Project

General

Profile

Actions
Copy link

Feature #744

closed
EL VJ

Teredo configuration

Feature #744: Teredo configuration

Added by Eric Leblond about 13 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
4.0rc2
Effort:
Difficulty:
Label:

Description

Teredo tunnel detection is difficult because of the protocol which is too limited.

To avoid miss detection, we can had a port parameter to avoid to run the detection on all flow. The configuration could look like that:

tunnel
  - teredo:
    enabled: yes|no
    ports: port1,port2|any

Related issues 1 (0 open1 closed)

Copied to Suricata - Feature #3546: Teredo port configurationClosedVictor JulienActions

PM Updated by Peter Manev about 13 years ago Actions
Copy link
 #1

wouldn't
ports: port1,port2|+*any*+

be just like it is now? (auto detection and no settings in yaml)

Most people would prefer auto proto detection.

or I am misinterpreting ?

VJ Updated by Victor Julien over 12 years ago Actions
Copy link
 #2

  • Target version set to TBD

AH Updated by Andreas Herz over 10 years ago Actions
Copy link
 #3

  • Assignee set to OISF Dev

VJ Updated by Victor Julien over 9 years ago Actions
Copy link
 #4

  • Target version changed from TBD to 70

Pcap in #990 is an example of misdetected teredo.

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
 #5

  • Status changed from New to Assigned
  • Assignee changed from OISF Dev to Victor Julien
  • Priority changed from High to Normal
  • Target version changed from 70 to 4.0rc2

VJ Updated by Victor Julien over 8 years ago Actions
Copy link
 #6

  • Status changed from Assigned to Closed

https://github.com/inliniac/suricata/pull/2827 implements the option to disable

VJ Updated by Victor Julien about 6 years ago Actions
Copy link
 #7

Actions
Copy link

Also available in: PDF Atom