Actions
Bug #7725
closed
JF
JF
decode/ipv4: missing ip-in-ip case handling
Bug #7725:
decode/ipv4: missing ip-in-ip case handling
Affected Versions:
Effort:
Difficulty:
Label:
Description
A flow with IPv4 IP in IP traffic won't handle this tunneling case properly.
This leads to potential malicious traffic not triggering alerts, as well as other
inaccuracies in the logs.
Check if this case is also missing in other scenarios.
Waiting to see if the pcap shared can be added to a public SV test.
OT Updated by OISF Ticketbot 10 months ago
- Subtask #7726 added
OT Updated by OISF Ticketbot 10 months ago
- Label deleted (
Needs backport to 7.0)
JF Updated by Juliana Fajardini Reichow 10 months ago
- Description updated (diff)
JF Updated by Juliana Fajardini Reichow 10 months ago
Attempt at a fix shared on GL.
JF Updated by Juliana Fajardini Reichow 10 months ago
- Status changed from New to In Progress
- Assignee changed from OISF Dev to Juliana Fajardini Reichow
JF Updated by Juliana Fajardini Reichow 10 months ago
- Status changed from In Progress to In Review
JF Updated by Juliana Fajardini Reichow 10 months ago
- Private changed from Yes to No
PR for reviewing: https://github.com/OISF/suricata/pull/13367
PA Updated by Philippe Antoine 10 months ago
- Related to Bug #4571: Unable to trigger rule by content in case of IPv4 in IPv4 encapsulation added
PA Updated by Philippe Antoine 10 months ago
- Status changed from In Review to Resolved
JF Updated by Juliana Fajardini Reichow 10 months ago
- Related to Task #7734: decode: review if any decoders are missing for IPv4 or IPv6 added
JF Updated by Juliana Fajardini Reichow 8 months ago
- Status changed from Resolved to Closed
Actions