From: Sreeja Athirkandathil Narayanan (sathirka) <sathirka@cisco.com>
Date: Tue, 20 Dec 2022 15:25:31 +0000 (+0000)
Subject: Pull request #3703: appid: do not create snmp future flow for udp reversed traffic
X-Git-Tag: 3.1.51.0~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4329f3d5c4b6408488c47f6c8e60ffbe4506e22c;p=thirdparty%2Fsnort3.git

Pull request #3703: appid: do not create snmp future flow for udp reversed traffic

Merge in SNORT/snort3 from ~SATHIRKA/snort3:snmp_ff to master

Squashed commit of the following:

commit cd4c269b5e8dc1f86f982509f373ce1ffe3beb4f
Author: Sreeja Athirkandathil Narayanan <sathirka@cisco.com>
Date:   Tue Dec 13 10:01:31 2022 -0500

    appid: do not create snmp future flow for udp reversed session
---

diff --git a/src/network_inspectors/appid/service_plugins/service_snmp.cc b/src/network_inspectors/appid/service_plugins/service_snmp.cc
index f6d10c911..737c3629d 100644
--- a/src/network_inspectors/appid/service_plugins/service_snmp.cc
+++ b/src/network_inspectors/appid/service_plugins/service_snmp.cc
@@ -441,7 +441,8 @@ int SnmpServiceDetector::validate(AppIdDiscoveryArgs& args)
             args.asd.set_session_flags(APPID_SESSION_UDP_REVERSED);
             break;
         }
-        if (pdu == SNMP_PDU_GET_RESPONSE && args.dir == APP_ID_FROM_INITIATOR)
+        if ((pdu == SNMP_PDU_GET_RESPONSE or pdu == SNMP_PDU_REPORT) &&
+            args.dir == APP_ID_FROM_INITIATOR)
         {
             sd->state = SNMP_STATE_R_REQUEST;
             args.asd.set_session_flags(APPID_SESSION_UDP_REVERSED);