Skip to content

Commit f3aed0b

Browse files
initconfinitconf
committed
Ignore localnets as dst for callbacks !
1 parent e738f19 commit f3aed0b

File tree

2 files changed

+3
-5
lines changed

2 files changed

+3
-5
lines changed

scripts/log4j-http-posts.zeek

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,9 @@ event new_connection(c: connection)
4747
local resp=c$id$resp_h;
4848
local dport = c$id$resp_p;
4949

50+
if (resp in Site::local_nets)
51+
return;
52+
5053
local a:ip_port=[$ip=resp, $p=dport];
5154

5255
if (a in track_callback)

tests/.btest.failed.dat

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +0,0 @@
1-
log4j.HTTP-POSTS
2-
log4j.Many-User-Agents
3-
log4j.multiple-name-values
4-
log4j.obfuscated-regexp
5-
log4j.scan-and-callback

0 commit comments

Comments
 (0)