Project

General

Profile

Actions
Copy link

Feature #8514

open
JF JF

Story #7583: 9.0.0: usecase: improve firewall usecase

firewall: analyzer: complete rule table coverage

Feature #8514: firewall: analyzer: complete rule table coverage

Added by Juliana Fajardini Reichow 3 days ago. Updated 3 days ago.

Status:
Assigned
Priority:
Normal
Assignee:
Juliana Fajardini Reichow
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

For the FirewallAnalyzer report, we use AppLayerParserGetStateNameById to get the app-layer proto state, but if a parser doesn't have that, we don't return anything and thus don't get a rule table report, it seems. I suspect this may be just an UDP issue.

Saw this happening for DNS but imagine it can be the same for similar protos.

Subtasks 1 (1 open0 closed)

Feature #8519: firewall: analyzer: complete rule table coverage (8.0.x backport)AssignedJuliana Fajardini ReichowActions

JF Updated by Juliana Fajardini Reichow 3 days ago Actions
Copy link
 #1

  • Description updated (diff)

VJ Updated by Victor Julien 3 days ago Actions
Copy link
 #2

  • Status changed from New to Assigned
  • Assignee set to Juliana Fajardini Reichow
  • Priority changed from Normal to High
  • Label Needs backport to 8.0 added

OT Updated by OISF Ticketbot 3 days ago Actions
Copy link
 #3

  • Subtask #8519 added

OT Updated by OISF Ticketbot 3 days ago Actions
Copy link
 #4

  • Label deleted (Needs backport to 8.0)
Actions
Copy link

Also available in: PDF Atom