Merge pull request #1872 in SNORT/snort3 from ~THOPETER/snort3:doc_detained_inspectio...

author Mike Stepanek (mstepane) <mstepane@cisco.com>

Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)

committer Mike Stepanek (mstepane) <mstepane@cisco.com>

Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)
author Mike Stepanek (mstepane) <mstepane@cisco.com>
Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)
committer Mike Stepanek (mstepane) <mstepane@cisco.com>
Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)
diff --git a/doc/http_inspect.txt b/doc/http_inspect.txt

index 740934f8fc3edacf4983e0a6852900860cf55b9f..bad2c291a469158dbfb598fb75dab969983cedda 100644 (file)
--- a/doc/http_inspect.txt
+++ b/doc/http_inspect.txt
@@ -99,18 +99,17 @@ depth parameter entirely because that is the default.
  These limits have no effect on how much data is forwarded to file
  processing.
  
-===== accelerated_blocking
+===== detained_inspection
  
-Accelerated blocking is an experimental feature currently under
-development. It enables Snort to more quickly detect and block response
-messages containing malicious JavaScript. As this feature involves
-actively blocking traffic it is designed for use with inline mode
-operation (-Q).
+Detained inspection is an experimental feature currently under development.
+It enables Snort to more quickly detect and block response messages
+containing malicious JavaScript. As this feature involves actively blocking
+traffic it is designed for use with inline mode operation (-Q).
  
  This feature only functions with response_depth = -1 (unlimited). This
  limitation will be removed in a future version.
  
-This feature is off by default. accelerated_blocking = true will activate
+This feature is off by default. detained_inspection = true will activate
  it.
  
  ===== gzip
author	Mike Stepanek (mstepane) <mstepane@cisco.com>
	Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)
committer	Mike Stepanek (mstepane) <mstepane@cisco.com>
	Tue, 3 Dec 2019 16:40:53 +0000 (16:40 +0000)