eve: fix stream payload logging wrong direction

In the EVE stream payload logging the IPS path logged the wrong dir.
Both IDS and IPS can take the same path as the detection engine
inspects in the same direction in both cases, so the alert is also
generated in the same direction.

Bug #1684

diff --git a/src/output-json-alert.c b/src/output-json-alert.c
index 5bfe562857c65ada82312b748733f1d17de3760b..32ec6c84985006c8ccbc88ef6261577e5438d03e 100644 (file)
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@@ -275,18 +275,10 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
 
                 MemBufferReset(payload);
 
-                if (!EngineModeIsIPS()) {
-                    if (p->flowflags & FLOW_PKT_TOSERVER) {
-                        flag = FLOW_PKT_TOCLIENT;
-                    } else {
-                        flag = FLOW_PKT_TOSERVER;
-                    }
+                if (p->flowflags & FLOW_PKT_TOSERVER) {
+                    flag = FLOW_PKT_TOCLIENT;
                 } else {
-                    if (p->flowflags & FLOW_PKT_TOSERVER) {
-                        flag = FLOW_PKT_TOSERVER;
-                    } else {
-                        flag = FLOW_PKT_TOCLIENT;
-                    }
+                    flag = FLOW_PKT_TOSERVER;
                 }
 
                 StreamSegmentForEach((const Packet *)p, flag,