Feature #8204: firewall: support for hot reload of firewall mode rules - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #8204

open

firewall: support for hot reload of firewall mode rules

Added by Olu Adeleke 2 months ago. Updated 2 months ago.

Status:

New

Priority:

Normal

Assignee:

Target version:

TBD

Effort:

Difficulty:

Label:

Needs backport to 8.0

Description

Rule reloading without restarts is not yet supported for firewall mode rules.

This implies that users need to restart Suricata whenever there is a need for to update firewall mode rules, and this can cause interruptions to packet processing, packet losses and cause flows to be re-categorized as midstream.

It would be useful to have some in built support to hot-reload firewall mode rules (similar to what exists for the existing IPS/IDS rules) without need for restarts.

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #8204

firewall: support for hot reload of firewall mode rules

Updated by Olu Adeleke 2 months ago

Updated by Victor Julien 2 months ago

Updated by Victor Julien 2 months ago

Updated by Victor Julien about 2 months ago