This is something we've known about for a while, but tracking it here for remediation. SGFW fails open: if it crashes, or is stopped, traffic passes through as though it were never there in the first place. In production SGOS, SGFW should fail closed, especially because of possible issues like this: https://github.com/subgraph/go-nfnetlink/issues/5
This is something we've known about for a while, but tracking it here for remediation. SGFW fails open: if it crashes, or is stopped, traffic passes through as though it were never there in the first place. In production SGOS, SGFW should fail closed, especially because of possible issues like this: https://github.com/subgraph/go-nfnetlink/issues/5