Actions
Bug #7725
opendecode/ipv4: missing ip-in-ip case handling
Affected Versions:
Effort:
Difficulty:
Label:
Description
A flow with IPv4 IP in IP traffic won't handle this tunneling case properly.
This leads to potential malicious traffic not triggering alerts, as well as other
inaccuracies in the logs.
Check if this case is also missing in other scenarios.
Waiting to see if the pcap shared can be added to a public SV test.
Updated by Juliana Fajardini Reichow 2 months ago
Attempt at a fix shared on GL.
Updated by Juliana Fajardini Reichow 2 months ago
- Status changed from New to In Progress
- Assignee changed from OISF Dev to Juliana Fajardini Reichow
Updated by Juliana Fajardini Reichow 2 months ago
- Status changed from In Progress to In Review
Updated by Juliana Fajardini Reichow about 2 months ago
- Private changed from Yes to No
PR for reviewing: https://github.com/OISF/suricata/pull/13367
Updated by Philippe Antoine about 2 months ago
- Related to Bug #4571: Unable to trigger rule by content in case of IPv4 in IPv4 encapsulation added
Updated by Philippe Antoine about 2 months ago
- Status changed from In Review to Resolved
Updated by Juliana Fajardini Reichow about 2 months ago
- Related to Task #7734: decode: review if any decoders are missing for IPv4 or IPv6 added
Actions