-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Next/20220825/v9 #7767
Merged
Merged
Next/20220825/v9 #7767
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As an SMB2 async response does not have a tree id, even if the request has it. Per spec, MessageId should be enough to identifiy a message request and response uniquely across all messages that are sent on the same SMB2 Protocol transport connection. So, the tree id is redundant anyways. Ticket: OISF#5508
Protocol change can fail if one protocol change is already occuring. Ticket: OISF#5509
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.7 to 3.0.8. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@a7c34ad...fd5de65) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: jason taylor <jtfas90@gmail.com>
When building with the following options: ./configure CC=clang --enable-luajit --enable-geoip --enable-unittests There is a build failure: runmode-unittests.c:234:9: error: implicit declaration of function 'LuajitSetupStatesPool' is invalid in C99 [-Werror,-Wimplicit-function-declaration] if (LuajitSetupStatesPool() != 0) {
A Packet may be dropped due to several different reasons. This change adds action as a parameter, so we can update the packet action when we drop it, instead of setting it to drop. Related to Bug OISF#5458
Bug 5458 states that the reject action is no longer working. While SV tests that use the reject action still pass, it indeed seems that a regression has happened with commit aa93984, because while the function that applies rule actions to the flow (RuleActionToFlow) does check for the reject action, the newly added function PacketApply SignatureActions only checks for ACTION_DROP or ACTION_PASS when deciding to call RuleActionToFlow. Bug OISF#5458
Related to Bug OISF#5458
Add unittests to check that packet flags are correctly updated after detection finds drop or reject rules that match. Related to Bug OISF#5458
StreamTcpRegisterTests was being declared twice.
With the recent changes, these macros weren't being used anymore. Related to Bug OISF#5458
Suricata can indeed pipeline many HTTP1 transactions
So as to avoid fuzzing detecting protocol polyglots with enip
As context id is used to know to which variant of the endpoint the request is done, it is interesting to parse it. Feature OISF#5413.
When doing a DCERPC request, we can use the context id to log the interface that is used. Doing that we can see in one single event what is the DCERPC interface and opnum that are used. This allows to have all the information needed to resolve the request to a function call. Feature OISF#5413.
Codecov Report
@@ Coverage Diff @@
## master #7767 +/- ##
==========================================
+ Coverage 75.98% 76.06% +0.08%
==========================================
Files 661 662 +1
Lines 185764 185789 +25
==========================================
+ Hits 141152 141322 +170
+ Misses 44612 44467 -145
Flags with carried forward coverage won't be shown. Click here to find out more. |
Information: ERROR: QA failed on ips_afp_drop_chk.
Pipeline 8777 |
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Staging: