From: Kaushal Bhandankar (kbhandan) <kbhandan@cisco.com>
Date: Tue, 4 Jun 2024 06:39:40 +0000 (+0000)
Subject: Pull request #4290: dns: Set Flow timeout after getting DNS response
X-Git-Tag: 3.3.0.0~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=da948ae926a1f4ec1ac67eeee58f5699f8a959c7;p=thirdparty%2Fsnort3.git

Pull request #4290: dns: Set Flow timeout after getting DNS response

Merge in SNORT/snort3 from ~KBHANDAN/snort3:dns_flow_timeout to master

Squashed commit of the following:

commit 4cd584cdb71f0271d1eabbfade1b38dd8e0f6ac1
Author: Kaushal Bhandankar <kbhandan@cisco.com>
Date:   Wed Apr 17 13:58:01 2024 +0530

    dns: Set Flow timeout after getting DNS response
---

diff --git a/src/service_inspectors/dns/dns.cc b/src/service_inspectors/dns/dns.cc
index 09c3efd11..5dc827d6e 100644
--- a/src/service_inspectors/dns/dns.cc
+++ b/src/service_inspectors/dns/dns.cc
@@ -1083,7 +1083,7 @@ void Dns::show(const SnortConfig*) const
 void Dns::eval(Packet* p)
 {
     // precondition - what we registered for
-    assert((p->is_udp() and p->dsize and p->data) or p->has_tcp_data());
+    assert((p->is_udp() and p->dsize and p->data) or p->has_tcp_data() or p->has_udp_quic_data());
     assert(p->flow);
 
     ++dnsstats.packets;
@@ -1148,6 +1148,9 @@ static void snort_dns(Packet* p, const DnsConfig* dns_config)
 
         if (!needNextPacket and dnsSessionData->has_events())
             DataBus::publish(Dns::get_pub_id(), DnsEventIds::DNS_RESPONSE_DATA, dnsSessionData->dns_events);
+
+        if (p->type() == PktType::UDP)
+            p->flow->session_state |= STREAM_STATE_CLOSED;
     }
     else
     {