Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

smb: do not use tree id to match create request and response #7744

Merged
merged 1 commit into from Aug 26, 2022
Merged

smb: do not use tree id to match create request and response #7744

merged 1 commit into from Aug 26, 2022

Conversation

catenacyber
Copy link
Contributor

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/5508

Describe changes:

  • smb: do not use tree id to match create request and response to get SMB2 async response to work

suricata-verify-pr: 843

Follows #7536 with rebase and ticket reference

@catenacyber
smb: do not use tree id to match create request and response
e94920b 
As an SMB2 async response does not have a tree id, even if
the request has it.

Per spec, MessageId should be enough to identifiy a message request
and response uniquely across all messages that are sent on the same
SMB2 Protocol transport connection.
So, the tree id is redundant anyways.

Ticket: OISF#5508
@catenacyber catenacyber mentioned this pull request Aug 22, 2022
Closed
@suricata-qa
Copy link

WARNING:

field test baseline %
tlpw1_stats_chk
.tcp.rst 137219 105279 130.34%
ips_afp_stats_chk
.flow.end.state.new 15008 10800 138.96%
.flow.end.tcp_liberal 125330 108000 116.05%
.tcp.reassembly_gap 173275 108000 160.44%
generic_stats_chk
.flow.end.tcp_state.syn_sent 405 183 221.31%
.tcp.segment_memcap_drop 3913 11729 33.36%
.tcp.insert_data_normal_fail 3767 11358 33.17%
.app_layer.error.smtp.gap 85 61 139.34%

Pipeline 8705
WARNING: THERE IS A KNOWN BAD BASELINE WITH PACKET DROPS. bE MINDFUL OF ANY RESULTS.

This was referenced Aug 25, 2022
Merged
Closed
Merged
@victorjulien victorjulien merged commit e94920b into OISF:master Aug 26, 2022
@catenacyber catenacyber mentioned this pull request Aug 28, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien Awaiting requested review from victorjulien victorjulien is a code owner

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
3 participants
@catenacyber @suricata-qa @victorjulien