Actions
Bug #2430
closedhttp eve log data source/dest flip
Affected Versions:
Effort:
Difficulty:
Label:
Description
We started seeing some of our http traffic source and destination data
flipped.
As far as we can tell it appears to happen when a client is going to
port 443/ssl traffic through our proxies.
flow data source and destination are correct so it appears to maybe be
related to http parsing.
Attached are the suricata build information, json log data and pcap.
Files
Updated by Andreas Herz almost 7 years ago
- Assignee set to OISF Dev
- Target version set to TBD
Updated by Victor Julien almost 7 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Victor Julien
- Target version changed from TBD to 4.1beta1
Updated by Victor Julien almost 7 years ago
- Status changed from Assigned to Closed
Updated by Victor Julien over 6 years ago
- Related to Bug #2480: http eve log data source/dest flip (4.0.x) added
Actions