Fix multiple modifications not having an affect.

In the case where multiple modifications changed a rule (drop included),
only the last modification took affect.

This is due to the modifications each being done on a clean version of
the rule, rather than the previously modified version of the rule.

Ticket #4259

diff --git a/suricata/update/main.py b/suricata/update/main.py
index 7d3b36648a589adbdffc69543184cdb275d631ed..4962786722f96e78b9fe25cc430860e71af26e1b 100644 (file)
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -1193,15 +1193,15 @@ def _main():
 
         for fltr in drop_filters:
             if fltr.match(rule):
-                rulemap[rule.id] = fltr.run(rule)
+                rule = fltr.run(rule)
                 drop_count += 1
 
         for fltr in modify_filters:
             if fltr.match(rule):
-                new_rule = fltr.run(rule)
-                if new_rule:
-                    rulemap[rule.id] = new_rule
-                    modify_count += 1
+                rule = fltr.run(rule)
+                modify_count += 1
+
+        rulemap[key] = rule
 
     # Check if we should disable ja3 rules.
     try: