I am writing a rule where I wanted to use byte_jump and from_end. Reading the docs:
It appears that it should work but trying the example in the doc returns the following when attempting to load the rule into any Suricata version:
Problem starting Suricata daemon:  8/4/2020 – 18:08:31 - (detect-bytejump.c:462) (DetectBytejumpParse) – [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Unknown option: “from_end”
Also looking at the detect-bytejump.c I don’t see the from_end argument defined. Thanks in advance for any guidance!