We are pleased to announce Suricata 4.0.1. This is regular bug fix release fixing various issues. Also added is much improved Napatech support.

Changes

Feature #2114: Redis output: add RPUSH support

Feature #2152: Packet and Drop Counters for Napatech

Bug #2050: TLS rule mixes up server and client certificates

Bug #2064: Rules with dual classtype do not error

Bug #2074: detect msg: memory leak

Bug #2102: Rules with dual sid do not error

Bug #2103: Rules with dual rev do not error

Bug #2151: The documentation does not reflect current suricata.yaml regarding cpu-affinity

Bug #2194: rust/nfs: sigabrt/rust panic – 4.0.0-dev (rev fc22943)

Bug #2197: rust build with lua enabled fails on x86

Bug #2201: af_packet: suricata leaks memory with use-mmap enabled and incorrect BPF filter

Bug #2207: DNS UDP “Response” parsing recording an incorrect value

Bug #2208: mis-structured JSON stats output if interface name is shortened

Bug #2226: improve error message if stream memcaps too low

Bug #2228: enforcing specific number of threads with autofp does not seem to work

Bug #2244: detect state uses broken offset logic (4.0.x)

Download

https://www.openinfosecfoundation.org/download/suricata-4.0.1.tar.gz

Special thanks

Qidu Sy, Phil Young – Napatech, Mats Klepsland, Sascha Steinbiss, Alexander Gozman, Derek Kingsbury, Julian Wecke, Pierre Chifflier, Jason Taylor

Trainings

User Training at SuriCon 2017, in Prague: https://www.eventbrite.com/e/2-day-suricata-training-suricon-2017-tickets-32303327121

New: rule writing training ‘SigDev’ at SuriCon: https://www.eventbrite.com/e/2-day-sigdev-training-suricon-2017-tickets-36460477269

Conference attendees get a 20% discount!

SuriCon 2017

Less than one month to SuriCon 2017! Come meet the Suricata community and development team to discuss all things Suricata at the third edition of the annual Suricata Conference. SuriCon 2017 will be next month in Prague: https://suricon.net

About Suricata

Suricata is a high performance Network Threat Detection, IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.