Project

General

Profile

Actions
Copy link

Bug #3793

closed

DNP3 probing parser does not detect the proper direction in midstream

Added by Jeff Lucovsky almost 4 years ago. Updated almost 4 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
5.0.3
Effort:
Difficulty:
Label:
Protocol

Description

From https://github.com/OISF/suricata/pull/5063/files#r438691794

Reproducer with attached pcap, run with --set stream.midstream=true

DNP3ProbingParser should set *rdir = 1 with the right conditions
Wireshark filter dnp3.ctl & 0x80 indicates a request

Files

dnp3_confirm.pcap (121 Bytes) dnp3_confirm.pcap Philippe Antoine, 06/16/2020 07:30 AM

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3772: DNP3 probing parser does not detect the proper direction in midstreamClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Jeff Lucovsky almost 4 years ago

  • Copied from Bug #3772: DNP3 probing parser does not detect the proper direction in midstream added
Actions
Copy link
 #2

Updated by Victor Julien almost 4 years ago

  • Status changed from Assigned to Rejected
  • Assignee deleted (Shivani Bhardwaj)
  • Target version deleted (4.1.9)

This depends on the direction changing feature introduced in 5.0.

Actions
Copy link

Also available in: Atom PDF