release: version 1.0.5 - fix TCP options detection (NOP/EOL/SACK)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

Dockerfile.package

@@ -35,7 +35,7 @@ COPY . .
 
 # Build binary for Linux
 # Binary will be dynamically linked but compatible with all RHEL-based distros
-ARG VERSION=1.0.0
+ARG VERSION=1.0.5
 ARG BUILD_TIME=""
 ARG GIT_COMMIT=""
 RUN mkdir -p dist && \
@@ -53,7 +53,7 @@ FROM rockylinux:9 AS rpm-builder
 WORKDIR /package
 
 # VERSION must be redeclared for each stage that needs it
-ARG VERSION=1.0.0
+ARG VERSION=1.0.5
 
 # Install rpm-build tools (Rocky Linux 9)
 RUN dnf install -y \

cmd/ja4sentinel/main.go

@@ -22,7 +22,7 @@ import (
 
 var (
 	// Version information (set via ldflags)
-	Version   = "1.0.0"
+	Version   = "1.0.5"
 	BuildTime = "unknown"
 	GitCommit = "unknown"
 )

internal/tlsparse/parser.go

@@ -344,6 +344,12 @@ func extractTCPMeta(tcp *layers.TCP) api.TCPMeta {
 	// Parse TCP options
 	for _, opt := range tcp.Options {
 		switch opt.OptionType {
+		case layers.TCPOptionKindEndList:
+			// End of Options List - skip silently
+			continue
+		case layers.TCPOptionKindNop:
+			// No Operation (padding) - skip silently
+			continue
 		case layers.TCPOptionKindMSS:
 			if len(opt.OptionData) >= 2 {
 				meta.MSS = binary.BigEndian.Uint16(opt.OptionData[:2])
@@ -358,6 +364,9 @@ func extractTCPMeta(tcp *layers.TCP) api.TCPMeta {
 			meta.Options = append(meta.Options, "WS")
 		case layers.TCPOptionKindSACKPermitted:
 			meta.Options = append(meta.Options, "SACK")
+		case layers.TCPOptionKindSACK:
+			// SACK blocks (actual SACK data, not just permitted)
+			meta.Options = append(meta.Options, "SACK")
 		case layers.TCPOptionKindTimestamps:
 			meta.Options = append(meta.Options, "TS")
 		default:

packaging/rpm/ja4sentinel.spec

@@ -3,7 +3,7 @@
 %if %{defined build_version}
 %define spec_version %{build_version}
 %else
-%define spec_version 1.0.4
+%define spec_version 1.0.5
 %endif
 
 Name:           ja4sentinel