Actions
Feature #5468
closedTask #4773: research: IPS behavior wrt resource limits
ips: midstream: add "exception policy" for midstream
Effort:
Difficulty:
Label:
Needs backport to 6.0
Description
Allow a policy to specified for midstream connections. This should include the typical fail open to fail closed options.
A grace period after startup may need to be part of this, so that a sensor restart doesn't automatically apply to all open connections right way. The grace period should also be allowed to 0 (disabled).
Updated by Victor Julien over 2 years ago
- Related to Feature #5469: rules: expose per flow stream.midstream setting to the rule language added
Updated by Juliana Fajardini Reichow about 2 years ago
- Assignee changed from OISF Dev to Juliana Fajardini Reichow
Updated by Juliana Fajardini Reichow about 2 years ago
- Status changed from New to In Progress
Updated by Juliana Fajardini Reichow about 2 years ago
- Label Needs backport to 6.0 added
First PR for review https://github.com/OISF/suricata/pull/7727
starting to work on documentation now.
Updated by Juliana Fajardini Reichow about 2 years ago
- Copied to Feature #5500: ips: midstream: add "exception policy" for midstream (6.0.x backport) added
Updated by Juliana Fajardini Reichow about 2 years ago
- Status changed from In Progress to In Review
Updated by Juliana Fajardini Reichow about 2 years ago
- Status changed from In Review to Resolved
Merged PR: https://github.com/OISF/suricata/pull/7791
Updated by Victor Julien about 2 years ago
- Target version changed from TBD to 7.0.0-beta1
Updated by Victor Julien about 2 years ago
- Status changed from Resolved to Closed
Actions