Bug #769: Be sure to always apply verdict to NFQ packet - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #769

closed

EL EL

Be sure to always apply verdict to NFQ packet

Bug #769: Be sure to always apply verdict to NFQ packet

Added by Eric Leblond over 13 years ago. Updated almost 13 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Eric Leblond

Target version:

2.0beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

It seems that in some cases, it is possible that Suricata do not verdict a Packet. This is for example the case when the propagation to the other module fails. This could result in some packets getting stuck inside Netfilter queue on kernel side.

We should investigate more deeply into this to be sure we always verdict Packet.

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #769

Be sure to always apply verdict to NFQ packet

VJ Updated by Victor Julien over 13 years ago Actions
Copy link
#1

EL Updated by Eric Leblond almost 13 years ago Actions
Copy link
#2

VJ Updated by Victor Julien almost 13 years ago Actions
Copy link
#3

VJ Updated by Victor Julien almost 13 years ago Actions
Copy link
#4

Project

General

Profile

Suricata

Custom queries

Bug #769

Be sure to always apply verdict to NFQ packet

VJ Updated by Victor Julien over 13 years ago ActionsCopy link #1

EL Updated by Eric Leblond almost 13 years ago ActionsCopy link #2

VJ Updated by Victor Julien almost 13 years ago ActionsCopy link #3

VJ Updated by Victor Julien almost 13 years ago ActionsCopy link #4

VJ Updated by Victor Julien over 13 years ago Actions
Copy link
#1

EL Updated by Eric Leblond almost 13 years ago Actions
Copy link
#2

VJ Updated by Victor Julien almost 13 years ago Actions
Copy link
#3

VJ Updated by Victor Julien almost 13 years ago Actions
Copy link
#4