Project

General

Profile

Actions

Bug #6776

open

exception/policy: bypass flow incorrect applied?

Added by Juliana Fajardini Reichow over 1 year ago. Updated 6 days ago.

Status:
Assigned
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Exception policy scenarios such as defrag.memcap and flow.memcap are, according to our documentation,
only susceptible to packet-related exception policies.

Ensure that bypass isn't applied to those. Check all other cases, as well.

Decide what should be done for 7.

Actions #1

Updated by Victor Julien about 1 year ago

  • Assignee changed from Juliana Fajardini Reichow to OISF Dev
Actions #2

Updated by Victor Julien 5 months ago

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Juliana Fajardini Reichow
  • Target version changed from 8.0.0-beta1 to 8.0.0-rc1
Actions #3

Updated by Victor Julien about 2 months ago

  • Target version changed from 8.0.0-rc1 to 8.0.1
Actions #4

Updated by Juliana Fajardini Reichow 6 days ago ยท Edited

Definitely a bug with midstream enabled, target midstream... (our SV test updated to show the target exception policy in the flow even expects it: https://github.com/OISF/suricata-verify/blob/master/tests/exception-policy-master-switch/exception-policy-master-switch-05/test.yaml )
Test exception-policy-master-switch-02/ also shows this

Actions

Also available in: Atom PDF