]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Pull request #4290: dns: Set Flow timeout after getting DNS response
authorKaushal Bhandankar (kbhandan) <kbhandan@cisco.com>
Tue, 4 Jun 2024 06:39:40 +0000 (06:39 +0000)
committerShanmugam S (shanms) <shanms@cisco.com>
Tue, 4 Jun 2024 06:39:40 +0000 (06:39 +0000)
Merge in SNORT/snort3 from ~KBHANDAN/snort3:dns_flow_timeout to master

Squashed commit of the following:

commit 4cd584cdb71f0271d1eabbfade1b38dd8e0f6ac1
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date:   Wed Apr 17 13:58:01 2024 +0530

    dns: Set Flow timeout after getting DNS response

src/service_inspectors/dns/dns.cc

index 09c3efd116aa5c340cda438b96f249d128519120..5dc827d6eea72f0c2c0df8c9a9e09bda7b62cfb7 100644 (file)
@@ -1083,7 +1083,7 @@ void Dns::show(const SnortConfig*) const
 void Dns::eval(Packet* p)
 {
     // precondition - what we registered for
-    assert((p->is_udp() and p->dsize and p->data) or p->has_tcp_data());
+    assert((p->is_udp() and p->dsize and p->data) or p->has_tcp_data() or p->has_udp_quic_data());
     assert(p->flow);
 
     ++dnsstats.packets;
@@ -1148,6 +1148,9 @@ static void snort_dns(Packet* p, const DnsConfig* dns_config)
 
         if (!needNextPacket and dnsSessionData->has_events())
             DataBus::publish(Dns::get_pub_id(), DnsEventIds::DNS_RESPONSE_DATA, dnsSessionData->dns_events);
+
+        if (p->type() == PktType::UDP)
+            p->flow->session_state |= STREAM_STATE_CLOSED;
     }
     else
     {