suricata: Change midstream policy to "pass-flow"

author Michael Tremer <michael.tremer@ipfire.org>

Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)

committer Michael Tremer <michael.tremer@ipfire.org>

Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)
author Michael Tremer <michael.tremer@ipfire.org>
Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)
committer Michael Tremer <michael.tremer@ipfire.org>
Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml

index dc142d6906d80495b157a4d8aefa17c5027d1768..041082b040001f8dae4b17c38e517e7056d78682 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -1118,7 +1118,7 @@ stream:
    #memcap-policy: ignore
    checksum-validation: yes      # reject incorrect csums
    midstream: true
-  midstream-policy: pass-packet
+  midstream-policy: pass-flow
    inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
    bypass: yes                   # Bypass packets when stream.reassembly.depth is reached.
    reassembly:
author	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 9 Apr 2024 09:51:18 +0000 (10:51 +0100)