]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8f72a04) | patch
detect: set ACTION_ALERT for rules that should alert
authorVictor Julien <vjulien@oisf.net>
Fri, 12 Jan 2024 10:14:27 +0000 (11:14 +0100)
committerVictor Julien <vjulien@oisf.net>
Fri, 7 Jun 2024 18:54:05 +0000 (20:54 +0200)
commit92581dbc0669464e2e3ed2b84c8e0695418879c3
tree33e6be850f86c8cc38f9ef37b1d65c70d226fa8btree
parent8f72a04973764ea849096cec3ee828e7ce4891eccommit | diff
detect: set ACTION_ALERT for rules that should alert

Replaces default "alert" logic and removed SIG_FLAG_NOALERT.

Instead, "noalert" unsets ACTION_ALERT. Same for flowbits:noalert and
friends.

In signature ordering rules w/o action are sorted as if they have 'alert',
which is the same behavior as before, but now implemented explicitly.

Ticket: #5466.
src/detect-engine-alert.c diff | blob | blame | history
src/detect-engine-analyzer.c diff | blob | blame | history
src/detect-flowbits.c diff | blob | blame | history
src/detect-hostbits.c diff | blob | blame | history
src/detect-noalert.c diff | blob | blame | history
src/detect-parse.c diff | blob | blame | history
src/detect-xbits.c diff | blob | blame | history
src/detect.h diff | blob | blame | history
src/packet.c diff | blob | blame | history
src/util-action.c diff | blob | blame | history
src/util-threshold-config.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git