detect: flow friendly error on hook incompatibility

author Philippe Antoine <pantoine@oisf.net>

Fri, 18 Apr 2025 11:46:27 +0000 (13:46 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 25 Apr 2025 07:51:48 +0000 (09:51 +0200)
author Philippe Antoine <pantoine@oisf.net>
Fri, 18 Apr 2025 11:46:27 +0000 (13:46 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 25 Apr 2025 07:51:48 +0000 (09:51 +0200)
diff --git a/src/detect-flow.c b/src/detect-flow.c

index d970f06854a856369d3743c9c400f31b691060fc..28c0cddf484bbbcff7c4fd7f95a5bd4df86037ee 100644 (file)
--- a/src/detect-flow.c
+++ b/src/detect-flow.c
@@ -397,6 +397,10 @@ int DetectFlowSetup (DetectEngineCtx *de_ctx, Signature *s, const char *flowstr)
                      "rule %u means to use both directions, cannot specify a flow direction", s->id);
              goto error;
          }
+        if (s->flags & SIG_FLAG_TOCLIENT) {
+            SCLogError("rule %u has flow to_server but a hook to_client", s->id);
+            goto error;
+        }
          s->flags |= SIG_FLAG_TOSERVER;
      } else if (fd->flags & DETECT_FLOW_FLAG_TOCLIENT) {
          if (s->flags & SIG_FLAG_TXBOTHDIR) {
@@ -404,6 +408,10 @@ int DetectFlowSetup (DetectEngineCtx *de_ctx, Signature *s, const char *flowstr)
                      "rule %u means to use both directions, cannot specify a flow direction", s->id);
              goto error;
          }
+        if (s->flags & SIG_FLAG_TOSERVER) {
+            SCLogError("rule %u has flow to_client but a hook to_server", s->id);
+            goto error;
+        }
          s->flags |= SIG_FLAG_TOCLIENT;
      } else {
          s->flags |= SIG_FLAG_TOSERVER;
author	Philippe Antoine <pantoine@oisf.net>
	Fri, 18 Apr 2025 11:46:27 +0000 (13:46 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 25 Apr 2025 07:51:48 +0000 (09:51 +0200)