Bug #5072: detect/ip_proto: inconsistent behavior when specifying protocol by string - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #5072

closed

detect/ip_proto: inconsistent behavior when specifying protocol by string

Added by Victor Julien about 2 years ago. Updated about 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Jeff Lucovsky

Target version:

TBD

Affected Versions:

Effort:

Difficulty:

Label:

Needs backport to 5.0, Needs backport to 6.0

Description

ip_proto:TCP will use getprotobyname, which may not work depending on the OS. E.g. in a docker Alpine it fails. We should probably just use a built-in table.

Related issues 3 (0 open — 3 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #5072

detect/ip_proto: inconsistent behavior when specifying protocol by string

Updated by Jeff Lucovsky about 2 years ago

Updated by Jeff Lucovsky about 2 years ago

Updated by Jeff Lucovsky about 2 years ago

Updated by Jeff Lucovsky about 2 years ago

Updated by Jeff Lucovsky about 2 years ago

Updated by Jeff Lucovsky about 2 years ago