exception: fix 'auto' for master switch in IDS

If the master exception policy was set to 'auto' in IDS mode, instead of
just setting the master switch to the default in this case, which is
'ignore', the engine would switch a warning saying that auto wasn't a
valid config and then set the policy to ignore.

This makes 'auto' work for the master switch in IDS, removes function
for setting IPS option and handles the valid IDS options directly from
the function that parses the master policy, as this was the only place
where the function was still called.

Bug #6149

(cherry picked from commit feb47f9a896b049694f7b5ab40365fab8bbe9d51)

diff --git a/src/util-exception-policy.c b/src/util-exception-policy.c
index a43e5fee24b84311a8feaebe494c8e16d79d301a..251183dafe958fdb84749849d5f67740d25962d5 100644 (file)
--- a/src/util-exception-policy.c
+++ b/src/util-exception-policy.c
@@ -142,17 +142,6 @@ static enum ExceptionPolicy PickPacketAction(const char *option, enum ExceptionP
     return p;
 }
 
-static enum ExceptionPolicy SetIPSOption(
-        const char *option, const char *value_str, enum ExceptionPolicy p)
-{
-    if (!EngineModeIsIPS()) {
-        SCLogWarning(SC_ERR_INVALID_VALUE, "%s: %s not a valid config in IDS mode. Ignoring it.",
-                option, value_str);
-        return EXCEPTION_POLICY_NOT_SET;
-    }
-    return p;
-}
-
 static enum ExceptionPolicy ExceptionPolicyConfigValueParse(
         const char *option, const char *value_str)
 {
@@ -199,10 +188,15 @@ static enum ExceptionPolicy ExceptionPolicyPickAuto(bool midstream_enabled, bool
 static enum ExceptionPolicy ExceptionPolicyMasterParse(const char *value)
 {
     enum ExceptionPolicy policy = ExceptionPolicyConfigValueParse("exception-policy", value);
-    policy = SetIPSOption("exception-policy", value, policy);
+    if (policy == EXCEPTION_POLICY_AUTO) {
+        policy = ExceptionPolicyPickAuto(false, true);
+    } else if (!EngineModeIsIPS() &&
+               (policy == EXCEPTION_POLICY_DROP_PACKET || policy == EXCEPTION_POLICY_DROP_FLOW)) {
+        policy = EXCEPTION_POLICY_NOT_SET;
+    }
     g_eps_have_exception_policy = true;
 
-    SCLogInfo("exception-policy set to: %s", ExceptionPolicyEnumToString(policy));
+    SCLogInfo("master exception-policy set to: %s", ExceptionPolicyEnumToString(policy));
 
     return policy;
 }