Project

General

Profile

Actions
Copy link

Feature #7711

open

tracking: detect: add detection hooks to inspect/drop before stateful components

Added by Victor Julien about 11 hours ago. Updated about 11 hours ago.

Status:
New
Priority:
Normal
Assignee:
Victor Julien
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Currently the packet pipeline is roughly:

capture -> decode -> flow update -> stream -> app-layer -> detect -> output.

This leads to packets only getting dropped by a rule policy after they have first updated the state of the flow, stream, app-layer of a flow.

Subtasks 1 (1 open0 closed)

Feature #7712: detect: add pre_stream rule hookNewVictor JulienActions
Actions
Copy link
 #1

Updated by Victor Julien about 11 hours ago

  • Subtask #7712 added
Actions
Copy link

Also available in: Atom PDF