]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e85a44c) | patch
suppress: add track by_either mode
authorVictor Julien <victor@inliniac.net>
Wed, 10 Jun 2015 13:22:12 +0000 (15:22 +0200)
committerVictor Julien <victor@inliniac.net>
Mon, 15 Jun 2015 09:16:35 +0000 (11:16 +0200)
commitebb42f831c98e2368a7d4fd03c788f718ba899e9
treea291364d0bde42941bade2a36d1f3b154070bd48tree
parente85a44c383d6790e96b84c4420cc477ef4cecd98commit | diff
suppress: add track by_either mode

So far suppress rules would apply to src or dst addresses of a packet.
This meant that if a ip would need to suppressed both as src and as dst,
2 suppress rules would be needed.

This patch introduces track by_either, which means that the ip(s) in the
suppress rule are tested against both the packets source and dest ip's.
If either of them is on the suppress list, the alert is suppressed.
src/detect-engine-threshold.c diff | blob | blame | history
src/detect-threshold.h diff | blob | blame | history
src/util-threshold-config.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git