Project

General

Profile

Actions
Copy link

Bug #3452

closed

smb: post-GAP file tx handling (4.1.x)

Added by Victor Julien about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
High
Assignee:
Victor Julien
Target version:
4.1.7
Affected Versions:
4.1.5, 4.1.6
Effort:
Difficulty:
Label:

Description

As #3399 but for file transactions.

File transactions are handled separately, as they can deal with GAPs to some extend. However if we don't see records belonging to a file transaction after a GAP, it may never get closed.

Idea now is to give these transactions a timestamp after a GAP, and then remove them after a timeout.

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3400: smb: post-GAP file tx handlingClosedVictor JulienActions
Actions
Copy link
 #1

Updated by Victor Julien about 4 years ago

  • Copied from Bug #3400: smb: post-GAP file tx handling added
Actions
Copy link
 #2

Updated by Victor Julien about 4 years ago

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: Atom PDF