Project

General

Profile

Bug #9135

Suricata in inline modus blocks some downloads

Added by Rene Hutschreuther 6 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
Start date:
11/18/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.4
Affected Architecture:

Description

Suricata in the inline mode blocks some downloads mostly from Subdomains but some downloads it blocked from normal domains. The browser means that the domain not reachable when it was a subdomain or get a 3kb download when it was a normal domain. The suricata logs show nothing no alert no error. I think that the bug came with version 4.0.6.

History

#1 Updated by Bill Meeks 6 months ago

This bug needs to be reported upstream to the Suricata team. When you use Inline IPS mode, you are using code straight from upstream with no pfSense-specific patches. The Suricata Redmine site is here: https://redmine.openinfosecfoundation.org/projects/suricata

#2 Updated by Rene Hutschreuther 6 months ago

Bill Meeks wrote:

This bug needs to be reported upstream to the Suricata team. When you use Inline IPS mode, you are using code straight from upstream with no pfSense-specific patches. The Suricata Redmine site is here: https://redmine.openinfosecfoundation.org/projects/suricata

I can´t reported the bug on the Suricata Redmine site, I don´t get any Activation Mail it seems as no Mail send or my Mail Provider blocks the adress. I think the only way to recover the bug is go back to 4.05 to this fixed.

#3 Updated by Jim Pingle 2 months ago

  • Target version changed from 48 to 2.5.0

Also available in: Atom PDF