Bug #652: TCP sessions cleaned up prematurely - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #652

closed

TCP sessions cleaned up prematurely

Added by Ludovico Cavedon almost 12 years ago. Updated almost 12 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

1.4

Affected Versions:

Effort:

Difficulty:

Label:

Description

If one TCP endpoint closes the connection, but there are still TCP segments on the network that have not been received yet by suricata, these segments might not be processed.

The following patch delays the cleanup until the FIN form both side has been seen:
https://github.com/cavedon/suricata/commit/ac8b08771770ab0f0f5112c84c499771f5fb746e

This applies both to the master and the master-1.3.x branches.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #652

TCP sessions cleaned up prematurely

Updated by Ludovico Cavedon almost 12 years ago

Updated by Victor Julien almost 12 years ago

Updated by Victor Julien almost 12 years ago