Fixed syslog false negatives.improved/syslog-false-negatives

- RSH vs Syslog may still happen for midstream traffic Signed-off-by: lns <matzeton@googlemail.com>
author: lns <matzeton@googlemail.com> 2022-06-04 21:03:17 +0200
committer: lns <matzeton@googlemail.com> 2022-06-05 22:48:20 +0200
commit: ca8ac946f48ab853f47b557ae643d36045d7ae95 (patch)
tree: 5608240e0a7228de964f44c56bffaae4bbc6a964 /src/lib/protocols/syslog.c
parent: 7419cfee6407ff2dad687733da8eb27edd181ef9 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/protocols/syslog.c b/src/lib/protocols/syslog.c
index 866e0a0c0..1b072de07 100644
--- a/src/lib/protocols/syslog.c
+++ b/src/lib/protocols/syslog.c
@@ -73,7 +73,8 @@ void ndpi_search_syslog(struct ndpi_detection_module_struct
         if (ndpi_isalnum(packet->payload[i]) == 0)
         {
             if (packet->payload[i] == ' ' || packet->payload[i] == ':' ||
-                packet->payload[i] == '=')
+                packet->payload[i] == '=' || packet->payload[i] == '[' ||
+                packet->payload[i] == '-')
             {
                 break;
             }
author	lns <matzeton@googlemail.com>	2022-06-04 21:03:17 +0200
committer	lns <matzeton@googlemail.com>	2022-06-05 22:48:20 +0200
commit	ca8ac946f48ab853f47b557ae643d36045d7ae95 (patch)
tree	5608240e0a7228de964f44c56bffaae4bbc6a964 /src/lib/protocols/syslog.c
parent	7419cfee6407ff2dad687733da8eb27edd181ef9 (diff)