[Oisf-users] Suricata drops an invalid ACK packet. I want an invalid ACK packet to pass through.
Victor Julien
lists at inliniac.net
Thu Jun 15 07:18:56 UTC 2017
On 14-06-17 10:47, 이상철 wrote:
> Suricata drops the invalid ACK packet. I want an invalid ACK packet to
> pass through.
>
>
>
> There is no drop rule.
>
> Below is the log message :
>
> “ssn 0x7f35202fe390: rejecting because of invalid ack value”
>
>
>
> What should I set in the configuration file(suricata.yaml) to pass the
> invalid ACK packet?
>
>
>
> Suricata Version : 3.1.2
>
> OS –linux debian 8
I would suggest trying 3.2.2 first. We've improved a lot in the stream
engine since 3.1.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list