Project

General

Profile

Actions
Copy link

Bug #8663

closed
JI JI

ftp: ftpdata_command never matches in firewall mode for active ftp

Bug #8663: ftp: ftpdata_command never matches in firewall mode for active ftp

Added by Jason Ish 7 days ago. Updated about 2 hours ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
9.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

The ftpdata_command limits which direction of the flow it will match on, which matches passive ftp, but it will never match in active mode. Visible in firewall mode which is more strict than the threat detection rules.

Subtasks 1 (0 open1 closed)

Bug #8669: ftp: ftpdata_command never matches in firewall mode for active ftp (8.0.x backport)ClosedJason IshActions

Related issues 1 (1 open0 closed)

Related to Suricata - Feature #8408: firewall: support FTP-data hook states for firewall rule evaluationAssignedJason IshActions
Actions
Copy link

Also available in: PDF Atom