Bug #8497: firewall: limit packet scope to UDP app-layer - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #8497

open

VJ VJ

firewall: limit packet scope to UDP app-layer

Bug #8497: firewall: limit packet scope to UDP app-layer

Added by Victor Julien about 4 hours ago. Updated about 3 hours ago.

Status:

In Review

Priority:

Normal

Assignee:

Victor Julien

Target version:

9.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

When using accept:packet or drop:packet in TCP app-layers like TLS, the hooks that get inspected or skipped depend on how the data is spliced over packets.

I think in the TCP app-layer accepting should be about hooks or transactions (or the whole flow), not about a single packet. Same for drop.s

Subtasks 1 (1 open — 0 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #8497

firewall: limit packet scope to UDP app-layer

OT Updated by OISF Ticketbot about 4 hours ago Actions
Copy link
#1

OT Updated by OISF Ticketbot about 4 hours ago Actions
Copy link
#2

VJ Updated by Victor Julien about 3 hours ago Actions
Copy link
#3

Project

General

Profile

Suricata

Custom queries

Bug #8497

firewall: limit packet scope to UDP app-layer

OT Updated by OISF Ticketbot about 4 hours ago ActionsCopy link #1

OT Updated by OISF Ticketbot about 4 hours ago ActionsCopy link #2

VJ Updated by Victor Julien about 3 hours ago ActionsCopy link #3

OT Updated by OISF Ticketbot about 4 hours ago Actions
Copy link
#1

OT Updated by OISF Ticketbot about 4 hours ago Actions
Copy link
#2

VJ Updated by Victor Julien about 3 hours ago Actions
Copy link
#3