Project

General

Profile

Actions
Copy link

Bug #3346

closed

BPF filter on command line not honored for pcap file

Added by Eric Leblond almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Eric Leblond
Target version:
5.0.1
Affected Versions:
5.0.0
Effort:
Difficulty:
Label:
Needs backport

Description

A regression has been introduced in Suricata 4.1.0 (through 5.0). The BPF filter is not honored in pcap file mode if it is put on the command line.

For example, in the following command the filter is completely ignored:

suricata -r myfile.pcap port 22

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #3347: BPF filter on command line not honored for pcap file (4.1.x)ClosedEric LeblondActions
Actions
Copy link
 #1

Updated by Victor Julien almost 5 years ago

  • Affected Versions 4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 5.0.0 added
  • Affected Versions deleted (4.1.6)
  • Label Needs backport added
Actions
Copy link
 #2

Updated by Victor Julien almost 5 years ago

We should do a SV test for this as well.

Actions
Copy link
 #4

Updated by Victor Julien almost 5 years ago

  • Copied to Bug #3347: BPF filter on command line not honored for pcap file (4.1.x) added
Actions
Copy link
 #5

Updated by Victor Julien almost 5 years ago

  • Status changed from New to Assigned
  • Affected Versions deleted (4.1, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5)
Actions
Copy link
 #6

Updated by Victor Julien almost 5 years ago

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: Atom PDF