git.ipfire.org Git - thirdparty/suricata.git/commit

author	Victor Julien <victor@inliniac.net>
	Fri, 3 Sep 2021 15:04:02 +0000 (17:04 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 28 Sep 2021 12:18:22 +0000 (14:18 +0200)
commit	81c69694554d84d507edd5c3c8e98d39851fcfd2
tree	44818b2efdf9151a9d370bb26122d2f1d859cd0f	tree
parent	1aa4fc13cbe37530b11d8f7b787189c964ecef6d	commit \| diff

detect: unify alert handling; fix bugs

Unify handling of signature matches between various rule types and
between noalert and regular rules.

"noalert" sigs are added to the alert queue initially, but removed
from it after handling their actions. This way all actions are applied
from a single place.

Make sure flow drop and pass are mutually exclusive.

The above addresses issue with pass and drops not getting applied
correctly in various cases.

Bug: #4663
Bug: #4670

(cherry picked from commit aa93984b7e58d3d8c1323f86bdaff937f8b8bd1e)

src/decode.h		diff \| blob \| blame \| history
src/detect-engine-alert.c		diff \| blob \| blame \| history
src/detect-engine-iponly.c		diff \| blob \| blame \| history
src/detect-engine.c		diff \| blob \| blame \| history
src/detect.c		diff \| blob \| blame \| history
src/detect.h		diff \| blob \| blame \| history
src/flow.h		diff \| blob \| blame \| history