Actions
Bug #6086
closed
CD
CD
Decode-events of IPv6 packets are not triggered
Bug #6086:
Decode-events of IPv6 packets are not triggered
Affected Versions:
Effort:
low
Difficulty:
low
Label:
Description
Detection of decode-events of IPv6 packets are not triggered. I have attached a pcap, that I used for the suricata-verify test, containing IPv4 and IPv6 packets that specify proto UDP and TCP but with no payload. The following rules will be triggered for IPv4 but not for IPv6.
alert tcp any any -> any any (msg:"TCP packet too small"; decode-event:tcp.pkt_too_small; sid:1;)
alert udp any any -> any any (msg:"UDP packet too small"; decode-event:udp.hlen_too_small; sid:2;)
Files
PA Updated by Philippe Antoine almost 3 years ago
- Status changed from In Progress to In Review
PA Updated by Philippe Antoine almost 3 years ago
- Label Needs backport added
- Label deleted (
Needs Suricata-Verify test)
VJ Updated by Victor Julien almost 3 years ago
- Priority changed from Normal to Low
VJ Updated by Victor Julien almost 3 years ago
- Status changed from In Review to Resolved
- Label Needs backport to 6.0 added
- Label deleted (
Needs backport)
SB Updated by Shivani Bhardwaj almost 3 years ago
- Label deleted (
C)
SB Updated by Shivani Bhardwaj almost 3 years ago
- Status changed from Resolved to Assigned
SB Updated by Shivani Bhardwaj almost 3 years ago
- Status changed from Assigned to Resolved
PA Updated by Philippe Antoine almost 3 years ago
Waiting for ticketbot to create the backport ticket...
OT Updated by OISF Ticketbot almost 3 years ago
- Subtask #6138 added
OT Updated by OISF Ticketbot almost 3 years ago
- Label deleted (
Needs backport to 6.0)
PA Updated by Philippe Antoine almost 3 years ago
- Status changed from Resolved to Closed
Actions