Suricata 1.3.2 Available!
- Suricata has a new Site!
- Suricata 1.4beta1 Available!
- RSVP Now!
- Suricata 1.3.1 Available!
- Suricata Training Session RC1
- Emulex OneConnect Network Xceleration Solution Provides Increased Performance with New Release of Suricata
- Myricom Joins OISF
- Suricata 1.3 Available!
- Eric Leblond to Speak at RMLL 2012
- Suricata 1.3rc1 Available!
- Suricata 1.3beta2 Available!
- Clone Systems Open Source Partnership Delivers Free Next Generation IPS
- BAE Systems Partners With OISF
- Tilera Partners with Suricata
- SRC Joins the OISF Consortium!
- Suricata 1.3beta1 Available!
- Planet Suricata launched
- Suricata Brainstorming Session Feb 7, 2012!
- Suricata 1.2.1 Available!
- Suricata 1.2 Available!
- Suricata Brainstorming Session in February!
- Suricata 1.2rc1 Available!
- Suricata 1.2beta1 Available!
- Suricata 1.1.1 Available!
- Suricata 1.1 Available!
- Suricata 1.1rc1 Available!
- Suricata 1.1beta3 Available!
- Brainstorming Meeting Summary and Phase Three Development Roadmap Draft
- Join the OISF Brainstorming Session Live!
- Attend the OISF Brainstorming Session! In Person or Remotely!
- EnergySec and the OISF announce new SCADA Research!
- Catch the OISF at Mil-OSS
- Register for the OISF Brainstorming Session at RAID 2011 in San Francisco
- Suricata 1.0.5 Available!
- OISF Brainstorming Session at RAID 2011 in San Francisco
- Barnyard2-1.10 - Beta 1 Release
- OISF to Support Barnyard2
- Suricata 1.0.4 Available!
- Eric Leblond joins the OISF Coding Staff!
- Suricata 1.1Beta2 Available!
- Suricata 1.0.3 Available!
- Board Voting Results!
- Suricata and Snorby Bootable Distribution
- OISF 2011 Board Election Voting Open!
- Final OISF Board Nominations List
- OISF State of the Project Report Phase Two
- Board Nominations Update #2
- OISF Board Nominations Update
- OISF Board Nominations Open
- RSA 2011 Brainstorming Session Agenda Available
- OISF Brainstorming Session at RSA!
- Mara Systems Joins the OISF Consortium!
- The next OISF Brainstorming Session will be held at RSA 2011 in San Francisco!
- Suricata 1.1 beta 1 Released
- Suricata development update
- Endace Commits to Another Year as Gold Level Consortium Member
- Napatech Joins the Foundation!
- NVIDIA Partners with the OISF
- Suricata 1.0.2 Released
- Suricata 1.0.1 Released
- OISF Welcomes nPulse Technologies as First Gold Member
- State of the Project Report
- Last Call for OISF Brainstorming Session Seats!!
- Suricata 1.0.0 Released
- OISF Brainstorming Meeting, RSVP now!
- Suricata 0.9.2 RC3 Released
- Suricata 0.9.1 RC2 Available!
- Next OISF Brainstorming Meeting Scheduled
- Suricata RC1 Released!
- Suricata 0.8.2 Released!
- The OISF Welcomes Edenwall to the Consortium!
- Suricata Development Meeting Update!
- Phase Two Planning Meeting
- Luca Deri becomes Part of the Suricata Dev Team
- Suricata 0.8.1 Released!
- New Features Series: Flowint
- Suricata Beta Available for Download!!
- First Release of Suricata Available Tomorrow!
- We have an Official Name and Mascot for the OISF Engine!
- The OISF Welcomes the Mammoth Law Group as a Partner
- The OISF Welcomes Kerio as a new Consortium Member!






