From 56f6d107ff152748a0330a99ab39ad66880ff64b Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 21 Apr 2019 01:32:07 +0100
Subject: [PATCH] suricata: Do not always convert rules to be bi-directional

This creates some overhead that we do not need and rules need to
be adjusted to match any direction they are supposed to match.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/cfgroot/ids-functions.pl | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 5496df1a98..deb287bb76 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -742,9 +742,6 @@ sub write_modify_sids_file($) {
 	# Write file header.
 	print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
 
-	# Tune rules to monitor in both directions.
-	print FILE "modifysid \* \"\-\>\" \| \"\<\>\"\n";
-
 	# Check if the traffic only should be monitored.
 	unless($ruleaction eq "alert") {
 		# Tell oinkmaster to switch all rules from alert to drop.
-- 
2.39.5