mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-14 04:52:59 +02:00
suricata: Automatically enable JA3 fingerprinting.
Enable JA3 fingerprinting if any rules are enabled which are using this kind of feature. Fixes #12507. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Stefan Schantl
committed by
Michael Tremer
Michael Tremer
parent
0cdb151831
commit
0937bd9c01
@@ -387,9 +387,7 @@ app-layer:
|
||||
|
||||
# Generate JA3 fingerprint from client hello. If not specified it
|
||||
# will be disabled by default, but enabled if rules require it.
|
||||
#ja3-fingerprints: auto
|
||||
# Generate JA3 fingerprint from client hello
|
||||
ja3-fingerprints: no
|
||||
ja3-fingerprints: auto
|
||||
|
||||
# Completely stop processing TLS/SSL session after the handshake
|
||||
# completed. If bypass is enabled this will also trigger flow
|
||||
|
||||
Reference in New Issue
Block a user