Actions
Bug #6086
closedDecode-events of IPv6 packets are not triggered
Affected Versions:
Effort:
low
Difficulty:
low
Label:
Description
Detection of decode-events of IPv6 packets are not triggered. I have attached a pcap, that I used for the suricata-verify test, containing IPv4 and IPv6 packets that specify proto UDP and TCP but with no payload. The following rules will be triggered for IPv4 but not for IPv6.
alert tcp any any -> any any (msg:"TCP packet too small"; decode-event:tcp.pkt_too_small; sid:1;)
alert udp any any -> any any (msg:"UDP packet too small"; decode-event:udp.hlen_too_small; sid:2;)
Files
Updated by Philippe Antoine 11 months ago
- Status changed from In Progress to In Review
Updated by Philippe Antoine 11 months ago
- Label Needs backport added
- Label deleted (
Needs Suricata-Verify test)
Updated by Victor Julien 11 months ago
- Status changed from In Review to Resolved
- Label Needs backport to 6.0 added
- Label deleted (
Needs backport)
Updated by Shivani Bhardwaj 11 months ago
- Status changed from Resolved to Assigned
Updated by Shivani Bhardwaj 11 months ago
- Status changed from Assigned to Resolved
Updated by Philippe Antoine 11 months ago
Waiting for ticketbot to create the backport ticket...
Updated by Philippe Antoine 10 months ago
- Status changed from Resolved to Closed
Actions