exceptions: parse config values, don't post process

Get the enum values from the config file. Update the new extracted
functions. Post-process the config values based on runmode and policy.
Also handle 'auto' enum value in these.

Related to
Bug #5825

diff --git a/src/util-exception-policy.c b/src/util-exception-policy.c
index 6eb869be2ebe74c15684fdeb25d24cdbc4ba29b7..96a0d584e225fc69f98b3674a884963d18e13ae5 100644 (file)
--- a/src/util-exception-policy.c
+++ b/src/util-exception-policy.c
@@ -36,6 +36,8 @@ static const char *ExceptionPolicyEnumToString(enum ExceptionPolicy policy)
     switch (policy) {
         case EXCEPTION_POLICY_NOT_SET:
             return "ignore";
+        case EXCEPTION_POLICY_AUTO:
+            return "auto";
         case EXCEPTION_POLICY_REJECT:
             return "reject";
         case EXCEPTION_POLICY_BYPASS_FLOW:
@@ -67,6 +69,8 @@ void ExceptionPolicyApply(Packet *p, enum ExceptionPolicy policy, enum PacketDro
 {
     SCLogDebug("start: pcap_cnt %" PRIu64 ", policy %u", p->pcap_cnt, policy);
     switch (policy) {
+        case EXCEPTION_POLICY_AUTO:
+            break;
         case EXCEPTION_POLICY_NOT_SET:
             break;
         case EXCEPTION_POLICY_REJECT:
@@ -144,6 +148,8 @@ static enum ExceptionPolicy PickPacketAction(const char *option, enum ExceptionP
             break;
         case EXCEPTION_POLICY_NOT_SET:
             break;
+        case EXCEPTION_POLICY_AUTO:
+            break;
     }
     return p;
 }
@@ -153,13 +159,13 @@ static enum ExceptionPolicy ExceptionPolicyConfigValueParse(
 {
     enum ExceptionPolicy policy = EXCEPTION_POLICY_NOT_SET;
     if (strcmp(value_str, "drop-flow") == 0) {
-        policy = SetIPSOption(option, value_str, EXCEPTION_POLICY_DROP_FLOW);
+        policy = EXCEPTION_POLICY_DROP_FLOW;
     } else if (strcmp(value_str, "pass-flow") == 0) {
         policy = EXCEPTION_POLICY_PASS_FLOW;
     } else if (strcmp(value_str, "bypass") == 0) {
         policy = EXCEPTION_POLICY_BYPASS_FLOW;
     } else if (strcmp(value_str, "drop-packet") == 0) {
-        policy = SetIPSOption(option, value_str, EXCEPTION_POLICY_DROP_PACKET);
+        policy = EXCEPTION_POLICY_DROP_PACKET;
     } else if (strcmp(value_str, "pass-packet") == 0) {
         policy = EXCEPTION_POLICY_PASS_PACKET;
     } else if (strcmp(value_str, "reject") == 0) {
@@ -167,15 +173,11 @@ static enum ExceptionPolicy ExceptionPolicyConfigValueParse(
     } else if (strcmp(value_str, "ignore") == 0) { // TODO name?
         policy = EXCEPTION_POLICY_NOT_SET;
     } else if (strcmp(value_str, "auto") == 0) {
-        if (!EngineModeIsIPS()) {
-            policy = EXCEPTION_POLICY_NOT_SET;
-        } else {
-            policy = EXCEPTION_POLICY_DROP_FLOW;
-        }
+        policy = EXCEPTION_POLICY_AUTO;
     } else {
         FatalErrorOnInit(
                 "\"%s\" is not a valid exception policy value. Valid options are drop-flow, "
-                "pass-flow, bypass, reject, drop-packet, pass-packet or ignore.",
+                "pass-flow, bypass, reject, drop-packet, pass-packet, ignore or auto.",
                 value_str);
     }
 

diff --git a/src/util-exception-policy.h b/src/util-exception-policy.h
index 698e1ca54a678ac8cd122c09c1c54d0b05e8466b..7b27e132117d3d53c05e0a541eb19ff701d87378 100644 (file)
--- a/src/util-exception-policy.h
+++ b/src/util-exception-policy.h
@@ -26,6 +26,7 @@
 
 enum ExceptionPolicy {
     EXCEPTION_POLICY_NOT_SET = 0,
+    EXCEPTION_POLICY_AUTO,
     EXCEPTION_POLICY_PASS_PACKET,
     EXCEPTION_POLICY_PASS_FLOW,
     EXCEPTION_POLICY_BYPASS_FLOW,