suricata icon indicating copy to clipboard operation
suricata copied to clipboard

Published 20 hours ago verified publisher icon OISF

Backport of 7158 tcp: fix 'broken ack' on flow timeout

Open jlucovsky opened this issue 6 months ago • 2 comments

Cherry-pick of 6490

Don't set an ACK value if ACK flag is no longer set. This avoids a bogus pkt_broken_ack event set.

Fixes: ebf465a11bff ("tcp: do not assign TCP flags to pseudopackets")

Ticket: #7158. (cherry picked from commit a404fd26af64f60e8eaa86419a11393d7c4bfdda)

Link to ticket: https://redmine.openinfosecfoundation.org/issues/7159

Describe changes: -Cherry-pick of fixes from 6490

Provide values to any of the below to override the defaults.

  • To use an LibHTP, Suricata-Verify or Suricata-Update pull request, link to the pull request in the respective _BRANCH variable.
  • Leave unused overrides blank or remove.

SV_REPO= SV_BRANCH= SU_REPO= SU_BRANCH= LIBHTP_REPO= LIBHTP_BRANCH=

jlucovsky avatar Aug 18 '24 13:08 jlucovsky