[PATCH] Fixed bug for 'syn' filtering
Carter Bullard
carter at qosient.com
Wed Sep 9 09:50:39 EDT 2009
Hey Yun,
Thanks for the fix!!!!!
We discussed this on the mailing list briefly, and I think the best
approach
is to introduce a "tcpflags" keyword, for the "syn or ack or push and
reset"
like TCP flags filter, and keep "syn" as a keyword, just as you
implemented
your change.
It will take me a little while to schedule the fix into the code, so
bear with
me and remind me if it seems that the fix isn't getting into the code.
Carter
On Sep 8, 2009, at 5:45 AM, Yun Zheng Hu wrote:
> Hello Carter,
>
> I attached a patch that allows the argus clients to filter on the
> ‘syn’ flag. It was previously not possible, it would match syn +
> ack, altough it should only match syn.
>
> Regards,
> Yun
> <argus-clients-3.0.0-syn-grammar.patch>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20090909/e12ca4d1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20090909/e12ca4d1/attachment.bin>
More information about the argus
mailing list