- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Just a guess from my own tests... Check your NACLs. Ephemerals Ports needs to be allowed for the response, otherwise network firewall can't identify "HTTP" (L7) protocol.
Hi,
Could you please expand upon what you mean by the rules do not work? And how this is being tested?
If you have a premium support subscription I would advise that you open a support case with AWS using the following link: https://console.aws.amazon.com/support/home#/case/create as we require details that are non-public information
I have identified an AWS doc that touches on emerging threats rules and testing them: https://aws.amazon.com/blogs/opensource/scaling-threat-prevention-on-aws-with-suricata/ Also the limitations and caveats for stateful rules in AWS Network Firewall: https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 8 mesi fa