Bug #5771
Updated by Lukas Sismis almost 2 years ago
Even though the eBPF (XDP) and Suricata structures are ready to handle nested VLANs (VLAN in VLAN) after my testing all packets were passed to Suricata. I've found this when trying out TLS bypass - bypass TLS flow after TLS handshake. I am attaching a single TLS stream where after adding a VLAN all packets are forwarded to Suricata even though they should be bypassed after the handshake (after ~23 packets).