Task #8435: firewall: investigate handling of encapsulation/tunneling like GRE/VXLAN - Suricata - Open Information Security Foundation

Actions

Task #8435

open

Status:

New

Priority:

Normal

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

These packets lead to several internal packets that are connected for the verdict. The rule language is not aware of this though.

First step would be to create a test for these cases:

We may want to disallow things like IP in IP globally or in a ruleset.

Related issues 2 (2 open — 0 closed)

Actions

Also available in: Atom PDF

	Related to Suricata - Feature #8334: firewall: allow matching on packet layers	New					Actions
	Related to Suricata - Task #7269: firewall: comprehensive rules tests	In Progress	Victor Julien				Actions