dns: validate header on every incoming message
As UDP streams getting probed, a stream that does not appear to be DNS
at first, may have a single packet that does look close enough to DNS
to be picked up as DNS causing every subsequent packet to result in a
parser error.
To mitigate this, probe every incoming DNS message header for validity
before continuing onto the body. If the header doesn't validate as
DNS, just ignore the packet so no parse error is registered.
(cherry picked from commit
595700ab7e9dc9d12d46cf4d6833a86840decdf9)
projects / thirdparty / suricata.git / commit
