multi-detect: consider vlan tracking

Refuse to use vlan selector if vlan tracking is disabled.

diff --git a/src/detect-engine.c b/src/detect-engine.c
index 585e3f7c9f5b659c34fd2a29ddebca69b6fb2c84..04aad76745db3be6541f00152deae5569de87bfc 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -2067,6 +2067,15 @@ void DetectEngineMultiTenantSetup(void)
 
             if (strcmp(handler, "vlan") == 0) {
                 master->tenant_selector = TENANT_SELECTOR_VLAN;
+
+                int vlanbool = 0;
+                if ((ConfGetBool("vlan.use-for-tracking", &vlanbool)) == 1 && vlanbool == 0) {
+                    SCLogError(SC_ERR_INVALID_VALUE, "vlan tracking is disabled, "
+                            "can't use multi-detect selector 'vlan'");
+                    SCMutexUnlock(&master->lock);
+                    goto error;
+                }
+
             } else if (strcmp(handler, "direct") == 0) {
                 master->tenant_selector = TENANT_SELECTOR_DIRECT;
             } else {