Project

General

Profile

Actions
Copy link

Feature #7711

open

tracking: detect: add detection hooks to inspect/drop before stateful components

Added by Victor Julien about 1 month ago. Updated 21 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Victor Julien
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

Currently the packet pipeline is roughly:

capture -> decode -> flow update -> stream -> app-layer -> detect -> output.

This leads to packets only getting dropped by a rule policy after they have first updated the state of the flow, stream, app-layer of a flow.

Subtasks 2 (0 open2 closed)

Feature #7712: detect: add pre_stream rule hookClosedVictor JulienActions
Feature #7714: detect: add pre_flow rule hookClosedVictor JulienActions
Actions
Copy link
 #1

Updated by Victor Julien about 1 month ago

  • Subtask #7712 added
Actions
Copy link
 #2

Updated by Victor Julien about 1 month ago

  • Subtask #7714 added
Actions
Copy link
 #3

Updated by Victor Julien about 1 month ago

  • Status changed from New to In Review
  • Target version changed from TBD to 8.0.0-rc1
Actions
Copy link
 #4

Updated by Philippe Antoine 21 days ago

  • Status changed from In Review to Resolved
Actions
Copy link
 #5

Updated by Victor Julien 21 days ago

  • Status changed from Resolved to In Progress
  • Target version changed from 8.0.0-rc1 to 9.0.0-beta1

Will be more to do, but that will be for 9.

Actions
Copy link

Also available in: Atom PDF