Bug ID 1787413: ID7312 matches on nearly all TXT DNS packets

Last Modified: Jun 19, 2025

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
17.1.2.1, 17.1.2.2

Opened: Jan 20, 2025

Severity: 3-Major

Symptoms

The snort rule for ID7312 will match against any DNS TXT response that has data length < 256.

Impact

Generating the false positives for the TXT DNS packets

Conditions

Running short rule ID7312 against DNS TXT responses.

Workaround

Disabling ID7312 will reduce the false positives.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips