Feature #6260: Support flow matching excluding packet recursion level - Suricata - Open Information Security Foundation

Actions

Feature #6260

open

Support flow matching excluding packet recursion level

Added by Cole Dishington 9 months ago. Updated about 1 month ago.

Status:

In Review

Priority:

Normal

Assignee:

Cole Dishington

Target version:

Effort:

low

Difficulty:

low

Label:

Description

Add config for controlling the use of packet recursion level in the flow (and defrag) hashing. Packet recursion should be excluded from flow matching if egress packet pickup of tunneled packets occurs before the kernel has put the headers on, like when using netmap pipes, and the suricata device is a tunnel termination point.

Actions

#1

Updated by Cole Dishington 9 months ago

Added pull requests for suricata and suricata-verify:
https://github.com/OISF/suricata/pull/9363
https://github.com/OISF/suricata-verify/pull/1348

Actions

#2

Updated by Jeff Lucovsky 8 months ago

Status changed from New to In Review

Actions

#3

Updated by Victor Julien 8 months ago

Target version changed from 7.0.1 to 7.0.2

Actions

#4

Updated by Victor Julien 7 months ago

Target version changed from 7.0.2 to 7.0.3

Actions

#5

Updated by Victor Julien 6 months ago

Target version changed from 7.0.3 to 8.0.0-beta1

Actions

#6

Updated by Cole Dishington 3 months ago

PR: https://github.com/OISF/suricata/pull/10214
SV-PR: https://github.com/OISF/suricata-verify/pull/1597

Actions

#7

Updated by Philippe Antoine about 1 month ago

Tracker changed from Bug to Feature

Actions

Also available in: Atom PDF