Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect: flush when setting no_inspection #10540

Closed
wants to merge 1 commit into from
Closed

detect: flush when setting no_inspection #10540

wants to merge 1 commit into from

Conversation

catenacyber
Copy link
Contributor

@catenacyber catenacyber commented Feb 29, 2024
edited by inashivb
Loading

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/6578

Describe changes:

  • detect: flush when setting no_inspection

So that we can run detection on the clear text of ssh new keys packet

SV_BRANCH=OISF/suricata-verify#1639

#10192 just rebased

@catenacyber
detect: flush when setting no_inspection
ae2a352 
Ticket: 6578

When a protocol such as SSH sets no_inspection, we still have to
flush the current streams and packets that contain clear-text
for detection.
@catenacyber catenacyber mentioned this pull request Feb 29, 2024
Closed
@suricata-qa
Copy link

WARNING:

field baseline test %
SURI_TLPW1_stats_chk
.uptime 178 184 103.37%
SURI_TLPR1_stats_chk
.uptime 754 777 103.05%
.tcp.pseudo 2810 19562 696.16%

Pipeline 18865

@codecov Codecov
Copy link

codecov bot commented Mar 1, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 88.88889% with 1 lines in your changes are missing coverage. Please review.

Project coverage is 82.64%. Comparing base (5f08535) to head (ae2a352).
Report is 39 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #10540      +/-   ##
==========================================
- Coverage   82.65%   82.64%   -0.02%     
==========================================
  Files         921      921              
  Lines      246857   246864       +7     
==========================================
- Hits       204049   204020      -29     
- Misses      42808    42844      +36
Flag Coverage Δ
fuzzcorpus 64.03% <88.88%> (+0.02%) ⬆️
suricata-verify 61.72% <88.88%> (+0.01%) ⬆️
unittests 62.20% <11.11%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@suricata-qa
Copy link

WARNING:

field baseline test %
SURI_TLPR1_stats_chk
.tcp.pseudo 2810 19562 696.16%

Pipeline 19252

@catenacyber
Copy link
Contributor Author

It is expected to have more pseudo packets as this PR creates more as required.

So, this will require a QA rebaseline...

@victorjulien victorjulien added this to the 8.0 milestone Mar 18, 2024
@victorjulien victorjulien mentioned this pull request Mar 18, 2024
Merged
@victorjulien
Copy link
Member

Merged in #10657, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
8.0
Development

Successfully merging this pull request may close these issues.
4 participants
@catenacyber @suricata-qa @victorjulien @ct0br0