Project

General

Profile

Actions
Copy link

Bug #8663

closed
JI JI

ftp: ftpdata_command never matches in firewall mode for active ftp

Bug #8663: ftp: ftpdata_command never matches in firewall mode for active ftp

Added by Jason Ish 7 days ago. Updated about 1 hour ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
9.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

The ftpdata_command limits which direction of the flow it will match on, which matches passive ftp, but it will never match in active mode. Visible in firewall mode which is more strict than the threat detection rules.

Subtasks 1 (0 open1 closed)

Bug #8669: ftp: ftpdata_command never matches in firewall mode for active ftp (8.0.x backport)ClosedJason IshActions

Related issues 1 (1 open0 closed)

Related to Suricata - Feature #8408: firewall: support FTP-data hook states for firewall rule evaluationAssignedJason IshActions

JI Updated by Jason Ish 7 days ago Actions
Copy link
 #1

  • Related to Feature #8408: firewall: support FTP-data hook states for firewall rule evaluation added

JI Updated by Jason Ish 7 days ago Actions
Copy link
 #2

  • Status changed from In Progress to In Review

JI Updated by Jason Ish 5 days ago Actions
Copy link
 #3

  • Label Needs backport to 8.0 added

OT Updated by OISF Ticketbot 5 days ago Actions
Copy link
 #4

  • Subtask #8669 added

OT Updated by OISF Ticketbot 5 days ago Actions
Copy link
 #5

  • Label deleted (Needs backport to 8.0)

JI Updated by Jason Ish 5 days ago Actions
Copy link
 #6

  • Status changed from In Review to Resolved

PA Updated by Philippe Antoine about 1 hour ago Actions
Copy link
 #7

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: PDF Atom