]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
projects / thirdparty / snort3.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a75810f)
Merge pull request #1603 in SNORT/snort3 from ~BRASTULT/snort3:fp_detect_fix to master
authorRuss Combs (rucombs) <rucombs@cisco.com>
Mon, 17 Jun 2019 00:49:06 +0000 (20:49 -0400)
committerRuss Combs (rucombs) <rucombs@cisco.com>
Mon, 17 Jun 2019 00:49:06 +0000 (20:49 -0400)
Squashed commit of the following:

commit 4ab32a7ec9d864cf0f2874a40df203b256434769
Author: Brandon Stultz <brastult@cisco.com>
Date:   Fri May 10 01:18:44 2019 -0400

    detection: on PDUs search TCP/UDP portgroups even when user_mode services exist

src/detection/fp_detect.cc patch | blob | blame | history

diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc
index c4a42f1e6dd5bd18260cd0de53061adf2ed61bb4..e5db0d3dc5de236a9ec64b5159f3b20b9eedbd7f 100644 (file)
--- a/src/detection/fp_detect.cc
+++ b/src/detection/fp_detect.cc
@@ -1276,8 +1276,7 @@ static void fpEvalPacket(Packet* p, FPTask task)
         if ( SnortConfig::get_conf()->sopgTable->user_mode )
             fpEvalHeaderSvc(p, omd, SNORT_PROTO_USER, task);
 
-        // use ports if we don't know service or don't have rules
-        else if ( p->proto_bits & PROTO_BIT__TCP )
+        if ( p->proto_bits & PROTO_BIT__TCP )
         {
             if ( p->get_snort_protocol_id() == UNKNOWN_PROTOCOL_ID or !fpEvalHeaderSvc(p, omd, SNORT_PROTO_TCP, task) )
                 fpEvalHeaderTcp(p, omd, task);
Mirror of https://github.com/snort3/snort3.git