The OISF development team is proud to announce Suricata 1.4.1. This is a major update over the 1.4 release, adding some exiting features, many improvements and fixing some important bugs.

Get the new release here: suricata-1.4.1.tar.gz

The most interesting new feature is the GeoIP support. Great contribution by Ignacio Sanchez. It adds “geoip” rule keyword that allows you to match on source of destination of a packet per country.

New features

• GeoIP keyword, allowing matching on Maxmind’s database, contributed by Ignacio Sanchez (#559)
• Introduce http_host and http_raw_host keywords (#733, #743)
• Add python module for interacting with unix socket (#767)
• Add new unix socket commands: fetching config, counters, basic runtime info (#764, #765)

Improvements

• Big Napatech support update by Matt Keeler
• Configurable sensor id in unified2 output, contributed by Jake Gionet (#667)
• FreeBSD IPFW fixes by Nikolay Denev
• Add “default” interface setting to capture configuration in yaml (#679)
• Make sure “snaplen”…