Project

General

Profile

Actions
Copy link

Task #8435

open
VJ OD

firewall: investigate handling of encapsulation/tunneling like GRE/VXLAN

Task #8435: firewall: investigate handling of encapsulation/tunneling like GRE/VXLAN

Added by Victor Julien 2 months ago. Updated 11 days ago.

Status:
Triaged
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Effort:
Difficulty:
Label:

Description

These packets lead to several internal packets that are connected for the verdict. The rule language is not aware of this though.

First step would be to create a test for these cases:
  • VXLAN
  • Geneve
  • GRE
  • IP in IP
  • etc

We may want to disallow things like IP in IP globally or in a ruleset.

Related issues 2 (2 open0 closed)

Related to Suricata - Feature #8334: firewall: allow matching on packet layersTriagedOISF DevActions
Related to Suricata - Task #7269: firewall: comprehensive rules testsIn ProgressVictor JulienActions

VJ Updated by Victor Julien 2 months ago Actions
Copy link
 #1

  • Related to Feature #8334: firewall: allow matching on packet layers added

VJ Updated by Victor Julien 2 months ago Actions
Copy link
 #2

  • Related to Task #7269: firewall: comprehensive rules tests added

JI Updated by Jason Ish 11 days ago Actions
Copy link
 #3

  • Status changed from New to Triaged
  • Assignee set to OISF Dev
Actions
Copy link

Also available in: PDF Atom