next/607/20241021/v1

doc/userguide/partials/eve-log.yaml

@@ -181,7 +181,8 @@ outputs:
             # session id
             #session-resumption: no
             # custom controls which TLS fields that are included in eve-log
-            #custom: [subject, issuer, session_resumed, serial, fingerprint, sni, version, not_before, not_after, certificate, chain, ja3, ja3s, ja4]
+            # WARNING: enabling custom disables extended logging.
+            #custom: [subject, issuer, session_resumed, serial, fingerprint, sni, version, not_before, not_after, certificate, chain, ja3, ja3s, ja4, subjectaltname, client, client_certificate, client_chain, client_alpns, server_alpns]
         - files:
             force-magic: no   # force logging magic on all logged files
             # force logging of checksums, available hash functions are md5,

rust/src/enip/detect.rs

@@ -1558,22 +1558,6 @@ pub unsafe extern "C" fn ScDetectEnipRegister() {
         true,
         true,
     );
-    let kw = SCSigTableElmt {
-        name: b"enip_command\0".as_ptr() as *const libc::c_char,
-        desc: b"rules for detecting EtherNet/IP command\0".as_ptr() as *const libc::c_char,
-        url: b"/rules/enip-keyword.html#enip_command\0".as_ptr() as *const libc::c_char,
-        AppLayerTxMatch: Some(command_match),
-        Setup: command_setup,
-        Free: Some(command_free),
-        flags: 0,
-    };
-    G_ENIP_COMMAND_KW_ID = DetectHelperKeywordRegister(&kw);
-    G_ENIP_COMMAND_BUFFER_ID = DetectHelperBufferRegister(
-        b"enip.command\0".as_ptr() as *const libc::c_char,
-        ALPROTO_ENIP,
-        true,
-        true,
-    );
     let kw = SCSigTableElmt {
         name: b"enip.cip_status\0".as_ptr() as *const libc::c_char,
         desc: b"rules for detecting EtherNet/IP cip_status\0".as_ptr() as *const libc::c_char,