Page MenuHomeVyOS Platform

xt_tls / SNI TLS filtering
Closed, WontfixPublicFEATURE REQUEST

Description

Hey guys, I recently experimented with the netfilter/IPtables extension xt_tls and it seems to work pretty well. It provides the ability to firewall based on the observed SNI request in flight between client and server. That is pretty much the "new way" of firewalling since the re-use of HTTPS for all application traffic.

Is this something the VyOS project would be interested in including in the 1.3 or a future release?

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)