]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b3cd81a) | patch
teredo: be stricter on what to consider valid teredo
authorVictor Julien <victor@inliniac.net>
Wed, 19 Dec 2018 08:45:35 +0000 (09:45 +0100)
committerVictor Julien <victor@inliniac.net>
Sat, 16 Feb 2019 13:58:18 +0000 (14:58 +0100)
commit18551df3078300db3356dd3e6ac1f110f6e1c264
treef7281c007e60dd15ec233da2127dbbc73df1045dtree
parentb3cd81a087c840e8e78b373fbf39f073cfa96aeacommit | diff
teredo: be stricter on what to consider valid teredo

Invalid Teredo can lead to valid DNS traffic (or other UDP traffic)
being misdetected as Teredo. This leads to false negatives in the
UDP payload inspection.

Make the teredo code only consider a packet teredo if the encapsulated
data was decoded without any 'invalid' events being set.

Bug #2736.
src/decode-ipv6.c diff | blob | blame | history
src/decode-teredo.c diff | blob | blame | history
src/decode.c diff | blob | blame | history
src/decode.h diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git