Project

General

Profile

Actions

Feature #8712

open
VJ LS

firewall: add default app policy options

Feature #8712: firewall: add default app policy options

Added by Victor Julien 1 day ago. Updated about 17 hours ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Add options to specific a default policy for policies that aren't specified.

firewall:
  policies:
    default-policy:
      - "accept:hook" 

    http:
      default-policy:
        - "accept:hook" 

      request-started:
        - "accept:hook" 
      request-trailer:
        - "accept:hook" 
      request-complete:
        - "accept:hook" 
      # implied request-body uses firewall.policies.http.default-policy

   # implied tls uses firewall.policies.default-policy


Related issues 2 (1 open1 closed)

Related to Suricata - Feature #7701: firewall: configurable default policiesClosedVictor JulienActions
Related to Suricata - Bug #8389: firewall: Add monitor/observe mode to preview firewall policy without enforcing dropsNewActions
Actions

Also available in: PDF Atom