#include "flow-private.h"
#include "util-profiling.h"
+#include "util-validate.h"
/** tag signature we use for tag alerts */
static Signature g_tag_signature;
SCLogDebug("packet %" PRIu64 " sid %u action %02x alert_flags %02x", p->pcap_cnt, s->id,
s->action, alert_flags);
- if (s->action & ACTION_DROP) {
+ /* REJECT also sets ACTION_DROP, just make it more visible with this check */
+ if (s->action & (ACTION_DROP | ACTION_REJECT_ANY)) {
+ /* PacketDrop will update the packet action, too */
PacketDrop(p, s->action, PKT_DROP_REASON_RULES);
if (p->alerts.drop.action == 0) {
if ((p->flow != NULL) && (alert_flags & PACKET_ALERT_FLAG_APPLY_ACTION_TO_FLOW)) {
RuleActionToFlow(s->action, p->flow);
}
+
+ DEBUG_VALIDATE_BUG_ON(!PacketTestAction(p, ACTION_DROP));
} else {
PACKET_UPDATE_ACTION(p, s->action);
}
-
pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED;
break;
case TH_ACTION_DROP:
- PacketDrop(p, new_action, PKT_DROP_REASON_RULES_THRESHOLD);
+ PacketDrop(p, ACTION_DROP, PKT_DROP_REASON_RULES_THRESHOLD);
pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED;
break;
case TH_ACTION_REJECT:
- PACKET_REJECT(p);
+ PacketDrop(p, (ACTION_REJECT | ACTION_DROP), PKT_DROP_REASON_RULES_THRESHOLD);
pa->flags |= PACKET_ALERT_RATE_FILTER_MODIFIED;
break;
case TH_ACTION_PASS:
projects / thirdparty / suricata.git / commitdiff
