Project

General

Profile

Actions
Copy link

Task #8435

open

firewall: investigate handling of encapsulation/tunneling like GRE/VXLAN

Added by Victor Julien about 16 hours ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
TBD
Effort:
Difficulty:
Label:

Description

These packets lead to several internal packets that are connected for the verdict. The rule language is not aware of this though.

First step would be to create a test for these cases:
  • VXLAN
  • Geneve
  • GRE
  • IP in IP
  • etc

We may want to disallow things like IP in IP globally or in a ruleset.

Related issues 2 (2 open0 closed)

Related to Suricata - Feature #8334: firewall: allow matching on packet layersNewActions
Related to Suricata - Task #7269: firewall: comprehensive rules testsIn ProgressVictor JulienActions
Actions
Copy link
 #1

Updated by Victor Julien about 16 hours ago

  • Related to Feature #8334: firewall: allow matching on packet layers added
Actions
Copy link
 #2

Updated by Victor Julien about 16 hours ago

  • Related to Task #7269: firewall: comprehensive rules tests added
Actions
Copy link

Also available in: Atom PDF