suricata: Set exception-policy to pass-packet

author Stefan Schantl <stefan.schantl@ipfire.org>

Fri, 5 Apr 2024 19:26:38 +0000 (21:26 +0200)

committer Michael Tremer <michael.tremer@ipfire.org>

Mon, 8 Apr 2024 14:57:09 +0000 (14:57 +0000)
author Stefan Schantl <stefan.schantl@ipfire.org>
Fri, 5 Apr 2024 19:26:38 +0000 (21:26 +0200)
committer Michael Tremer <michael.tremer@ipfire.org>
Mon, 8 Apr 2024 14:57:09 +0000 (14:57 +0000)
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml

index 6aa921dad9ef00f2e2660d640d2a9c7d2570f8e7..165a2442d22b060fb60ec90eab36a5bb0cc8dc4d 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -889,7 +889,7 @@ legacy:
  # extra option: auto - which means drop-flow or drop-packet (as explained above)
  # in IPS mode, and ignore in IDS mode. Exception policy values are: drop-packet,
  # drop-flow, reject, bypass, pass-packet, pass-flow, ignore (disable).
-exception-policy: auto
+exception-policy: pass-packet
  
  # When run with the option --engine-analysis, the engine will read each of
  # the parameters below, and print reports for each of the enabled sections
author	Stefan Schantl <stefan.schantl@ipfire.org>
	Fri, 5 Apr 2024 19:26:38 +0000 (21:26 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Mon, 8 Apr 2024 14:57:09 +0000 (14:57 +0000)