Fixed syslog false negatives. (#1582)

- RSH vs Syslog may still happen for midstream traffic Signed-off-by: lns <matzeton@googlemail.com>
author: Toni <matzeton@googlemail.com> 2022-06-05 23:01:56 +0200
committer: GitHub <noreply@github.com> 2022-06-05 23:01:56 +0200
commit: 0b3f8ed849cdf9971224c49a3958f0904a2bbbb5 (patch)
tree: a8173c36b610f23cd0771a5e72a2002a4ccaceae /src/lib/protocols/syslog.c
parent: 1d492c9ed843a7372692b6a4c946d794ecb8b8b6 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/protocols/syslog.c b/src/lib/protocols/syslog.c
index 866e0a0c0..1b072de07 100644
--- a/src/lib/protocols/syslog.c
+++ b/src/lib/protocols/syslog.c
@@ -73,7 +73,8 @@ void ndpi_search_syslog(struct ndpi_detection_module_struct
         if (ndpi_isalnum(packet->payload[i]) == 0)
         {
             if (packet->payload[i] == ' ' || packet->payload[i] == ':' ||
-                packet->payload[i] == '=')
+                packet->payload[i] == '=' || packet->payload[i] == '[' ||
+                packet->payload[i] == '-')
             {
                 break;
             }
author	Toni <matzeton@googlemail.com>	2022-06-05 23:01:56 +0200
committer	GitHub <noreply@github.com>	2022-06-05 23:01:56 +0200
commit	0b3f8ed849cdf9971224c49a3958f0904a2bbbb5 (patch)
tree	a8173c36b610f23cd0771a5e72a2002a4ccaceae /src/lib/protocols/syslog.c
parent	1d492c9ed843a7372692b6a4c946d794ecb8b8b6 (diff)