- 新しい順
- 投票が多い順
- コメントが多い順
Just a guess from my own tests... Check your NACLs. Ephemerals Ports needs to be allowed for the response, otherwise network firewall can't identify "HTTP" (L7) protocol.
Hi,
Could you please expand upon what you mean by the rules do not work? And how this is being tested?
If you have a premium support subscription I would advise that you open a support case with AWS using the following link: https://console.aws.amazon.com/support/home#/case/create as we require details that are non-public information
I have identified an AWS doc that touches on emerging threats rules and testing them: https://aws.amazon.com/blogs/opensource/scaling-threat-prevention-on-aws-with-suricata/ Also the limitations and caveats for stateful rules in AWS Network Firewall: https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html
関連するコンテンツ
- AWS公式更新しました 8ヶ月前
- AWS公式更新しました 2年前