Project

General

Profile

Actions
Copy link

Bug #5066

closed

detect/iponly: mixing netblocks can lead to FN/FP

Added by Victor Julien about 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
High
Assignee:
Victor Julien
Target version:
7.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0, Needs backport to 6.0

Description

Some combinations of netblocks inserted into the IP-Only engine will lead to an incorrect radix tree being set up, leading to FN/FP.

Related issues 3 (0 open3 closed)

Related to Suricata - Bug #5081: detect/iponly: rule parsing does not always apply netmask correctlyClosedVictor JulienActions
Copied to Suricata - Bug #5116: detect/iponly: mixing netblocks can lead to FN/FPClosedVictor JulienActions
Copied to Suricata - Bug #5117: detect/iponly: mixing netblocks can lead to FN/FPClosedJeff LucovskyActions
Actions
Copy link

Also available in: Atom PDF