Skip to content

Commit

Permalink
fix: Allow use of valid Port 0 (#40259)
Browse files Browse the repository at this point in the history
* fix: Allow use of valid Port 0

Port 0 is a normal but reserved port.
See: https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
or RFC6335 Section 6

* Improve the changelog entry

* fixup! fix: Allow use of valid Port 0

---------

Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co>
Co-authored-by: Denis <denis@rdner.de>
Co-authored-by: Fae Charlton <fae.charlton@elastic.co>
  • Loading branch information
4 people authored Aug 21, 2024
1 parent 34e489e commit 8eb0f42
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 14 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
- Fix parsing of RFC 3164 process IDs in syslog processor. {issue}38947[38947] {pull}38982[38982]
- Rename the field "apache2.module.error" to "apache.module.error" in Apache error visualization. {issue}39480[39480] {pull}39481[39481]
- Validate config of the `replace` processor {pull}40047[40047]
- Allow port number 0 in the community ID flowhash processor {pull}40259[40259]
- Fix handling of escaped brackets in syslog structured data. {issue}40445[40445] {pull}40446[40446]
- Update Go version to 1.22.6. {pull}40528[40528]

Expand Down
4 changes: 2 additions & 2 deletions libbeat/processors/communityid/communityid.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ func (p *processor) buildFlow(event *beat.Event) *flowhash.Flow {
return nil
}
sp, ok := tryToUint(v)
if !ok || sp < 1 || sp > 65535 {
if !ok || sp > 65535 {
return nil
}
flow.SourcePort = uint16(sp)
Expand All @@ -164,7 +164,7 @@ func (p *processor) buildFlow(event *beat.Event) *flowhash.Flow {
return nil
}
dp, ok := tryToUint(v)
if !ok || dp < 1 || dp > 65535 {
if !ok || dp > 65535 {
return nil
}
flow.DestinationPort = uint16(dp)
Expand Down
24 changes: 12 additions & 12 deletions libbeat/processors/communityid/communityid_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,12 +67,6 @@ func TestRun(t *testing.T) {
testProcessor(t, 0, e, nil)
})

t.Run("invalid source port", func(t *testing.T) {
e := evt()
e.Put("source.port", 0)
testProcessor(t, 0, e, nil)
})

t.Run("invalid source port1", func(t *testing.T) {
e := evt()
e.Put("source.port", 123456)
Expand All @@ -85,12 +79,6 @@ func TestRun(t *testing.T) {
testProcessor(t, 0, e, nil)
})

t.Run("invalid destination port", func(t *testing.T) {
e := evt()
e.Put("destination.port", 0)
testProcessor(t, 0, e, nil)
})

t.Run("invalid destination port1", func(t *testing.T) {
e := evt()
e.Put("destination.port", 123456)
Expand Down Expand Up @@ -142,6 +130,18 @@ func TestRun(t *testing.T) {
testProcessor(t, 0, e, "1:D3t8Q1aFA6Ev0A/AO4i9PnU3AeI=")
})

t.Run("valid source port 0", func(t *testing.T) {
e := evt()
e.Put("source.port", 0)
testProcessor(t, 0, e, "1:yrNkRN7VyfVz1Wh12tjRHhxERxM=")
})

t.Run("valid destination port 0", func(t *testing.T) {
e := evt()
e.Put("destination.port", 0)
testProcessor(t, 0, e, "1:YaVkVTbWUkgn0a2QrblLOEsia9g=")
})

t.Run("iana number", func(t *testing.T) {
e := evt()
e.Delete("network.transport")
Expand Down

0 comments on commit 8eb0f42

Please sign in to comment.