Project

General

Profile

Actions

Bug #4924

closed

dns: transaction not created when z-bit set

Added by Jason Ish over 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0, Needs backport to 6.0

Description

While creating a pcap with the DNS z-bit set I noticed that both dnsmasq (my own hosted version) as well as the Google public DNS server (8.8.8.8) both accept requests with the z-bit set.

So we should probably create the transaction then set the event instead of setting the event and bailing.


Related issues 3 (0 open3 closed)

Related to Suricata - Feature #4515: Add DNS logging of Z flagClosedOdin JensegActions
Copied to Suricata - Bug #4960: dns: transaction not created when z-bit setClosedShivani BhardwajActions
Copied to Suricata - Bug #4961: dns: transaction not created when z-bit setClosedJeff LucovskyActions
Actions #1

Updated by Jason Ish over 2 years ago

Actions #2

Updated by Jason Ish over 2 years ago

  • Status changed from Assigned to In Review
Actions #3

Updated by Jason Ish about 2 years ago

  • Status changed from In Review to Closed

PR merged.

Actions #4

Updated by Jason Ish about 2 years ago

  • Label Needs backport to 5.0, Needs backport to 6.0 added
Actions #5

Updated by Jeff Lucovsky about 2 years ago

  • Copied to Bug #4960: dns: transaction not created when z-bit set added
Actions #6

Updated by Jeff Lucovsky about 2 years ago

  • Copied to Bug #4961: dns: transaction not created when z-bit set added
Actions

Also available in: Atom PDF