You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Victor Julien 4c6463f378 stream: handle extra different SYN/ACK ... Until now, when processing the TCP 3 way handshake (3whs), retransmissions of SYN/ACKs are silently accepted, unless they are different somehow. If the SEQ or ACK values are different they are considered wrong and events are set. The stream events rules will match on this. In some cases, this is wrong. If the client missed the SYN/ACK, the server may send a different one with a different SEQ. This commit deals with this. As it is impossible to predict which one the client will accept, each is added to a list. Then on receiving the final ACK from the 3whs, the list is checked and the state is updated according to the queued SYN/ACK.		12 years ago
..
Makefile.am	Add files.rules to the dist.	13 years ago
decoder-events.rules	ipv6: add event for ipv6 packet with icmpv4 header	12 years ago
files.rules	file handling: add example files.rules file	13 years ago
http-events.rules	http: add event for libhtp detection of request port not matching tcp port.	12 years ago
smtp-events.rules	Add example smtp decoding events rules file.	13 years ago
stream-events.rules	stream: handle extra different SYN/ACK	12 years ago
tls-events.rules	tls: debug compilation fixes, new tls decoder rule for tls.error_message_encountered event.	13 years ago