Project

General

Profile

Actions
Copy link

Bug #604

closed

stream: pkt out of window event set on what wireshark reports as zerowindowprobe

Added by Victor Julien about 12 years ago. Updated about 12 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
1.4beta3
Affected Versions:
Effort:
Difficulty:
Label:

Description

Suricata sets out of window event on a pkt that Wireshark calls a zerowindow probe.

Pcap privately available.

Actions
Copy link
 #1

Updated by Victor Julien about 12 years ago

ref: sandnet-private-tcp-zerowindowprobe-01.pcap (privately available only)

Actions
Copy link
 #2

Updated by Victor Julien about 12 years ago

  • Status changed from Assigned to Closed
  • Target version changed from 2.0rc2 to 1.4beta3
  • % Done changed from 0 to 100

Fixed by:

commit 305ed3f23bf0c0e0268e97a31c667ae2e9994475
Author: Victor Julien <victor@inliniac.net>
Date:   Tue Oct 16 14:52:29 2012 +0200

    stream: don't flag zero window probe packets as out of window. Bug #604.
Actions
Copy link

Also available in: Atom PDF