Actions
Bug #2258
closed
RU
RU
rate_filter inconsistency: triggered after "count" detections when by_rule, and after count+1 detections when by_src/by_dst.
Bug #2258:
rate_filter inconsistency: triggered after "count" detections when by_rule, and after count+1 detections when by_src/by_dst.
Affected Versions:
Effort:
Difficulty:
Label:
Description
When I trying to rate_filter by rule, the filter triggered on "count" detections. When I change rate_filter to by src/dst, program allows one more detection before triggering the filter.
In function ThresholdHandlePacketRule() (used on by_rule), event filtered when current_count >= td->count , but in corresponding code in function ThresholdHandlePacketHost() (used on by src/dst), event triggered when current_count > td->count.
This situation leads to inconsistency.
AH Updated by Andreas Herz over 8 years ago
- Assignee set to Anonymous
- Target version set to TBD
Are you interested in working on that part of the code?
RU Updated by Ruslan Usmanov over 8 years ago
Yes
VJ Updated by Victor Julien over 8 years ago
- Status changed from New to Assigned
- Assignee changed from Anonymous to Ruslan Usmanov
RU Updated by Ruslan Usmanov over 8 years ago
VJ Updated by Victor Julien over 7 years ago
- Status changed from Assigned to Closed
- Target version changed from TBD to 4.1beta1
Actions