Project

General

Profile

Actions

Bug #7111

open

protodetect: DNS flow direction is not correct sometimes

Added by Ilya Bakhtin 6 months ago. Updated 4 months ago.

Status:
In Review
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
medium
Label:
C, Needs Suricata-Verify test

Description

In some rare cases DNS flow is reported with wrong (swapped) direction.

There is a reproducer: https://github.com/OISF/suricata-verify/pull/1837
There is an attempt to fix: https://github.com/OISF/suricata/pull/11100

Actions

Also available in: Atom PDF