]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b5bd635)
Pull request #4467: ips: ignore proto when service supersedes ports
authorRuss Combs (rucombs) <rucombs@cisco.com>
Fri, 4 Oct 2024 11:44:56 +0000 (11:44 +0000)
committerRuss Combs (rucombs) <rucombs@cisco.com>
Fri, 4 Oct 2024 11:44:56 +0000 (11:44 +0000)
Merge in SNORT/snort3 from ~RUCOMBS/snort3:svc_proto to master

Squashed commit of the following:

commit 63858fa7c98027773703bf38a6df9015b62ab238
Author: Russ Combs <rucombs@cisco.com>
Date:   Tue Oct 1 10:03:47 2024 -0400

    ips: ignore proto when service supersedes ports

src/detection/rtn_checks.cc patch | blob | blame | history

diff --git a/src/detection/rtn_checks.cc b/src/detection/rtn_checks.cc
index 2b90302663d8d097cac602f023661a652e623694..2d39cf8fcef8084a301875bcdb4cb4948b678ff5 100644 (file)
--- a/src/detection/rtn_checks.cc
+++ b/src/detection/rtn_checks.cc
@@ -237,8 +237,11 @@ int CheckDstPortNotEq(Packet* p, RuleTreeNode* rtn_idx,
     return 0;
 }
 
-int CheckProto(Packet* p, RuleTreeNode* rtn_idx, RuleFpList*, int)
+int CheckProto(Packet* p, RuleTreeNode* rtn_idx, RuleFpList*, int check_ports)
 {
+    if ( !check_ports )
+        return 1;  // ignore proto when ignoring ports
+
     assert(rtn_idx->snort_protocol_id < SNORT_PROTO_MAX);
 
     const int proto_bits[SNORT_PROTO_MAX] =  // SNORT_PROTO_ to PROTO_BIT__*
Mirror of https://github.com/snort3/snort3.git