Bug #604
closed
stream: pkt out of window event set on what wireshark reports as zerowindowprobe
Added by Victor Julien about 12 years ago.
Updated about 12 years ago.
Description
Suricata sets out of window event on a pkt that Wireshark calls a zerowindow probe.
Pcap privately available.
ref: sandnet-private-tcp-zerowindowprobe-01.pcap (privately available only)
- Status changed from Assigned to Closed
- Target version changed from 2.0rc2 to 1.4beta3
- % Done changed from 0 to 100
Fixed by:
commit 305ed3f23bf0c0e0268e97a31c667ae2e9994475
Author: Victor Julien <victor@inliniac.net>
Date: Tue Oct 16 14:52:29 2012 +0200
stream: don't flag zero window probe packets as out of window. Bug #604.
Also available in: Atom
PDF