Task #8491: firewall: support multi hook rules - Suricata - Open Information Security Foundation

Actions

Copy link

Task #8491

open

firewall: support multi hook rules

Task #8491: firewall: support multi hook rules

Added by Victor Julien 7 days ago.

Status:

New

Priority:

Normal

Assignee:

Target version:

TBD

Effort:

Difficulty:

Label:

Description

Define how multi-hook rules work in firewall mode.

accept:?? http:??? any any -> any any (http.uri; content:"/index.html"; http.user_agent; content:"Mozilla"; sid:1;)

As in the current single hook rules we specify the explicit hook, one question is how to specify the hook or hooks, and what should happen to the hooks in between (if any).

Should also define what actions are supported, like does accept:hook make sense for multi-hook rules.

No data to display

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Task #8491

firewall: support multi hook rules