suricata: Set midstream-policy to pass-packet

Set this value to the same as the exception-policy to keep in sync and
hopefully have the same behaviour. In case this option is not set an
ugly message about a not correctly set value will be logged to syslog
during startup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index dd6a42e915eda042efc34186812f36602d5ebb25..4c948bddd58cd331cd5c38b7f58da28666079f6f 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -1117,7 +1117,7 @@ stream:
   #memcap-policy: ignore
   checksum-validation: yes      # reject incorrect csums
   #midstream: false
-  #midstream-policy: ignore
+  midstream-policy: pass-packet
   inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
   bypass: yes                   # Bypass packets when stream.reassembly.depth is reached.
   reassembly: