https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022010-07-15T09:26:15ZOpen Information Security FoundationSuricata - Bug #209: regression v100 and git today cause two (same?) FPhttps://redmine.openinfosecfoundation.org/issues/209?journal_id=7752010-07-15T09:26:15ZVictor Julienvictor@inliniac.net
<ul><li><strong>Due date</strong> set to <i>07/20/2010</i></li><li><strong>Assignee</strong> set to <i>OISF Dev</i></li><li><strong>Target version</strong> set to <i>1.0.1</i></li><li><strong>Estimated time</strong> set to <i>2.50 h</i></li></ul> Suricata - Bug #209: regression v100 and git today cause two (same?) FPhttps://redmine.openinfosecfoundation.org/issues/209?journal_id=7862010-07-19T13:51:15ZWill Metcalfwilliam.metcalf@gmail.com
<ul></ul><p>problem verified these sigs should not fire but they do...<br />cat fast.log<br />06/29/10-08:17:39.364224 [**] [1:9037079:1] suricata fp [**] [Classification: Potentially Bad Traffic] [Priority: 3] {2} 10.50.1.191:0 -> 224.0.0.2:0<br />06/29/10-08:17:39.364224 [**] [1:525:9] BAD-TRAFFIC udp port 0 traffic [**] [Classification: Misc activity] [Priority: 3] {2} 10.50.1.191:0 -> 224.0.0.2:0<br />06/29/10-08:17:39.364224 [**] [1:525:9] BAD-TRAFFIC udp port 0 traffic [**] [Classification: Misc activity] [Priority: 3] {2} 10.50.1.191:0 -> 224.0.0.2:0<br />coz@coz-desktop:~/downloads/oisfnew$ tcpdump -nnn -r suricatafpigmpmulticastnotudpsrcport0.pcap<br />reading from file suricatafpigmpmulticastnotudpsrcport0.pcap, link-type EN10MB (Ethernet)<br />03:17:39.364224 IP 10.50.1.191 > 224.0.0.2: igmp leave 224.0.0.251</p> Suricata - Bug #209: regression v100 and git today cause two (same?) FPhttps://redmine.openinfosecfoundation.org/issues/209?journal_id=8002010-07-21T07:50:44ZVictor Julienvictor@inliniac.net
<ul><li><strong>Assignee</strong> changed from <i>OISF Dev</i> to <i>Victor Julien</i></li></ul> Suricata - Bug #209: regression v100 and git today cause two (same?) FPhttps://redmine.openinfosecfoundation.org/issues/209?journal_id=8012010-07-21T08:25:09ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Closed</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Fixed in the current git master, commit 689d05b10bd92cbb5a7a4277c2592b95e48dd302.</p>
<p>Thanks for the report rmkml!</p>