]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commit
projects / people / ms / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 11f7218) | patch
suricata: Enable bypassing unhandled streams
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 18 Oct 2021 10:10:17 +0000 (10:10 +0000)
committerArne Fitzenreiter <arne_f@ipfire.org>
Tue, 19 Oct 2021 11:34:19 +0000 (11:34 +0000)
commit9deccd1cbab7e446a362b6410fb88b36b655a7cd
treea74eb0fec7748908a7c0b7077baba61a615d0fc0tree | snapshot
parent11f7218f9cd16b32b2cb4477355e0e5057df6399commit | diff
suricata: Enable bypassing unhandled streams

If a stream cannot be identified or if suricata has decided that it
cannot do anything useful any more (e.g. TLS sessions after the
handshake), we will allow suricata to bypass any following packets in
that flow

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
config/suricata/suricata.yaml diff | blob | blame | history
Michael's tree of IPFire 2.x.