From: Russ Combs (rucombs) Date: Thu, 12 Jan 2017 17:29:53 +0000 (-0500) Subject: Merge pull request #771 in SNORT/snort3 from appid_count_kerberos to master X-Git-Tag: 3.0.0-233~113 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1b6e6fddfc660f9da065a05bdfad90068157229f;p=thirdparty%2Fsnort3.git Merge pull request #771 in SNORT/snort3 from appid_count_kerberos to master Squashed commit of the following: commit 2721acae70b568e4d8e54b72c2318e81a8b6ca0f Author: Carter Waxman Date: Tue Jan 10 10:53:38 2017 -0500 new kerberos appid flows are counted when appid creates its flowdata --- diff --git a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc index 08e846b74..d210c81db 100644 --- a/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc +++ b/src/network_inspectors/appid/detector_plugins/detector_kerberos.cc @@ -912,7 +912,6 @@ static KRB_RETCODE krb_walk_server_packet(KRBState* krbs, const uint8_t* s, cons service_mod.api->add_service(asd, pkt, dir, &svc_element, APP_ID_KERBEROS, nullptr, krbs->ver, nullptr); asd->set_session_flags(APPID_SESSION_SERVICE_DETECTED); - appid_stats.kerberos_flows++; } } @@ -973,6 +972,7 @@ static CLIENT_APP_RETCODE krb_client_validate(const uint8_t* data, uint16_t size fd->clnt_state.state = KRB_STATE_APP; fd->svr_state.state = KRB_STATE_APP; } + appid_stats.kerberos_flows++; } if (!fd->set_flags)