Project

General

Profile

Actions

Bug #10700

closed

not all VPN IPs added with vpnaddresses option

Added by Viktor Gurov almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Category:
Suricata
Target version:
-
Start date:
06/25/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

Suricata uses filter_get_vpns_list() to get vpnaddresses list

filter_get_vpns_list() returns only:
IPsec Mobile IPv4 subnet
IPsec site-to-site networks
OpenVPN client/server Tunnel Network / Remote Network IPv4
PPPoE server networks

but not:
IPsec Mobile IPv6 subnet
IPsec Mobile warriors IPs (VPN / IPsec / Pre-Shared Keys / Edit)
OpenVPN client/server Tunnel Network / Remote Network IPv6
L2TP VPN network

See also #8688 and #10493

Actions

Also available in: Atom PDF