]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8230cb5) | patch
detect/iponly: use flow first flags
authorVictor Julien <vjulien@oisf.net>
Thu, 23 Jan 2025 15:07:08 +0000 (16:07 +0100)
committerVictor Julien <victor@inliniac.net>
Tue, 28 Jan 2025 21:34:28 +0000 (22:34 +0100)
commit3f3964555e4e8f7292e8c704ddea6b824e4cd846
treeec9de53c0501bd4278e481228731fa7be1f79af2tree
parent8230cb5672e29c89a3feaf9670b5667e38a7149fcommit | diff
detect/iponly: use flow first flags

Instead of ip-only specific flags, reuse the FLOW_PKT_TOSERVER_FIRST and
FLOW_PKT_TOCLIENT_FIRST flags.

Fixes false positives on one sided streams that trigger a opposing flow
timeout packet at the flow's end. That pseudo packet would trigger a
match even though it shouldn't.

Ticket: #7521.
src/alert-debuglog.c diff | blob | blame | history
src/detect-engine-iponly.c diff | blob | blame | history
src/detect-flowbits.c diff | blob | blame | history
src/detect.c diff | blob | blame | history
src/flow.c diff | blob | blame | history
src/flow.h diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git