Optimization #7026: app-protos: trigger raw stream reassembly - Suricata - Open Information Security Foundation

Actions

Copy link

Optimization #7026

open

app-protos: trigger raw stream reassembly

Added by Juliana Fajardini Reichow 4 months ago. Updated about 2 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

8.0.0-beta1

Effort:

Difficulty:

Label:

Description

For application layer protocols over TCP that have transactions, we may need to trigger stream reassembly once they have at least one full message parseable, to avoid missing alerts that happen early on in the stream (as seen with #7004).

Subtasks 5 (3 open — 2 closed)

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Subtask #7027 added

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Label deleted (~~Needs backport to 7.0~~)

Actions

Copy link

Updated by Juliana Fajardini Reichow 4 months ago

Private changed from No to Yes

Actions

Copy link

Updated by Juliana Fajardini Reichow 4 months ago

Subtask #7018 added

Actions

Copy link

Updated by Juliana Fajardini Reichow 3 months ago

Enip: should wait for https://github.com/OISF/suricata/pull/10901 to be merged.

Actions

Copy link

Updated by Juliana Fajardini Reichow 3 months ago

Tracker changed from Bug to Optimization
Affected Versions deleted (~~7.0.5, git master~~)

Actions

Copy link

Updated by Juliana Fajardini Reichow 3 months ago

Private changed from Yes to No

Actions

Copy link

Updated by Juliana Fajardini Reichow 3 months ago

Subtask #7000 added

Actions

Copy link

Updated by Juliana Fajardini Reichow 3 months ago

Subtask #7076 added

Actions

Copy link

#10

Updated by Juliana Fajardini Reichow 3 months ago

ENIP merged: https://github.com/OISF/suricata/pull/11184

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Optimization #7026

app-protos: trigger raw stream reassembly

Updated by OISF Ticketbot 4 months ago

Updated by OISF Ticketbot 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Updated by Juliana Fajardini Reichow 3 months ago

Bug #7000: pgsql: partially incorrect tx_id tracking	Resolved	Juliana Fajardini Reichow	Actions
Bug #7001: pgsql: partially incorrect tx_id tracking (7.0.x backport)	In Progress	Juliana Fajardini Reichow	Actions
Optimization #7018: dns/tcp: allow triggering raw stream reassembly	Closed	Juliana Fajardini Reichow	Actions
Optimization #7075: dns/tcp: allow triggering raw stream reassembly (7.0.x backport)	Closed	Juliana Fajardini Reichow	Actions
Optimization #7076: pgsql: trigger raw stream reassembly when tx completed	In Progress	Juliana Fajardini Reichow	Actions