Project

General

Profile

Actions
Copy link

Bug #5106

closed
JL VJ

detect/iponly: rule parsing does not always apply netmask correctly

Bug #5106: detect/iponly: rule parsing does not always apply netmask correctly

Added by Jeff Lucovsky about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
6.0.5
Affected Versions:
Effort:
Difficulty:
Label:

Description

If the ipaddress is not the address range start, it's not masked to turn it into that. So 1.2.3.4/24 is not stored as address 1.2.3.0 with netmask 24, but as 1.2.3.4 with netmask 24. This is then propagated into the radix tree, where it is used as an exact key in exact lookups, giving unexpected results.

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5081: detect/iponly: rule parsing does not always apply netmask correctlyClosedVictor JulienActions

JL Updated by Jeff Lucovsky about 4 years ago Actions
Copy link
 #1

  • Copied from Bug #5081: detect/iponly: rule parsing does not always apply netmask correctly added

SB Updated by Shivani Bhardwaj about 4 years ago Actions
Copy link
 #2

  • Status changed from Assigned to In Review
  • Assignee changed from Shivani Bhardwaj to Victor Julien

SB Updated by Shivani Bhardwaj about 4 years ago Actions
Copy link
 #3

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom