doc: document drop-invalid option.

author Eric Leblond <eric@regit.org>

Mon, 5 Jun 2017 14:41:47 +0000 (16:41 +0200)

committer Victor Julien <victor@inliniac.net>

Tue, 6 Jun 2017 14:26:31 +0000 (16:26 +0200)
author Eric Leblond <eric@regit.org>
Mon, 5 Jun 2017 14:41:47 +0000 (16:41 +0200)
committer Victor Julien <victor@inliniac.net>
Tue, 6 Jun 2017 14:26:31 +0000 (16:26 +0200)
diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst

index 15bc00287b1fe27249b7f26105998201cb5f3aae..4aea0d27f751b1510596ab088e11f8f65f07ebac 100644 (file)
--- a/doc/userguide/configuration/suricata-yaml.rst
+++ b/doc/userguide/configuration/suricata-yaml.rst
@@ -1287,6 +1287,11 @@ anomalies in streams. See :ref:`host-os-policy`.
      midstream: false             # do not allow midstream session pickups
      async_oneside: false         # do not enable async stream handling
      inline: no                   # stream inline mode
+    drop-invalid: yes            # drop invalid packets
+
+The 'drop-invalid' option can be set to no to avoid blocking packets that are
+seen invalid by the streaming engine. This can be useful to cover some weird cases
+seen in some layer 2 IPS setup.
  
  **Example 11   Normal/IDS mode**
author	Eric Leblond <eric@regit.org>
	Mon, 5 Jun 2017 14:41:47 +0000 (16:41 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 6 Jun 2017 14:26:31 +0000 (16:26 +0200)