]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1f69d6c) | patch
detect: set ACTION_ALERT for rules that should alert
authorVictor Julien <vjulien@oisf.net>
Fri, 12 Jan 2024 10:14:27 +0000 (11:14 +0100)
committerVictor Julien <victor@inliniac.net>
Tue, 2 Jul 2024 19:25:29 +0000 (21:25 +0200)
commit5bcbbf356961b493af1276554079dacfab67d4b9
tree0aaf14cbd4002dc9634703e85d8051fde4b556c5tree
parent1f69d6cdedc1cf17ba03016f6458568dc3f52791commit | diff
detect: set ACTION_ALERT for rules that should alert

Replaces default "alert" logic and removed SIG_FLAG_NOALERT.

Instead, "noalert" unsets ACTION_ALERT. Same for flowbits:noalert and
friends.

In signature ordering rules w/o action are sorted as if they have 'alert',
which is the same behavior as before, but now implemented explicitly.

Ticket: #5466.
(cherry picked from commit 92581dbc0669464e2e3ed2b84c8e0695418879c3)
src/detect-engine-alert.c diff | blob | blame | history
src/detect-engine-analyzer.c diff | blob | blame | history
src/detect-flowbits.c diff | blob | blame | history
src/detect-hostbits.c diff | blob | blame | history
src/detect-noalert.c diff | blob | blame | history
src/detect-parse.c diff | blob | blame | history
src/detect-xbits.c diff | blob | blame | history
src/detect.h diff | blob | blame | history
src/packet.c diff | blob | blame | history
src/util-action.c diff | blob | blame | history
src/util-threshold-config.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git