Actions
Bug #7884
open
JF
JF
exceptions: handle logging for per-packet policies
Bug #7884:
exceptions: handle logging for per-packet policies
Description
When implementing #6215 the implications of flow.memcap and defrag.memcap affecting only packets weren't taken into consideration.
This means that Suricata is able to generate stats for when these are triggered, but can't actually log the triggered policy with a flow, as there isn't one associated when we apply the policies.
VJ Updated by Victor Julien 7 months ago
Wonder if we should make this a new subtype of the anomaly type
- anomaly:
enabled: yes
types:
# decode: no
# stream: no
# applayer: yes
exception-policy: yes
#packethdr: no
VJ Updated by Victor Julien 7 months ago
- Target version changed from 8.0.2 to 9.0.0-beta1
OT Updated by OISF Ticketbot 7 months ago
- Subtask #7909 added
OT Updated by OISF Ticketbot 7 months ago
- Label deleted (
Needs backport to 7.0)
JF Updated by Juliana Fajardini Reichow 5 months ago
- Status changed from New to Assigned
JF Updated by Juliana Fajardini Reichow 4 months ago
- Label Needs backport to 8.0 added
OT Updated by OISF Ticketbot 4 months ago
- Subtask #8160 added
OT Updated by OISF Ticketbot 4 months ago
- Label deleted (
Needs backport to 8.0)
Actions