git.ipfire.org Git - thirdparty/suricata.git/commit

author	Victor Julien <victor@inliniac.net>
	Fri, 3 Sep 2021 15:04:02 +0000 (17:04 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 28 Sep 2021 08:05:24 +0000 (10:05 +0200)
commit	cd81d899dc80f83d1c486042ecd3e48d794253e6
tree	5787b9eeb584ba8bf03a9eb1958c58a082b8f731	tree
parent	44723bf19e47a135a73c0269fa5b3d190883e8fa	commit \| diff

detect: unify alert handling; fix bugs

Unify handling of signature matches between various rule types and
between noalert and regular rules.

"noalert" sigs are added to the alert queue initially, but removed
from it after handling their actions. This way all actions are applied
from a single place.

Make sure flow drop and pass are mutually exclusive.

The above addresses issue with pass and drops not getting applied
correctly in various cases.

Bug: #4663
Bug: #4670

(cherry picked from commit aa93984b7e58d3d8c1323f86bdaff937f8b8bd1e)

src/decode.h		diff \| blob \| blame \| history
src/detect-engine-alert.c		diff \| blob \| blame \| history
src/detect-engine-iponly.c		diff \| blob \| blame \| history
src/detect-engine.c		diff \| blob \| blame \| history
src/detect.c		diff \| blob \| blame \| history
src/detect.h		diff \| blob \| blame \| history
src/flow.h		diff \| blob \| blame \| history