Project

General

Profile

Actions
Copy link

Task #8388

open

firewall: support protocol hooks for all app-layer protocols

Added by Yash Datre 5 days ago. Updated 3 days ago.

Status:
New
Priority:
High
Assignee:
Victor Julien
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Firewall mode requires app-layer protocols to have explicit hook states registered so that firewall rules can make accept/drop decisions at the application layer. Without registered hooks, traffic matching an app-layer protocol falls through to the default app policy (drop), even when packet-layer rules accept the TCP/UDP handshake.

Currently, only HTTP1, TLS, and SSH have protocol-specific hook states. DNS works with the generic default hooks ( request_started , request_complete , response_started , response_complete ).

Subtickets will track individual protocols.

Subtasks 5 (5 open0 closed)

Feature #8386: firewall: support HTTP2 hook states for per-frame accept/drop decisionsNewActions
Feature #8392: firewall: support FTP hook states for firewall rule evaluationNewOISF DevActions
Feature #8393: firewall: support SMTP hook states for firewall rule evaluationNewActions
Feature #8394: firewall: support NTP hook states for firewall rule evaluationNewOISF DevActions
Feature #8395: firewall: support SNMP hook states for firewall rule evaluationNewOISF DevActions
Actions
Copy link

Also available in: Atom PDF