Feature #6063
Updated by Victor Julien about 1 year ago
For streams that are using async routing, allow applying a separate exception policy.
Async detection would match the logic the async-oneside option uses today:
Client -> Server: SYN followed by ACK matching the 3whs. SEQ of this packet would be ISN+1. If no SYN/ACK has been seen we’d be in async mode.
Server -> Client: SYN/ACK as first packet.
In both cases we'd apply a new exception policy.
Suggested defaults:
- IDS: ignore
- IPS, async-oneside disabled: drop-packet (not drop flow as otherwise an injected packet might trigger a flow drop?)
- IPS, async-oneside enabled: ignore