Project

General

Profile

Actions
Copy link

Bug #7053

closed
PA PA

bypass: cannot bypass udp flow from first packet in second direction

Bug #7053: bypass: cannot bypass udp flow from first packet in second direction

Added by Philippe Antoine almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

From https://forum.suricata.io/t/bypass-does-this-only-work-with-tcp/4660/2

This happens because flow state gets overwritten with established after seeing the second direction

Subtasks 1 (0 open1 closed)

Bug #7054: bypass: cannot bypass udp flow from first packet (7.0.x backport)ClosedPhilippe AntoineActions

OT Updated by OISF Ticketbot almost 2 years ago Actions
Copy link
 #1

  • Subtask #7054 added

OT Updated by OISF Ticketbot almost 2 years ago Actions
Copy link
 #2

  • Label deleted (Needs backport to 7.0)

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #3

  • Status changed from New to In Review

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #4

  • Subject changed from bypass: cannot bypass dup flow from first packet to bypass: cannot bypass udp flow from first packet

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #5

  • Subject changed from bypass: cannot bypass udp flow from first packet to bypass: cannot bypass udp flow from first packet in second direction

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #6

By the way, would it make sense to do like SSH ? Once we reach a certain state, all traffic is encrypted, and we bypass automatically...

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #7

  • Status changed from In Review to Resolved

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #8

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: PDF Atom