Project

General

Profile

Actions

Bug #5106

closed

detect/iponly: rule parsing does not always apply netmask correctly

Added by Jeff Lucovsky almost 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

If the ipaddress is not the address range start, it's not masked to turn it into that. So 1.2.3.4/24 is not stored as address 1.2.3.0 with netmask 24, but as 1.2.3.4 with netmask 24. This is then propagated into the radix tree, where it is used as an exact key in exact lookups, giving unexpected results.


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #5081: detect/iponly: rule parsing does not always apply netmask correctlyClosedVictor JulienActions
Actions #1

Updated by Jeff Lucovsky almost 3 years ago

  • Copied from Bug #5081: detect/iponly: rule parsing does not always apply netmask correctly added
Actions #2

Updated by Shivani Bhardwaj over 2 years ago

  • Status changed from Assigned to In Review
  • Assignee changed from Shivani Bhardwaj to Victor Julien
Actions #3

Updated by Shivani Bhardwaj over 2 years ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF